[squid-users] About Squid settings How can I restrict Docker container access with Squid and refer to the host name written in /etc/hosts instead of the external DNS?
Amos Jeffries
squid3 at treenet.co.nz
Sat Jun 24 12:20:58 UTC 2023
On 23/06/23 19:45, kaga optim wrote:
>
> I want to access the URL of the actual site in the test environment that
> I do not want to connect to the production environment.
> Specifically, I want to be able to control it with a file like /etc/hosts.
>
Looking ahead at the end of your message it seems that you have
misinterpreted some advice you have been given elsewhere:
> what i want to do
>
> ・If you want to access the https://AAA.optim.co.jp/
> <https://AAA.optim.co.jp/> site via Squid, you want to refer to
> /etc/hosts of your own host instead of DNS.
> In short, in case of access to a specific domain, can't it be separated
> so that it refers to the hosts file without using DNS?
> Is it possible to divide the reference destination of name resolution
> for each domain in Squid? about it.
FYI, the /etc/hosts file is part of your machines DNS configuration. So
the answer to those questions are both "NO".
However, they are wrong questions to be asking.
> ----
> Example: AAA.optim.co.jp <http://AAA.optim.co.jp> is actually registered
> in DNS, so
> The IP address of the production AAA.optim.co.jp
> <http://AAA.optim.co.jp> site is referenced.
> Therefore, I am trying to rewrite the hosts file on the docker container
> server.
>
> ### For AAA.optim.co.jp <http://AAA.optim.co.jp>, set to refer to your
> own server
> $ docker exec -it ci_app_1 bash
> # vi /etc/hosts
> 172.17.0.1 AAA.optim.co.jp <http://AAA.optim.co.jp>
>
Place that change in the /etc/hosts file of whatever machine you will be
using to contact Squid. Not in the Squid docker container.
The IP address in that /etc/hosts file should be the Squid listening
address/port.
FWIW, The entire (and only) purpose of that /etc/hosts record is to make
your machines Browser (and etc) reach Squid instead of the Internet
production server.
The Squid wiki has the squid.conf settings you need:
For port-80 (http://) see
<https://wiki.squid-cache.org/ConfigExamples/Reverse/BasicAccelerator>.
For port-443 (https://) see
<https://wiki.squid-cache.org/ConfigExamples/Reverse/HttpsVirtualHosting>
HTH
Amos
More information about the squid-users
mailing list