How do i create a proxy server

I want to create a proxy server for the users who connect to my website.

I have webserver hosted in my lan. I want to create a proxy server so that if anyone requests a webpage from my web server, the request should go through the proxy server. Experts can you tell me how do i do this.

Note: I have installed squid proxy server inside the lan for my clients. so when ever my clients connect to the internet the request goes through the squid server.
network16Asked:
Who is Participating?
 
savoneCommented:
Well basically you would just put the proxy in place of your web server.

Do you have a firewall in front of your web server?  For this example I will assume you do.

Lets say you have a firewall with an ip address of 1.1.1.1 (example of course) and it is forwarding requests on port 80 to your webserver.

make it forward the requests to your proxy instead. Then put ACLs in place to allow people to connect.

This is called a reverse proxy, here is a how to:
http://www.midgard-project.org/documentation/setting-up-squid-reverse-proxy/

0
 
savoneCommented:
Squid is a proxy server, if your clients are going through it your done.
0
 
network16Author Commented:
But i need a proxy server for the users who connect to my webserver from remote location
0
Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

 
savoneCommented:
Is there a reason you would want to do this?  You can use the same proxy if you want, just open the ports on your firewall ( port 80) and set the acl on squid.
0
 
network16Author Commented:
Because instead of connecting the client request every time to the web server, the request can be processed through the proxy server.
0
 
network16Author Commented:
Tell me how do i each incoming  request goes through the proxy server.
0
 
savoneCommented:
And another one, interesting read....
http://www.visolve.com/squid/whitepapers/reverseproxy.php

0
 
network16Author Commented:
Thanks for your reply, i have got some idea, i will work on this. I have a built in firewall in router. I will check how to configure the ACL and i have found some rules on the online. Below are the rules. My questions is do i need to write these rules on the webserver, let say if i have installed the proxy on the web server or tell me if i need  to install proxy server on the other server.

SQUID is a high-performance proxy caching server for web clients, supporting FTP, gopher, and HTTP data objects etc. By default it listen on TCP 3128 port. Following iptables rules allows SQUID incoming client request (open TCP port 3128) for server IP address 202.54.1.20:
iptables -A INPUT -p tcp -s 0/0 --sport 1024:65535 -d 202.54.1.20 --dport 3128 -m state --state NEW,ESTABLISHED -j ACCEPT

iptables -A OUTPUT -p tcp -s 202.54.1.20 --sport 3128 -d 0/0 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
0
 
network16Author Commented:
I redirected the port 80 requests to proxy server, but i could not open the web page.
0
 
savoneCommented:
First off is your squid machine different that your web server?

If so follow the directions in the second line I posted.

For example:

Lets say your squid machine is 192.168.1.2
and your webserver is 192.168.1.3


Set your squid.conf file like so:

http_port 80 # Port of Squid proxy
httpd_accel_host 192.168.1.3
httpd_accel_port 80 # Port of web server
httpd_accel_single_host on # Forward uncached requests to single host
httpd_accel_with_proxy on #
httpd_accel_uses_host_header off


make sure you router is forwarding port 80 to your squid machine.

0
 
network16Author Commented:
when i set the squid.conf as above i am recieving  the error parseconfigfile: line 925 unrecognized: "http_accel_host 192.168.1.3 and same for all the above used lines. Can you help me please, its very urgent
0
 
savoneCommented:
Did you change the IP address to the IP of your webserver?  Dont use 192.168.1.3, you have to change that to your web server's IP address.
0
 
network16Author Commented:
yes i have changed the ip address to my web server ip address
0
 
network16Author Commented:
Any suggestions i am getting the same error "error  parseconfigfile: line 925 unrecognized: "http_accel_host 192.168.1.3" for the all the lines i have added as you mentioned.
0
 
network16Author Commented:
I have sucessfully made the changes in the squid.conf file, i can restart the squid service.

But i could not start the service httpd when squid is started and vice versa. I can open the webpages in proxy server by using the http://localhost  url and retrieve the webpages which are in other servers.

But i cannot open using the ip address of the proxy server. Experts any suggetions
0
 
savoneCommented:
Post your squid.conf file, and provide the following information:

IP address of your webserver.
IP address of your squid server.
0
 
network16Author Commented:
IP Address of my webserver  is 192.168.1.43
IP Address of my squid server is 192.168.1.76

example.com is my domain name

# Squid normally listens to port 3128
#http_port 3128
http_port 80
http_port 80 defaultsite=example.com vhost
#http_port 192.168.1.43:80 accel parent vhost defaultsite=www.example.com
http_port 192.168.1.43:80 vhost vport
cache_peer 192.168.1.43 parent 80 0 no-query originserver
0
 
network16Author Commented:
I can browse the pages when i use http://localhost( i mean on 192.168.1.16) but when i use http://192.168.1.16 in my laptop. i get the below message

ERROR
The requested URL could not be retrieved

While trying to retrieve the URL: http://192.168.1.16/

The following error was encountered:

    * Access Denied.

      Access control configuration prevents your request from being allowed at this time. Please contact your service provider if you feel this is incorrect.

Your cache administrator is root.
Generated Tue, 07 Dec 2010 17:52:32 GMT by localhost.localdomain (squid/2.6.STABLE21)
0
 
savoneCommented:
Add in the first line of your squid.conf file:

acl all src 0.0.0.0/0.0.0.0


Then add this to the bottom:

http_access allow all

This will allow all traffic through your proxy.


0
 
network16Author Commented:
Yes by adding " http_access allow all " it works, thanks for your reply. I have one more question, if i have more than one web server, what should be my squid.conf file.

http_port 80 defaultsite=example.com vhost
http_port 192.168.1.43:80 vhost vport
cache_peer 192.168.1.43 parent 80 0 no-query originserver

let me explain you clearly

 I have a webserver(192.168.1.43) and squid(192.168.1.76), i have a wiki server in another server (192.168.1.223). my domain example.com is mapped to a public IP 12.13.15.16.  So when i go to the url www.example.com it is  directed to 12.13.15.16, which in turn directed to squid and the page is retrieved from webserver (192.168.1.43).

so in the same way when go the url www.example.com/wiki it is redirected to webserver (192.168.1.43), but there is no wiki in this server. I made a directory wiki in the webserver(192.168.1.43) with an index.html, using ahref to another ip address.

The Ip address in the ahref is an public Ip Address 12.13.14.16 which is one of my five public ip address. So my question if we redirected 12.13.14.16 request to the squid server(192.168.1.76), how would the proxy server retrieve the page from wiki server (192.168.1.223) and what should be the changes in the squid.conf
0
 
savoneCommented:
Your really making me work for these points aren't you... :)

So let me see if I can get this for you...

I am not a squid professional by any means, but I think this config should work for you:

#CURRENT CONFIG
# Squid normally listens to port 3128
#http_port 3128

acl all src 0.0.0.0/0.0.0.0
acl wiki urlpath_regex ^/wiki

http_port 80
http_port 80 defaultsite=example.com vhost
#http_port 192.168.1.43:80 accel parent vhost defaultsite=www.example.com
http_port 192.168.1.43:80 vhost vport
cache_peer 192.168.1.43 parent 80 0 no-query originserver name=www.example.com
cache_peer_access www.example.com deny wiki

cache_peer 192.168.1.223 parent 80 0 no-query originserver name=wiki.example.com
cache_peer_access wiki.example.com allow wiki
cache_peer_access wiki.example.com deny all

http_access allow all
0
 
network16Author Commented:
sorry for troubling you.

I am getting the following error
Stopping squid: 2010/12/07 22:14:11| squid.conf, line 947: No cache_peer 'www.example.com'
2010/12/07 22:14:11| squid.conf, line 950: No cache_peer 'wiki.example.com'
2010/12/07 22:14:11| squid.conf, line 951: No cache_peer 'wiki.example.com'
0
 
savoneCommented:
you have to change wiki.example.com to the name of your server that holds the wiki

and change www.example.com to the name of your server that has the web server running on it.

0
 
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
This question has been classified as abandoned and is being closed as part of the Cleanup Program.  See my comment at the end of the question for more details.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.