Not really a squid question persay... Any recommendations for ghosting a configured server? We are building 6 squid servers and it would be much simpler to ghost the first one and use that image for the rest. We use a ghost program for our windows servers but the last time I tried that on linux it wanted to make an image the same size of the harddrive due to something about it not recognizing unused file space. We'd be using this ghost image as disaster recovery too, if one of the boxes failed.
Thanks in advance Chris Perreault Webmaster/MCSE -----Original Message----- From: Adam Aube [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 14, 2004 11:40 AM To: [EMAIL PROTECTED] Subject: [squid-users] RE: Re: Encrypted traffic with proxy server? Chris Perreault wrote: > We've set up a reverse proxy with the --enable-ssl option. Our back > end webservers are http on port 80. Squid only accepts traffic from > port 443. The browsers are connecting to the proxy (run in > accelerator/reverse proxy > mode) All traffic between internet users and the proxy are ssl. From the > proxy to our web servers are not ssl. > > A proxy is not the same as a reverse proxy, although it is close. One > solution would be to have 2 squid boxes in a server room, where the > only sniffing that could be done would have to be done within the > server room. Configure one has a reverse proxy, sending all traffic to > the normal proxy. > > Student PC --> ssl connection--> squid as reverse proxy in server room > --> port 80 -->squid as proxy in server room --> internet webservers Ugh - that's a mess. If you have to use Squid in accelerator mode to get SSL support (which may be the case with Squid 2.5 - I know it's not with Squid 3), then it would be better just to run an instance of Stunnel (or similar) on the server, then have it forward requests to Squid over loopback. Client Browser -> Client Stunnel -> Server Stunnel -> Squid Adam
