> -----Original Message----- > From: Discussion Lists [mailto:[EMAIL PROTECTED] > Sent: Friday, January 14, 2005 8:59 AM > To: [email protected] > Subject: [squid-users] Redirecting internal sites problem > > > All, > I have squid set up to reverse-proxy a bunch of our internal websites to > the Internet. I have listed all of the ones I want reverse-proxied in > the httpd_accel_host line and everything seems to work great. Squid > however, is reverse-proxying a host that I don't want it to, and I think > it is because that host is available through DNS. Here are the rest of > the options I specified: > > Httpd_accl_port 80 > Httpd_accel_single_host off > Httpd_accel_with_proxy on > Httpd_accel_uses_host_header on > > Since the servers have non-routable IP's, Squid is using our internal > DNS servers (split DNS) to resolve the internal IP's to the external > names). It is entirely likely that I bungled something above. Could > any of you help me? > > Thanks!
It looks to me like you need some acls preventing your proxy from being used as an open relay. Something along the lines of: acl accel_hosts dstdomain "/path/to/text/file" http_access allow accel_hosts http_access deny all The text file mentioned would list the hosts that you wish to accelerate, one per line. I have never set up a reverse-proxy, so it's very likely these acls are incorrect, or non-optimal for this situation... Chris
