Markus Meyer wrote:
Chris Robertson schrieb:
Hi Chris,

What do you *want* to do?

Yeah right. I'm confused. So I try it again. My Squid is "myproxy" and
is an accelerator proxy for two webservers "jallah.image" and
"kalimba.image". Both webservers have completely different content and I
need to find a way to distinguish the client-requests.

I can tell the clinets what to request. Content from "jallah.image"
comes via http://myproxy/jallah_img/whatever.jpg and content for
"kalimba.image" comes via http://myproxy/kalimba_img/blubba.jpg. So I
could catch those with ACLs and url_regex.
But when my proxy forwards the request as they are it won't work. So I
have to rewrite the URL from http://myproxy/kalimba_img/blubba.jpg to
http://myproxy/blubba.jpg.

I tried this with the following configuration:
cache_peer jallah.image parent 80 0 no-query no-digest originserver
cache_peer kalimba.image parent 80 0 no-query no-digest originserver
# jallah ACL
acl jallah urlpath_regex ^/jallah_img
cache_peer_access jallah.image allow jallah
cache_peer_access kalimba.image deny jallah
# kalimba ACL
acl kalimba urlpath_regex ^/kalimba_img
cache_peer_access kalimba.image allow kalimba
cache_peer_access jallah.image deny kalimba
url_rewrite_program /rewrite.pl

Here code of rewrite.pl:
#!/usr/bin/perl
$|=1;
while (<>) {
        # jallah
        s@/jallah_img@@;
        # kalimba
        s@/kalimba_img@@;
        print;
}

But this doesn't work because I think that the url_rewrite_program
program runs before the ACLs.

Sort of. There are http_access rules (which check the pre-rewrite request) and http_access2 rules* (which check the port-rewrite request) but only one cache_peer_access, which matches the post-rewrite request. Interesting.

 With the above setup I tested with
requests for both webservers, http://myproxy/kalimba_img/blubba.jpg and
http://myproxy/jallah_img/whatever.jpg, and "myproxy" always asked the
first listed peer "jallah.image".

Here's what I would do to work around this quirk (since you don't want to have a separate externally accessible sub domain per server)...

cache_peer jallah.image parent 80 0 no-query no-digest originserver
cache_peer kalimba.image parent 80 0 no-query no-digest originserver
# rewrite ACL
acl rewrite urlpath_regex ^/(jallah|kalimba)_img
# jallah ACL
acl jallah dstdomain jallah.image
cache_peer_access jallah.image allow jallah
cache_peer_access jallah.image deny all
# kalimba ACL
acl kalimba dstdomain kalimba.image
cache_peer_access kalimba.image allow kalimba
cache_peer_access kalimba.image deny all
url_rewrite_program /rewrite.pl
url_rewrite_access allow rewrite

...with rewrite.pl looking something like...

#!/usr/bin/perl
$|=1;
while (<>) {
       # jallah
       m@/jallah_img/@ && s...@myproxy@jallah.image@ && s@/jallah_img@@;
       # kalimba
       m@/kalimba_img/@ && s...@myproxy@kalimba.img@ && s@/kalimba_img@@;
       print;
}

...so you are rewriting the destination domain (which you can then use to control which cache_peer is accessed) and removing the extraneous directory.

Hope this time I did a better job in explaining...

Much.  Hopefully I did a decent job of crafting a workable solution.

Cheers,
       Markus

Chris

* Only in Squid 2.6, 2.7 and 2.HEAD

Reply via email to