Re: [squid-users] Reverse proxy: destination hostname different from real hostname

From: Roberto Carna <robertocarna36_at_gmail.com>
Date: Thu, 29 May 2014 23:53:00 -0300

Dear Amos and all, thanks for your response, but I need your last help
please. I can't understand at all what you say, so I show you the main
lines of squid.conf:

https_port 443 cert=/etc/squid3/ssl/server.crt
key=/etc/squid3/ssl/server.key defaultsite=server.company.com vhost

cache_peer 1.1.1.1 parent 443 0 no-query originserver ssl
sslflags=DONT_VERIFY_PEER login=PASS name=owaServer

acl OWA dstdomain mail.entreprise.com

cache_peer_access owaServer allow OWA

And in my DNS I have these entries:

server.company.com A IP_Reverse_Proxy

mail.entreprise.com A IP_Mail_Server

There are lots of clients machines that have server.company.com
hardcoded in /etc/hosts and I can't go to them in order to change this
line to mail.enterprise.com.

Is it possible or what do I have to edit ???

Special thanks again,

Roberto

2014-05-29 23:02 GMT-03:00 Amos Jeffries <squid3_at_treenet.co.nz>:
> On 30/05/2014 1:35 p.m., Sipos Ferenc wrote:
>> Hi,
>>
>> url_rewrite is good solution, too.
>>
>>
>> Regards,
>> Sipi
>>
>> On 2014-05-29 22:15, Sipos Ferenc wrote:
>>> Hi,
>>>
>>> I beleive you are looking for this:
>>> http://www.squid-cache.org/Doc/config/request_header_replace/
>>> (replace the host header)
>>>
>
> Neither of the above is what he is asked about though.
>
> dstdomain (and DNS entries) are about the traffic received from the
> client, not the outgoing traffic from Squid.
>
>
> "The right Way" is to virtual host. The current releases of Squid do
> that already by default, older versions require vhost parameter on
> http_port. Squid will pass the virtual hosted domain name straight
> through to the backend server for proper handling.
>
> If the backend server is not able to cope with virtual hosting, then the
> forcedomain parameter on cache_peer can be used. But note that this
> parameter has (most of) the same problems and limitations as URL re-writing.
>
> Amos
>
>
>>> On 2014-05-29 21:47, Roberto Carna wrote:
>>>> Dear, suppose I have a web server with a DNS hostname
>>>> "server.company.com" I want to access, is it possible to setup
>>>> squid.conf for a reverse mode that uses "alias-server.company.com" as
>>>> dstdomain ??? Or do I have to use the DNS hostname mandatory ???
>>>>
>>>> Special thanks,
>>>>
>>>> Roberto
>>>>
>>>
>>
>
Received on Fri May 30 2014 - 02:53:08 MDT

This archive was generated by hypermail 2.2.0 : Sat May 31 2014 - 12:00:07 MDT