Créer 1 proxy sous un autre proxy

Réseaux & telecom
1

Bonjour, alors dans mon école ils ont mis un proxy en 192.168.1.1 qui n’autrorise que le http. Je dois faire un proxy de test pour un tp mais je n’arrive pas à dire à mon proxy de communiquer avec le proxy de l’ecole pour qu’ils marchent ensemble.

Mon cache marche, et à chaque fois que je veux accèder à internet à partir d’une machine cliente, cela me dit en autre :

Unable to determine IP address from host name fo www.clubic.com

Server failure : the name server unable to process this query…etc

J’ai fait un telnet localhost 8080 et ca se connecte bien. Donc mon dns répond. Mais comme je l’ai dit, mon proxy n’arrive pas à travailler avec le proxy de mon école.

Petite précision : J’utilise SQUID et celui de l’ecole pareil.

Pouvez vous m’aider svp ? je bloque. Merci bien

Ced

2

fichier squid.conf :
root@cngonux:/proc/sys/net/ipv4# more /etc/squid/squid.conf
visible_hostname none
cache_mem 2 MB
cache_dir aufs /var/spool/squid 300 16 128
maximum_object_size 4 MB
ftp_user ftp@ma_societe.com
icp_port 3130
cache_peer 192.168.1.1 sibling 80 80 proxy-only
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl lan src 192.168.1.0/255.255.255.0
acl SSL_ports port 442 563
acl Safe_ports port 80 21 443 563 70 210 1025-65535
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777
acl sex url_regex porn
http_access deny sex
acl CONNECT method CONNECT
acl sex url_regex hard
acl failure method GET POST HEAD CONNECT PUT DELETE
acl LocalNet src 192.168.1.0/255.255.255.0
acl ordi src 192.168.1.235/255.255.255.0
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow LocalNet
http_access allow localhost
http_access allow lan
http_access allow ordi
http_access deny all
icp_access allow all
miss_access allow all
cache_mgr cngo
cache_effective_user squid
cache_effective_group squid
http_port 8080
deny_info http://erreur.com failure
https_port 8080

contenu de la commande squid -D -N -d 2 :
root@cngonux:/etc/squid# squid -N -D -d 2
2006/11/06 15:13:27| Starting Squid Cache version 2.5.STABLE12 for i386-debian-linux-gnu…
2006/11/06 15:13:27| Process ID 23170
2006/11/06 15:13:27| With 1024 file descriptors available
2006/11/06 15:13:27| DNS Socket created at 0.0.0.0, port 34288, FD 4
2006/11/06 15:13:27| Adding nameserver 192.168.1.12 from /etc/resolv.conf
2006/11/06 15:13:27| Adding nameserver 192.168.1.10 from /etc/resolv.conf
2006/11/06 15:13:27| Adding nameserver 213.161.194.80 from /etc/resolv.conf
2006/11/06 15:13:27| User-Agent logging is disabled.
2006/11/06 15:13:27| Referer logging is disabled.
2006/11/06 15:13:27| Swap maxSize 307200 KB, estimated 23630 objects
2006/11/06 15:13:27| Target number of buckets: 1181
2006/11/06 15:13:27| Using 8192 Store buckets
2006/11/06 15:13:27| Max Mem size: 2048 KB
2006/11/06 15:13:27| Max Swap size: 307200 KB
2006/11/06 15:13:27| Local cache digest enabled; rebuild/rewrite every 3600/3600 sec
2006/11/06 15:13:27| Rebuilding storage in /var/spool/squid (CLEAN)
2006/11/06 15:13:27| Using Least Load store dir selection
2006/11/06 15:13:27| Current Directory is /etc/squid
2006/11/06 15:13:27| Loaded Icons.
2006/11/06 15:13:27| Accepting HTTP connections at 0.0.0.0, port 8080, FD 11.
2006/11/06 15:13:27| comm_join_mcast_groups: FD 12, [192.168.1.1]
2006/11/06 15:13:27| Accepting ICP messages at 0.0.0.0, port 3130, FD 12.
2006/11/06 15:13:27| HTCP Disabled.
2006/11/06 15:13:27| WCCP Disabled.
2006/11/06 15:13:27| Configuring Sibling 192.168.1.1/80/80
2006/11/06 15:13:27| Ready to serve requests.
2006/11/06 15:13:27| Done reading /var/spool/squid swaplog (1 entries)
2006/11/06 15:13:27| Finished rebuilding storage from disk.
2006/11/06 15:13:27| 1 Entries scanned
2006/11/06 15:13:27| 0 Invalid entries.
2006/11/06 15:13:27| 0 With invalid flags.
2006/11/06 15:13:27| 1 Objects loaded.
2006/11/06 15:13:27| 0 Objects expired.
2006/11/06 15:13:27| 0 Objects cancelled.
2006/11/06 15:13:27| 0 Duplicate URLs purged.
2006/11/06 15:13:27| 0 Swapfile clashes avoided.
2006/11/06 15:13:27| Took 0.1 seconds ( 16.1 objects/sec).
2006/11/06 15:13:27| Beginning Validation Procedure
2006/11/06 15:13:27| Completed Validation Procedure
2006/11/06 15:13:27| Validated 1 Entries
2006/11/06 15:13:27| store_swap_size = 72k
2006/11/06 15:13:28| storeLateRelease: released 0 objects
2006/11/06 15:15:04| Detected DEAD Sibling: 192.168.1.1/80/80
2006/11/06 15:30:16| Reconfiguring Squid Cache (version 2.5.STABLE12)…
2006/11/06 15:30:16| FD 11 Closing HTTP connection
2006/11/06 15:30:16| FD 12 Closing ICP connection
2006/11/06 15:30:16| Cache dir ‘/var/spool/squid’ size remains unchanged at 307200 KB
2006/11/06 15:30:16| parseConfigFile: line 39 unrecognized: ‘https_port 8080’
2006/11/06 15:30:16| User-Agent logging is disabled.
2006/11/06 15:30:16| Referer logging is disabled.
2006/11/06 15:30:16| DNS Socket created at 0.0.0.0, port 34289, FD 6
2006/11/06 15:30:16| Adding nameserver 192.168.1.12 from /etc/resolv.conf
2006/11/06 15:30:16| Adding nameserver 192.168.1.10 from /etc/resolv.conf
2006/11/06 15:30:16| Adding nameserver 213.161.194.80 from /etc/resolv.conf
2006/11/06 15:30:16| Accepting HTTP connections at 0.0.0.0, port 8080, FD 9.
2006/11/06 15:30:16| Accepting ICP messages at 0.0.0.0, port 3130, FD 11.
2006/11/06 15:30:16| HTCP Disabled.
2006/11/06 15:30:16| WCCP Disabled.
2006/11/06 15:30:16| Configuring Sibling 192.168.1.1/80/80
2006/11/06 15:30:16| Loaded Icons.
2006/11/06 15:30:16| eventCleanup
2006/11/06 15:30:16| eventCleanup: cleaning ‘peerClearRR’
2006/11/06 15:30:16| eventCleanup: cleaning ‘peerDigestCheck’
2006/11/06 15:30:16| Ready to serve requests.
2006/11/06 15:32:05| Detected DEAD Sibling: 192.168.1.1/80/80
2006/11/06 15:48:41| Reconfiguring Squid Cache (version 2.5.STABLE12)…
2006/11/06 15:48:41| FD 9 Closing HTTP connection
2006/11/06 15:48:41| FD 11 Closing ICP connection
2006/11/06 15:48:41| Cache dir ‘/var/spool/squid’ size remains unchanged at 307200 KB
2006/11/06 15:48:41| aclParseIpData: WARNING: Netmask masks away part of the specified IP in ‘192.168.1.235/255.255.255.0’
2006/11/06 15:48:41| parseConfigFile: line 41 unrecognized: ‘https_port 8080’
2006/11/06 15:48:41| User-Agent logging is disabled.
2006/11/06 15:48:41| Referer logging is disabled.
2006/11/06 15:48:41| DNS Socket created at 0.0.0.0, port 34290, FD 6
2006/11/06 15:48:41| Adding nameserver 192.168.1.12 from /etc/resolv.conf
2006/11/06 15:48:41| Adding nameserver 192.168.1.10 from /etc/resolv.conf
2006/11/06 15:48:41| Adding nameserver 213.161.194.80 from /etc/resolv.conf
2006/11/06 15:48:41| Accepting HTTP connections at 0.0.0.0, port 8080, FD 9.
2006/11/06 15:48:41| Accepting ICP messages at 0.0.0.0, port 3130, FD 10.
2006/11/06 15:48:41| HTCP Disabled.
2006/11/06 15:48:41| WCCP Disabled.
2006/11/06 15:48:41| Configuring Sibling 192.168.1.1/80/80
2006/11/06 15:48:41| Loaded Icons.
2006/11/06 15:48:41| eventCleanup
2006/11/06 15:48:41| eventCleanup: cleaning ‘peerClearRR’
2006/11/06 15:48:41| eventCleanup: cleaning ‘peerDigestCheck’
2006/11/06 15:48:41| Ready to serve requests.

3

Bonjour,

tu auras plus de chances dans la section Linux je pense …

4

How do I set it up?

First, you have to tell Squid to listen on port 80 (usually), so set the ‘http_port’ option with the defaultsite option telling Squid it’s an accelerator for this site:

http_port 80 accel defaultsite=your.main.website

Next, you need to tell Squid where to find the real web server:

cache_peer ip.of.webserver parent 80 0 no-query originserver

And finally you need to set up access controls to allow access to your site

acl our_sites dstdomain your.main.website
http_access allow our_sites

You should now be able to start Squid and it will serve requests as a HTTP server.

Note: The accel option to http_port is optional and should only be specified for 2.6.STABLE8 and later. In all versions Squid-2.6 and later specifying one of defaultsite or vhost is sufficient.

Doc de squid