IWETHEY v. 0.3.0 | TODO
1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User
IWETHEY Banner

Welcome to IWETHEY!

New Configuring a local proxy
I'm trying to do the following: set up a proxy that will allow me to "filter" requests for a particular host by pretending to be that host.

Example: the remote host is www.foo.company.com. I want to put www.foo.company.com in my local hosts file so requests go to the local web server. Then, for all requests www.foo.company.com/bar, I want the request to go to the *real* www.foo.company.com, and for all requests www.foo.company.com/baz, I want the request to go somewhere else.

I might be able to get it to work by setting up my local Apache as a forward proxy and setting Firefox to use it as a proxy, but then add something like:

<Directory proxy:http://www.foo.company.com/baz>
# Forward somewhere else
ProxyRemote blah blah blah
</Directory>

The problem is I have to futz with the client (Firefox) as well, and I can't use a real proxy while I'm using this one. Then again, I could just use the Apache proxy for everything at that point.

I haven't tried that yet, and I figured I'd run things past here first to see if anyone had any other suggestions.
Regards,

-scott anderson

"Welcome to Rivendell, Mr. Anderson..."
New have you tried simply using your .htaccess file?
something like:

Redirect /olddirectory/oldfile.html [link|http://yoursite.com/newdirectory/newfile.html|http://yoursite.com/...tory/newfile.html]

or

Redirect /olddirectory [link|http://yoursite.com/newdirectory/|http://yoursite.com/newdirectory/]
~~~)-Steven----

Stapp's Ironical Paradox:
"The universal aptitude for ineptitude makes any human accomplishment an incredible miracle."

Col. John P. Stapp - Decelerator 'Test Pilot'
New Here's what I had to do:
Most of the following is necessary to get SSL proxying to work properly.

1) Setup squid

2) Give squid its own hosts file:
host_file /etc/squid/hosts

3) In that hosts file, put "1.2.3.4 www.foo.company.com" to make the proxy go to my local box for that host instead.

4) Setup Apache to listen for *:80 and *:443 to catch the redirected proxy requests.

5) <VirtualHost *:443>
DocumentRoot /var/www/apache2-default

CustomLog /var/log/apache2/tst1-443.log combined

SSLEngine On
SSLProtocol -all +TLSv1 +SSLv3
SSLVerifyClient none
SSLProxyProtocol -all +TLSv1 +SSLv3

SSLCertificateFile /etc/apache2/ssl/ssl.crt/www.foo.company.com.crt
SSLCertificateKeyFile /etc/apache2/ssl/ssl.key/www.foo.company.com.key

<Location />
Options Indexes FollowSymLinks MultiViews
Order allow,deny
allow from all
</Location>

AllowCONNECT
RequestHeader set Front-End-Https "On"

RewriteLog /var/log/apache2/rewrite2.log
RewriteLogLevel 9

RewriteEngine On
SSLProxyEngine On
ProxyPreserveHost On

RewriteCond %{HTTP_HOST} ^www.foo.company.com
RewriteRule ^/([^/]+)/stuff/(.*)$ [link|https://www.foo.company.com/$1/stuff/$2|https://www.foo.company.com/$1/stuff/$2] [proxy,last]

RewriteCond %{HTTP_HOST} ^www.foo.company.com
RewriteRule ^/([^/]+)/servlet/(.*)$ [link|http://localhost:13826/thingy/$1/$2|http://localhost:13826/thingy/$1/$2] [proxy,last]

RewriteCond %{HTTP_HOST} ^www.foo.company.com
RewriteRule ^/(.*)$ [link|https://www.local.company.com/$1|https://www.local.company.com/$1] [proxy,last]

</VirtualHost>

The RewriteCond allows me to service several proxied servers (www.foo.company.com, www.bar.company.com, etc) as well as local content by default.

6) Set my browser to use squid as its proxy.

The upshot is that I can now use my local server to serve up servlets, javascript, etc., but use the real server to serve up content that I can't or don't want to duplicate locally. Much of the pain was self-inflicted, because I could have just put www.foo.company.com in /etc/hosts. Had I done that, however, I would have had to change the hosts file every time I wanted to go directly to that host without the proxy setup. Now all I have to do is turn off the proxy in Firefox.

PITA, basically, but there it is.
Regards,

-scott anderson

"Welcome to Rivendell, Mr. Anderson..."
New PITA is an understatement.
I'm sure you didn't come with that in 15 minutes.
Alex

Nobody has a more sacred obligation to obey the law than those who make the law. -- Sophocles (496? - 406 BCE)
New More like an hour.
But I tried a lot of other partial solutions in the interim. Strangely enough, I worked that one out yesterday just before noticing the response here...
Regards,

-scott anderson

"Welcome to Rivendell, Mr. Anderson..."
New Weird; is that even (or should it even be) valid HTML / XML? (new thread)
Created as new thread #296511 titled [link|/forums/render/content/show?contentid=296511|Weird; is that even (or should it even be) valid HTML / XML?]


   [link|mailto:MyUserId@MyISP.CountryCode|Christian R. Conrad]
(I live in Finland, and my e-mail in-box is at the Saunalahti company.)
Ah, the Germans: Masters of Convoluted Simplification. — [link|http://www.thetruthaboutcars.com/?p=1603|Jehovah]
     Configuring a local proxy - (admin) - (5)
         have you tried simply using your .htaccess file? - (Steven A S) - (4)
             Here's what I had to do: - (admin) - (3)
                 PITA is an understatement. - (a6l6e6x) - (1)
                     More like an hour. - (admin)
                 Weird; is that even (or should it even be) valid HTML / XML? (new thread) - (CRConrad)

Gleefully participating in the heat death of the Universe!
143 ms