Markus Meyer wrote:
Chris Robertson schrieb:
Hi Chris,
What do you *want* to do?
Yeah right. I'm confused. So I try it again. My Squid is "myproxy" and
is an accelerator proxy for two webservers "jallah.image" and
"kalimba.image". Both webservers have completely different content and I
need to find a way to distinguish the client-requests.
I can tell the clinets what to request. Content from "jallah.image"
comes via http://myproxy/jallah_img/whatever.jpg and content for
"kalimba.image" comes via http://myproxy/kalimba_img/blubba.jpg. So I
could catch those with ACLs and url_regex.
But when my proxy forwards the request as they are it won't work. So I
have to rewrite the URL from http://myproxy/kalimba_img/blubba.jpg to
http://myproxy/blubba.jpg.
I tried this with the following configuration:
cache_peer jallah.image parent 80 0 no-query no-digest originserver
cache_peer kalimba.image parent 80 0 no-query no-digest originserver
# jallah ACL
acl jallah urlpath_regex ^/jallah_img
cache_peer_access jallah.image allow jallah
cache_peer_access kalimba.image deny jallah
# kalimba ACL
acl kalimba urlpath_regex ^/kalimba_img
cache_peer_access kalimba.image allow kalimba
cache_peer_access jallah.image deny kalimba
url_rewrite_program /rewrite.pl
Here code of rewrite.pl:
#!/usr/bin/perl
$|=1;
while (<>) {
# jallah
s@/jallah_img@@;
# kalimba
s@/kalimba_img@@;
print;
}
But this doesn't work because I think that the url_rewrite_program
program runs before the ACLs.
Sort of. There are http_access rules (which check the pre-rewrite
request) and http_access2 rules* (which check the port-rewrite request)
but only one cache_peer_access, which matches the post-rewrite request.
Interesting.
With the above setup I tested with
requests for both webservers, http://myproxy/kalimba_img/blubba.jpg and
http://myproxy/jallah_img/whatever.jpg, and "myproxy" always asked the
first listed peer "jallah.image".
Here's what I would do to work around this quirk (since you don't want
to have a separate externally accessible sub domain per server)...
cache_peer jallah.image parent 80 0 no-query no-digest originserver
cache_peer kalimba.image parent 80 0 no-query no-digest originserver
# rewrite ACL
acl rewrite urlpath_regex ^/(jallah|kalimba)_img
# jallah ACL
acl jallah dstdomain jallah.image
cache_peer_access jallah.image allow jallah
cache_peer_access jallah.image deny all
# kalimba ACL
acl kalimba dstdomain kalimba.image
cache_peer_access kalimba.image allow kalimba
cache_peer_access kalimba.image deny all
url_rewrite_program /rewrite.pl
url_rewrite_access allow rewrite
...with rewrite.pl looking something like...
#!/usr/bin/perl
$|=1;
while (<>) {
# jallah
m@/jallah_img/@ && s...@myproxy@jallah.image@ && s@/jallah_img@@;
# kalimba
m@/kalimba_img/@ && s...@myproxy@kalimba.img@ && s@/kalimba_img@@;
print;
}
...so you are rewriting the destination domain (which you can then use
to control which cache_peer is accessed) and removing the extraneous
directory.
Hope this time I did a better job in explaining...
Much. Hopefully I did a decent job of crafting a workable solution.
Cheers,
Markus
Chris
* Only in Squid 2.6, 2.7 and 2.HEAD