User Tools

Site Tools


apache:forward_proxy

This is an old revision of the document!


Apache httpd 2.4 forward proxy

Creates a forward proxy (squid drop in replacement) on TCP port 3128. Proved to be faster than squid 3.5 on the same hardware.

Make sure you have a local DNS caching resolver, such as unbound or PowerDNS Recursor configured in /etc/resolv.conf.

ProxyDomain directive protects the proxy from accessing domain hosts by filling up the local domain name or search domains from /etc/resolv.conf.

mod_reqtimeout drops some long lived https connections in its default configuration (RequestReadTimeout header=20-40,MinRate=500 body=20,MinRate=500)

No caching is performed in this setup but it can be implemented using mod_cache and mod_cache_disk.

Required modules: mod_proxy, mod_proxy_connect.

Listen 3128
<VirtualHost *:3128>
        ProxyRequests On
        ProxyDomain "."
        CustomLog "/var/log/httpd/proxy_access_log" common
        ErrorLog "/var/log/httpd/proxy_error_log"
        <IfModule mod_reqtimeout.c>
                RequestReadTimeout header=0 body=0
        </IfModule>
        <Proxy "*">
                Require ip 192.168.0.0/16
                Require ip 127.0.0.0/8
                Require ip 10.0.0.0/8
                Require ip 172.16.0.0/12
        </Proxy>
</VirtualHost>
apache/forward_proxy.1463899261.txt.gz · Last modified: 2016/05/22 09:41 by cbredi