[squid-users] Configuration for cache_peer doesn't work
salil GK
gksalil at gmail.com
Thu Jan 19 15:39:16 UTC 2017
Hello
I am new to squid and I have a use case that I need to configure a
forward proxy with squid. But there will be two squid servers chained to
isolate the networks. So when client machine wanted to access some internet
site, they will specify proxy as my first squid server. This proxy in turn
will forward the packet to squid server 2 and from there traffic will be
forwarded to origin server and response will come through the same path.
I could achieve this by configuring cache_peer.
>>>>> configuration in SquidServer1
http_port 3223
include "/etc/squid3/blockedhosts.lst"
http_access allow all
cache_peer 10.106.251.90 parent 3223 0 no-query default
<<<<<
So this will forward packets to SquidServer2 ( 10.106.251.90 ) and then
will be forwarded further from there to origin server
Now I want to make ssl connection between SquidServer1 and SquidServer2.
I tried the following line for cache_peer
>>>>
cache_peer 10.106.251.90 parent 3223 0 no-query default ssl
sslcert="/tmp/server_90.pem" sslkey="/tmp/privkey_90.pem"
<<<<<
But this doesn't work.
when I try to start quid - it gives the following error
>>>>>>
~ # /usr/sbin/squid3 -N -Y -d 5 -f /tmp/minsquid.conf
2017/01/19 21:04:24| parse_peer: token='ssl'
FATAL: Bungled minsquid.conf line 12: cache_peer 10.106.251.90 parent 3223
0 no-query default ssl sslcert="/tmp/server_90.pem"
sslkey="/tmp/privkey_90.pem"
Squid Cache (Version 3.1.19): Terminated abnormally.
CPU Usage: 0.004 seconds = 0.004 user + 0.000 sys
Maximum Resident Size: 28224 KB
Page faults with physical i/o: 0
<<<<<<
what could be the issue .
-----
In SquidServer2 I think I need to specify https port for the client to
access. I have put this line in config file
>>>>>
https_port 3224 cert=self_s_cert.pem key=key.pem
<<<<<
There while executing squid, getting the following error
>>>>
~ # /usr/sbin/squid3 -N -Y -d 5 -f /tmp/minsquid.conf
2017/01/19 15:37:40| cache_cf.cc(381) parseOneConfigFile: minsquid.conf:4
unrecognized: 'https_port'
<<<<
Thanks
~S
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20170119/474f9848/attachment.html>
More information about the squid-users
mailing list