Squid...a firewall..and virtual hosts

From: Martijn Spronk <[email protected]>
Date: Tue, 16 Jun 1998 10:18:38 -0700

I have a question about the use of Squid to allow outside users to see
websites inside the firewall.

We have a setup where we have virtual sites hosted by a few machines,
where the sites
all have one IP address but are distinguished by the hostname (so the
webserver has to
get the actual hostrequest to figure out which site to server, pretty
common i think).
These sites are set up inside the firewall (set up on a linux machine).
Now we want to
add the Squid proxy to a machine outside the firewall, to be able to
serve the secure sites
to the inside world.
So the way we want to enable the websites to be seen is:
for example www.columbus-group.com points to the ip address of the
proxy, the proxy
will go through the firewall (which has a hole in there to enable only
the proxy server to
go through), and from there on to the correct machine inside the secure
area.
Our main concern is. Will the actual hostname of the URL request, be
lost in the path
through the firewall?? Cause in that case, if the proxy for example
changes it to a request
to the firewall, the virtual server wouldnt be able to distinquish the
request (that seems to be coming
from the firewall) between www.columbus-group.com and
demo.columbus-group.com, cause they
would both be translated to firewall.columbus-group.com by Squid?,
since they are both hosted on the same machine with the same IP inside
the firewall.

Any thoughts about this setup, has anyone used Squid this way before and

has any experience
with it? Is it possible to set Squid up on the firewall itself, to save
ourself a machines, and maybe even
improve overall performance?

Regards, Martijn

--
*  - = =  Martijn Spronk  = = -  *
Columbus    Group   Communications
Vancouver, B.C.,            Canada
TalkTo : 604.801.5758 XTension 248
FaxTo  : 604.801.5785
MailTo : spronk@columbus-group.com

Received on Tue Jun 16 1998 - 10:19:32 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:40:43 MST