Thank you very much TomTux!!
Helped me a lot.
So if anyone else has the same problem, here is the solution:
Email from TomTox:
Quote:
My solution was as it is described in the ideas-section of the
"server-side.de"-page (sandwich-situation):
client --> squidproxy:3128 (cache_peer-directive) --> havp:8081 -->
squidproxy:3129
For my test purposes, I installed all on one server:
squid.conf
========
http_port 3128
http_port 3129
cache_peer 127.0.0.1 parent 8081 0 no-query no-digest no-netdb-exchange
default
havp.config
=========
PORT 8081
PARENTPROXY 127.0.0.1
PARENTPORT 3129
So, the client will connect the proxy on port 3128. The proxy will use his
"parent" (the havp) on port 8081. The havp itself will redirect again to
the proxy on port 3129. If you don't use ftp, you do not need the 2nd
connect (tcp 3129) to the squid.
Hope, this helps.
Kind regards,
tomtux
One important thing are the following instructions in
squid.conf
======
always_direct allow localhost
# allow connections from localhost (HAVP)
always_direct allow CONNECT
# always allow SSL connections direct without havp
always_direct deny HTTP
# deny all DIRECT http connections
always_direct deny FTP
# deny all DIRECT http connections
...
never_direct deny localhost
never_direct deny CONNECT
# allow direct connections from localhost and for SSL
never_direct allow HTTP
never_direct allow FTP
# deny direct connections for HTTP and FTP -> ask parent (HAVP)
If someone finds errors or has a better idea how to implement this thing -> I would be very thankful!
Regards,
Frank