RE: [squid-users] Squid2.4 & /etc/hosts

From: Jay Turner <[email protected]>
Date: Wed, 5 Feb 2003 09:02:45 +0800

But it is maintained by Red Hat who backport any security patches to the 2.4
version they ship with 7.3.

If you could please re-read my post you will note that I have recompiled
with --disable-internal-dns and it successfully references /etc/hosts for
http:// pages. My question relates to https:// pages and having squid do a
local lookup from somewhere for the IP address rather than fetching it from
the DNS (as it does with /etc/hosts for http:// requests).

Regards
Jay

-----Original Message-----
From: Henrik Nordstrom [mailto:hno@squid-cache.org]
Sent: Tuesday, 4 February 2003 6:54 PM
To: jturner@bsis.com.au
Cc: squid-users@squid-cache.org
Subject: RE: [squid-users] Squid2.4 & /etc/hosts

I would recommend upgrading to Squid-2.5.. Squid-2.4 is no longer
maintained or bugfixed by the Squid developers, and Squid-2.5 supports
/etc/hosts (squid-2.4 does not unless compiled with
--disable-internal-dns)

Regards
Henrik

tis 2003-02-04 klockan 10.19 skrev Jay Turner:
> Hi All,
>
> I have resolved this issue I posted about last week by simply rebuilding
the
> RedHat src RPM with --disable-internal-dns.
>
> I have now added the internal IP address of the web server to the proxy
> servers /etc/hosts file and all is well. The proxy connects to the
internal
> address of the proxy and not the outside real world address as provided by
a
> regular DNS lookup.
>
> The webserver is also listening on port 443 for a webmail connection. When
a
> user requests https://webmail.company.com the DNS server returns the
outside
> world IP address. Again squid needs to point to the internal IP address of
> this server for these requests.
>
> I tried adding webmail.company.com to /etc/hosts but this only resolves
when
> you enter http://webmail.company.com but it sends the request to port 80
and
> thus the standard webserver returns the results not the webmail listening
on
> 443. When entering https://webmail.company.com it continues to use the
> address provided by the DNS server.
>
> Is there a way I can get this to work as required.
>
> Adding the webmail address to the company internal DNS server has been
ruled
> out by the company's tech staff.
>
> Thanks
> Jay
>
> -----Original Message-----
> From: Jay Turner [mailto:jturner@bsis.com.au]
> Sent: Wednesday, 29 January 2003 11:58 AM
> To: squid-users@squid-cache.org
> Subject: [squid-users] Squid2.4 & /etc/hosts
>
>
> Hi All,
>
> I am after some clarification regarding Squid-2.4.STABLE6-6.7.3 and the
use
> of /etc/hosts.
>
> One of our proxies needs to access a webserver via it's internal address
> rather than its world DNS address.
> I have added the required information to /etc/hosts, confirmed
nsswitch.conf
> is checking files before DNS and restarted squid but it does not seem to
be
> taking.
>
> I have a Squid 2.5 box that uses the host_file attribute in squid.conf and
> it works no worries and I am able to see the listing via cachemgr under
FQDN
> Cache Statistics.
>
> This information is not present in the 2.4STABLE6 version.
>
> Trawling the archives I found this post from Henrik:
>
> "Squid-2.3 defaults to use an internal DNS client implementation, talking
> directly to your DNS server.
>
> Squid-2.4 too defaults to using an internal DNS client, but reads
> /etc/hosts on startup (I think, or maybe this is only in Squid-2.5?).
>
> --
> Henrik Nordstrom"
>
> Is this actually the case? It appears not in my testing. Is there a way I
> can add something to the Internal DNS that squid 2.4 uses?
>
> I realise that I can recompile Squid2.4 with --disable-internal-dns, but
> this is a production machine so re-compiling and upgrading to 2.5 are not
an
> option at this point. The network configuration in which the server sits
> uses an unusual setup whereby adding an entry to the local DNS server in
the
> network is not an option. I really require a solution that can be
> implemented on the Squid server.
>
> All advice appreciated
>
> Regards
> Jay
>

--
Henrik Nordstrom <hno@squid-cache.org>
MARA Systems AB, Sweden
Received on Tue Feb 04 2003 - 17:57:37 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:13:14 MST