httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 39723] - Forward proxy does not work in tranparent mode
Date Mon, 05 Jun 2006 18:29:26 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=39723>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=39723





------- Additional Comments From nicolas.mailhot@laposte.net  2006-06-05 18:29 -------
(In reply to comment #9)
> (In reply to comment #8)

> > is there a way to share definition between the two virtualhosts ? Only the
> > rewriterule will differ.
> 
> I do not think, that they look very similar.

With include I ended up with 

<IfModule mod_proxy.c>

Listen 192.168.1.1:8081

NameVirtualHost 192.168.1.1:8081

<VirtualHost 192.168.1.1:8081>

RewriteEngine on
RewriteRule ^(.*) http://%{HTTP_HOST}$1 [P]

Include conf.d/proxy-shared.txt

</VirtualHost>

Listen 192.168.1.1:8080
NameVirtualHost 192.168.1.1:8080

<VirtualHost 192.168.1.1:8080>

Include conf.d/proxy-shared.txt

</VirtualHost>

</IfModule>

and all the mod_proxy directives in proxy-shared.txt. Is this wrong ?

> > Also if I want to to self-hosted transparent proxining I need a way to recognize
> > the proxy packets. (if I blindly redirect all messages to external 80 to local
> > 8081 I'll end up with a loop for the proxy requests) If there a way to control
> > the originating port mod_proxy will use ?
> 
> No, but I think you can fix this witin your netfilter rules. I am not sure if I
> remember netfilter correctly, but if you place your redirect rule in the FORWARD
> chain this should not touch the connections from your local box.

In this setup apache is part of the local box, but the apps you want to redirect
too. (and why would you want to do that when you have control of the box, and of
the apps config? Have you tried to setup proxying for all the apps of a Linux
system ? Much simpler to silently redirect everything to the local apache proxy)

You need a way to distinguish http requests made by you apps and the http
requests made by the proxy at the netfilter level - hence I was asking if I
could force the use of a special port by the proxy). So :

requests on the system to port 80 silently loop back to the local apache
requests on the system to port 80 from special proxy port are not redirected

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message