Markus Meyer wrote:
> Chris Robertson schrieb:
>
>
> Hi Chris,
>
>
>> What do you *want* to do?
>>
>
> Yeah right. I'm confused. So I try it again. My Squid is "myproxy" and
> is an accelerator proxy for two webservers "jallah.image" and
> "kalimba.image". Both webservers have completely different content and I
> need to find a way to distinguish the client-requests.
>
> I can tell the clinets what to request. Content from "jallah.image"
> comes via http://myproxy/jallah_img/whatever.jpg and content for
> "kalimba.image" comes via http://myproxy/kalimba_img/blubba.jpg. So I
> could catch those with ACLs and url_regex.
> But when my proxy forwards the request as they are it won't work. So I
> have to rewrite the URL from http://myproxy/kalimba_img/blubba.jpg to
> http://myproxy/blubba.jpg.
>
> I tried this with the following configuration:
> cache_peer jallah.image parent 80 0 no-query no-digest originserver
> cache_peer kalimba.image parent 80 0 no-query no-digest originserver
> # jallah ACL
> acl jallah urlpath_regex ^/jallah_img
> cache_peer_access jallah.image allow jallah
> cache_peer_access kalimba.image deny jallah
> # kalimba ACL
> acl kalimba urlpath_regex ^/kalimba_img
> cache_peer_access kalimba.image allow kalimba
> cache_peer_access jallah.image deny kalimba
> url_rewrite_program /rewrite.pl
>
> Here code of rewrite.pl:
> #!/usr/bin/perl
> $|=1;
> while (<>) {
> # jallah
> s@/jallah_img@@;
> # kalimba
> s@/kalimba_img@@;
> print;
> }
>
> But this doesn't work because I think that the url_rewrite_program
> program runs before the ACLs.
Sort of. There are http_access rules (which check the pre-rewrite
request) and http_access2 rules* (which check the port-rewrite request)
but only one cache_peer_access, which matches the post-rewrite request.
Interesting.
> With the above setup I tested with
> requests for both webservers, http://myproxy/kalimba_img/blubba.jpg and
> http://myproxy/jallah_img/whatever.jpg, and "myproxy" always asked the
> first listed peer "jallah.image".
>
Here's what I would do to work around this quirk (since you don't want
to have a separate externally accessible sub domain per server)...
cache_peer jallah.image parent 80 0 no-query no-digest originserver
cache_peer kalimba.image parent 80 0 no-query no-digest originserver
# rewrite ACL
acl rewrite urlpath_regex ^/(jallah|kalimba)_img
# jallah ACL
acl jallah dstdomain jallah.image
cache_peer_access jallah.image allow jallah
cache_peer_access jallah.image deny all
# kalimba ACL
acl kalimba dstdomain kalimba.image
cache_peer_access kalimba.image allow kalimba
cache_peer_access kalimba.image deny all
url_rewrite_program /rewrite.pl
url_rewrite_access allow rewrite
...with rewrite.pl looking something like...
#!/usr/bin/perl
$|=1;
while (<>) {
# jallah
m@/jallah_img/@ && s_at_myproxy@jallah.image@ && s@/jallah_img@@;
# kalimba
m@/kalimba_img/@ && s_at_myproxy@kalimba.img@ && s@/kalimba_img@@;
print;
}
...so you are rewriting the destination domain (which you can then use
to control which cache_peer is accessed) and removing the extraneous
directory.
> Hope this time I did a better job in explaining...
>
Much. Hopefully I did a decent job of crafting a workable solution.
> Cheers,
> Markus
>
Chris
* Only in Squid 2.6, 2.7 and 2.HEAD
Received on Wed Apr 29 2009 - 21:00:52 MDT
This archive was generated by hypermail 2.2.0 : Thu Apr 30 2009 - 12:00:03 MDT