Hi all,
I have a setup as follows:
[internet] -> [squid] -> [internal webserver]
the squid should work as a reverse proxy (accelerator) for the webserver.
The squid is listening on externalIP:80. The webserver is listening on
127.0.0.1:80
My squid.conf is as follows:
-- CUT --
http_port 83.221.136.66:80
httpd_accel_host 127.0.0.1
httpd_accel_port 80
cache_dir ufs /dev/shm/squid 100 16 256
httpd_accel_uses_host_header on
acl all src 0.0.0.0/0.0.0.0
http_access allow all
miss_access allow all
-- CUT --
Startup of squid seems to work fine:
-- CUT --
2005/12/05 10:16:51| Starting Squid Cache version 2.5.STABLE12 for
i386-debian-linux-gnu...
2005/12/05 10:16:51| Process ID 15397
2005/12/05 10:16:51| With 1024 file descriptors available
2005/12/05 10:16:51| DNS Socket created at 0.0.0.0, port 32797, FD 6
2005/12/05 10:16:51| Adding nameserver XXX.XXX.XXX.XXX from /etc/resolv.conf
2005/12/05 10:16:51| Adding nameserver XXX.XXX.XXX.XXX from /etc/resolv.conf
2005/12/05 10:16:51| User-Agent logging is disabled.
2005/12/05 10:16:51| Referer logging is disabled.
2005/12/05 10:16:51| Unlinkd pipe opened on FD 11
2005/12/05 10:16:51| Swap maxSize 102400 KB, estimated 7876 objects
2005/12/05 10:16:51| Target number of buckets: 393
2005/12/05 10:16:51| Using 8192 Store buckets
2005/12/05 10:16:51| Max Mem size: 8192 KB
2005/12/05 10:16:51| Max Swap size: 102400 KB
2005/12/05 10:16:51| Local cache digest enabled; rebuild/rewrite every
3600/3600 sec
2005/12/05 10:16:51| Rebuilding storage in /dev/shm/squid (DIRTY)
2005/12/05 10:16:51| Using Least Load store dir selection
2005/12/05 10:16:51| Current Directory is /
2005/12/05 10:16:51| Loaded Icons.
2005/12/05 10:16:51| Accepting HTTP connections at XXX.XXX.XXX.XXX, port 80,
FD 13.
2005/12/05 10:16:51| HTCP Disabled.
2005/12/05 10:16:51| WCCP Disabled.
2005/12/05 10:16:51| Ready to serve requests.
2005/12/05 10:16:51| Done reading /dev/shm/squid swaplog (4 entries)
2005/12/05 10:16:51| Finished rebuilding storage from disk.
2005/12/05 10:16:51| 4 Entries scanned
2005/12/05 10:16:51| 0 Invalid entries.
2005/12/05 10:16:51| 0 With invalid flags.
2005/12/05 10:16:51| 4 Objects loaded.
2005/12/05 10:16:51| 0 Objects expired.
2005/12/05 10:16:51| 0 Objects cancelled.
2005/12/05 10:16:51| 0 Duplicate URLs purged.
2005/12/05 10:16:51| 0 Swapfile clashes avoided.
2005/12/05 10:16:51| Took 0.3 seconds ( 14.7 objects/sec).
2005/12/05 10:16:51| Beginning Validation Procedure
2005/12/05 10:16:51| Completed Validation Procedure
2005/12/05 10:16:51| Validated 4 Entries
2005/12/05 10:16:51| store_swap_size = 16k
2005/12/05 10:16:52| storeLateRelease: released 0 objects
-- CUT --
The problem is that all requests to the webserver are denied:
-- CUT --
1133774372.947 0 xx.xx.xx.xx TCP_DENIED/403 1415 GET
http://my.domain.name/ - NONE/- text/html
1133774372.948 1 yy.yy.yy.yy TCP_MISS/403 1505 GET
http://my.domain.name/ - DIRECT/xx.xx.xx.xx text/html
-- CUT --
The weird thing is that it works fine if the webserver runs on port 81
instead of 80 and (eg. squid sends requests to 127.0.0.1:81 instead of
127.0.0.1:80)
What am I missing in my configuration?
Regards
-- Lasse Laursen · VP, Hosting Technology NetGroup Processing Aps Phone: +45 3370 1526 · Fax: +45 3313 0066Received on Mon Dec 05 2005 - 02:28:35 MST
This archive was generated by hypermail pre-2.1.9 : Sat Dec 31 2005 - 12:00:02 MST