squid forwardmap Hack
This is a hack for the squid-proxy 2.5
www.squid-cache.org
Squid can act as a transparent-proxy/accelerator if you redirect your http-traffic with linux-netfilter to the localhost squid-port.
With the forwardmap hack you can do static mapping from original-destination ip:port/path to any other ip:port/path.
The ""Host:"-header will not be used.
This is not for office-to-web proxying, but for web-to-server(s) proxying, filtering or splitting.
Usage/Notes:
There is the new configfile option 'forwardmap':
#forwardmap from_ip/from_mask from_port from_uri to_ip to_port to_uri
forwardmap 62.245.218.129 80 / 10.10.10.11 80 /
forwardmap 62.245.218.2 80 /othersite 10.10.10.12 80 /
forwardmap 62.245.218.2 80 /xxx 10.10.10.13 80 /xxx
forwardmap 62.245.218.2 80 /abc 10.10.10.14 80 /
forwardmap 62.245.218.2 80 / 10.10.10.15 80 /abc
forwardmap 62.245.218.3 80 / 10.10.10.16 80 /
- The order is important, the first match is taken!
- Even if you use a from_mask (<32) it can only be redirected to one single ip!
- If http://example.org/foobar/../abc is requested, it is converted to http://example.org/abc to avoid circumvent the path-translation.
- Currently debug information are written to the file /tmp/sq
- The from_ip and from_port are the destination-ip/port of the request. If linux-netfilter did a redirection, then the redirected ip/port are taken.
Info: How to patch debian-squid:
# apt-get source squid
# cd squid-2.5.X
# make -f debian/rules patch
# cat path-to/squid-2.5.STABLE5-forwardmap.diff | patch -p1
# make -f debian/rules binary-arch
Download:
Patch for squid-2.5:
squid-2.5.STABLE5-forwardmap.diff