Review your favorite Linux distribution.
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 06-12-2010, 05:55 AM   #1
Mustafa Ismail Mustafa
Registered: Nov 2009
Location: Amman, Jordan
Distribution: Ubuntu 10.04, CentOS 5.5, FreeBSD 7.2, Debian Squeeze, PC-BSD 8
Posts: 44

Rep: Reputation: 0
Squid as a reverse proxy, acl problems

OK, bear with me, because the explanation will drone for a bit. I have looked at other posts, but they don't really answer my question.

I have a network that is mostly Windows based, but with several Linux & BSD stations and essentially all our servers are CentOS 5.3 with some other network based knick-knacks.

Now, we have only one static IP to the internet but subdomains galore.

Our firewall is PFsense (which rocks the socks off of anything else I've tried and I've been around that block a few times)

Now, what I'd like is to be able to route requests to different based on the URL, hence the use of squid as a reverse proxy.



Surveillance/DVR -----------------------
( |
Web ------------------------------- PFsense ---------------------------- WAN (Single IP)
(Squid enabled)
( |
Email (OWA) ---------------------------|


Of course, the LAN is larger than that, but it gives you the idea. The subnets in range are with all intervening subnets being /24.

Now, I'd like to set it up so that someone from outside the firewall would navigate to (which externally resolves correctly to our IP address) and then gets routed by squid to the surveillance server. OF course, this same has to apply both internally and externally (LAN & WAN).

I've tried several acl combinations, but I may be really thick, but I can't figure out what I'm doing wrong.

My current acl structure is:

acl camera dstdomain surveillance.netvareas.local
acl surveillance dst
http_access allow camera AND surveillance
I appreciate the help.
Old 06-12-2010, 08:29 PM   #2
Senior Member
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Scientific Linux, Debian, Fedora
Posts: 3,935
Blog Entries: 5

Rep: Reputation: Disabled
[ caveat: I regularly work with squid http proxy, and with reverse proxy servers, but I've not worked with squid in a reverse proxy configuration. ]

In reviewing the squid docs, that doesn't look quite right to me. Please read:


acl, squid

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Squid 2.6 Reverse Proxy from Squid(3128) to OrginServer(80) Not working rraj Linux - Server 0 06-06-2008 03:29 PM
Squid Proxy Server - Cannot Add ACL tzh Linux - Software 1 08-03-2007 02:52 AM
Squid as Reverse Proxy and LAN proxy? zivota Linux - Security 2 02-26-2007 06:00 PM
I want to by pass my proxy server's ACL i.e squid aTkAl^^PiTcHu Linux - Software 4 09-06-2006 03:16 PM
acl with hostname in squid proxy jomy Linux - Networking 1 11-20-2004 09:26 AM > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 03:34 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration