On 21/06/11 17:20, Sean SPALDING wrote:
> Hi all,
>
> I'm running squid/2.6.STABLE21 behind an SSL offload appliance on port 8443 as an application accelerator.
>
> squid.conf:
> http_port 10.67.124.57:80 accel vhost protocol=http
> http_port 10.67.124.57:8443 accel vhost protocol=http
> cache_peer 127.0.0.1 Parent 80 0 no-query no-digest default login=PASS originserver
>
> It's rewriting the Host header of requests and adding the port number to the URL, eg. Host: myvhostname.com:8443. This is breaking the app behind it.
>
> Note, url_rewrite_host_header is set to off.
>
> Any ideas what's causing this behaviour? It's only happening in our QA env and is working fine in PROD with an identical squid version and config.
>
In order for requests to arrive in "http_port 10.67.124.57:8443" they
have to have port ":8443" as the destination port. Since origin requests
have the domain:port part in the Host: header AND it is not the default
port for HTTP that is where Squid places it.
If you want Squid to fake the arriving port back to 80 use "vport=80" on
the http_port 8443 line.
If you find it is happening on requests arriving in the http_port 80
line that is a bug. Please try and replicate it on a current release of
Squid.
Amos
-- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.12 Beta testers wanted for 3.2.0.9 and 3.1.12.3Received on Tue Jun 21 2011 - 08:52:36 MDT
This archive was generated by hypermail 2.2.0 : Wed Jun 22 2011 - 12:00:03 MDT