0

I need to locate a Squid instance as a forward proxy behind Apache 2.4.6. I don't have enough credits to add inline images. But here it is

As Squid3.3 listens on localhost:3128 and works OK with default config, I have this configuration vhost config for Apache:

<VirtualHost example.com:443>
    SSLEngine on
       [cert file config]
    ServerName example.com
    DocumentRoot /var/www
    ProxyRequests Off
    ProxyVia Off
    ProxyRemote * http://127.0.0.1:3128
    LogLevel debug
    ErrorLog /var/log/apache2/tunnel_error.log
    CustomLog /var/log/apache2/tunnel_access.log combined
</VirtualHost>

However my proxy requests are not processed through Squid 3.3 anyhow.

I have ran into a lot of articles around the web explaining caching in front of Apache, however, (maybe I missed) I need Apache to be welcoming CONNECT requests and passing to Squid.

Do you have any idea how to do the configuration?

.

.

Edit

Trying with proxypass 

    ProxyRequests Off
    ProxyVia Off
    ProxyPass http://127.0.0.1:3128/
    ProxyPassReverse http://127.0.0.1:3128/

Apache seems to redirect my request to Squid semi-well. Because Squid this time warns me with:

ERROR

The requested URL could not be retrieved
The following error was encountered while trying to retrieve the URL: /
    "Invalid URL"
Some aspect of the requested URL is incorrect.
Some possible problems are:
    * Missing or incorrect access protocol (should be http:// or similar)
    * Missing hostname
    * Illegal double-escape in the URL-Path
    * Illegal character in hostname; underscores are not allowed.
Your cache administrator is webmaster.

Because it seems like Squid thinks I would like to get http://icanhazip.com as a page from my own server. (Or am I mistaken?)

==> apache access log <==
1.1.1.1.myip - - [03/Apr/2014:23:33:26 +0300] "GET http://icanhazip.com/ HTTP/1.1" 400 2006 "-" "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.154 Safari/537.36"
==> squid3 access.log <==
1396557520.935      0 127.0.0.1 NONE/400 2006 GET / - HIER_NONE/- text/html

. .

Edit 2 - The Diagram

Disred solution would be like:

1) Since I couldnot still find a way out. I would like to improve the question as suggested with a diagram.

2) I have noticed while examining the headers that 

GET /
Host: yahoo com

which is passed from Apache to Squid should be 

GET http:\\yahoo.com

for instance to be able to work this out.

Diagram URL is at top.

Improve this question
6
  • I'm not completely sure as to what you're trying to achieve, but you're not actually making Apache proxy anything. You need something like ProxyPass.
    – Daniel B
    Commented Apr 3, 2014 at 20:27
  • I have put that details in the edit.
    – JSBach
    Commented Apr 3, 2014 at 20:40
  • Well that can't work either, naturally. A forward proxy is not a web server. Instead, please describe what you're trying to accomplish.
    – Daniel B
    Commented Apr 4, 2014 at 6:15
  • I can comply with this not being a standard scenario such that APACHE is in front of SQUID. SQUID is not a web server, but though is a forward proxy with limited support to SSL handling. You cannot enable SQUID with multiple SSL domains with one instance. And there are other things too. So this is what I try to do. APACHE to transparently pass my requests to/from SQUID.
    – JSBach
    Commented Apr 8, 2014 at 6:45
  • Are you sure you even want a forward proxy? You still haven't described your project in its entirety. It's very important to do so. With diagrams please. Otherwise, nobody will be able to help you.
    – Daniel B
    Commented Apr 8, 2014 at 6:52

1 Answer 1

Reset to default
0

combination of ProxyRemote * http://localhost:3128 with RewriteRule ^/(.*)$ http://$1 [P,L] solved a similar problem for me.

Improve this answer
4
  • I will give it a try soon
    – JSBach
    Commented Sep 2, 2014 at 12:37
  • I have tried but didnot work either. I suppose it's better to use the way this guy does and connection would be this way: incoming > squid > nginx (as youtube downloader ie.) > apache (as dynamic web handler ie.) > response.
    – JSBach
    Commented Sep 8, 2014 at 8:13
  • I needed a reverse proxy before squid. The problem is that squid for some reason couldn't handle request like that: installer:9999/security.ubuntu.com/ubuntu/dists/trusty-security/…, with the help of mod_rewrite and mod_proxy It could rewrite requests ( basically strip slash in the beginning ) and then squid accepts them. here is the short article: male.donotuse.de/gblog/posts/squid-deb-proxy-frontend , your problem seem to be more complicated.
    – mestia
    Commented Sep 10, 2014 at 18:57
  • I have found the problem. It's all about the "GET" command in header. It should be with hostname but it's not. It's just "GET /" instead of "GET blabla.com". (ssl is not on yet)
    – JSBach
    Commented Sep 12, 2014 at 20:43

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .