Re: squidclient and PROXY procotol enabled http_port (solved)

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Re: squidclient and PROXY procotol enabled http_port (solved)

Rafael Akchurin
Hello Amos, Eliezer and all,

Thanks a lot for your ideas/suggestions. Decided to go easy way:


-         added another "http_port 127.0.0.1:3128" directive to squid.conf (without require-proxy-header option)

-         directed squidclient binary to use it

Hope no side effects from this configuration.

Best regards,
Rafael Akchurin
Diladele B.V.

--
Please take a look at https://www.diladele.com - ICAP web filtering plugin for Squid proxy.


From: Rafael Akchurin
Sent: Saturday, April 14, 2018 10:14 AM
To: squid-users ([hidden email]) <[hidden email]>
Subject: squidclient and PROXY procotol enabled http_port

Greetings to everyone,

I have the following deployment:

-         Several Squid nodes configured with "http_port 3128 require-proxy-header"

-         One haproxy what relays TCP connections to nodes

-         squidclient that is run on each node manually

Browsers pointing to haproxy are correctly serviced by Squid nodes. Everything works as expected.
But trying to run squidclient to get mgr:idns results in the following.

    squidclient -v mgr:idns -h 127.0.0.1 -p 3128
    Request:
    GET 3128 HTTP/1.0
    User-Agent: squidclient/3.5.23
    Accept: */*
   Connection: close

Cache_log inidicates:
2018/04/14 10:04:38 kid1| PROXY client not permitted by ACLs from local=[::1]:3128 remote=[::1]:38854 FD 21 flags=1

That is good and fine; but after adding 127.0.0.1 into proxy_protocol_access directive error changes into:

2018/04/14 10:10:10 kid1| PROXY protocol error: invalid header from local=127.0.0.1:3128 remote=127.0.0.1:36648 FD 23 flags=1

Question
------------
Is it possible to ask squidclient to prepend the PROXY header to its request?



_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users

winmail.dat (30K) Download Attachment