You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Alexei Kosut <ak...@nueva.pvt.k12.ca.us> on 1996/01/22 01:14:14 UTC
Proxy module available... use at own risk.
Hi...
I've uploaded to httpd/incoming proxy_ak_v001.tar. This is a (hopefully)
working version of my caching HTTP proxy module. It contains three files:
mod_proxy.c - The actual proxy module
util_proxy.patch - A patch to util.c to allow certain things to work*
alias_pass.patch - A patch to mod_alias.c to add the Pass cmd (see below)
* For those interested, it makes no2slash() and getparents() ignore URLs
not beginning with / - so as to avoid mangling of what is passed to the
proxy server.
Here are some instrutions on use of the module:
Installation:
Apply the two patches (optional - it will work without them - but a good
idea) to Apache 1.0. Then put in mod_proxy.c, like any other module. Note
that it has to follow mod_mime and mod_alias in order to work.
Basic Use, non-caching:
Do nothing. Just point a client at it. Plug and play. Great, huh?
Security:
Use <Directory> statements pointing at the URLs you want to protect. For
example:
<Directory http:>
<Limit GET POST>
order deny,allow
deny from all
allow from 204.119.66.
</Limit>
</Directory>
allows only clients from 204.119.66.* to access your proxy server. If you
installed util_proxy.patch, you can get more specific, i.e.
<Directory http://www.apache.org/>
which would enable restrictions for just access to www.apache.org. And so
forth. Common sense probably works here.
Caching
Yes, it does caching too. It uses a file-based database, nothing fancy.
It does stick all the files into one directory, which is quite possibly a
bad idea, but it's easily changeable, I think. (I just didn't try).
CacheRoot /usr/local/etc/httpd/proxy
CacheSize 20
These two directives tell the server to store the proxy files in
/usr/local/etc/httpd/proxy, and to have it have a maximum size of 20 megs
(default is five).
GcEvery 2
This tells it to garbage collect (go and remove expired files, and make
the cache directory under the size listen in CacheSize) every two hours.
Default is eight. Use "GcEvery Off" to turn off garbage collection and
let the cache files fester.
I stole a bunch of useful commands from the CERN proxy server, with some
modifications, which are useful somewhat:
CacheLimit 2000
This sets the max file size, in kilobytes. Anything larger than this gets
wiped right away. The default is 4000.
CacheClean 90
In days, the maximum time to keep cache files, absolutely positively.
Default is 30.
CacheExpireyCheck On/Off
On by default, turning this off means that it will pretend expired files
aren't expired.
CacheNoConnect On/Off
Off by default, turning this on means that the proxy server will only
return cached documents - it won't connect to anything.
If you've been paying attention, you'll note that you can set up a server
to serve 'demo' web documents by loading them all into your proxy server,
and then changing the settings to:
GcEvery Off
CacheExpireCheck Off
CacheNoConnect On
Acting as a Gateway/Mirror
If you installed alias_pass.patch, you now have a new directive, Pass.
This is identical to Redirect, except produces internal redirects instead
of external ones. This may be useful for other things (which is why I
made it a generic patch), but what it's mainly good for is
Pass /apache/ http://www.apache.org/
Which does the obvious.
Well, I think that's it. If anyone wants to use it, please go ahead. If
they don't, I don't blame them. I make absolutely no gaurentees that it
won't eat your hard disk for lunch and use your modem to make prank calls
to the president. Some parts of it (like the proxy stuff itself) are very
well tested. Some parts of it (like the garbage collection code) are
hardly tested at all.
But here it is... enjoy.
--/ Alexei Kosut <ak...@nueva.pvt.k12.ca.us> /--------/ Lefler on IRC
----------------------------/ <http://www.nueva.pvt.k12.ca.us/~akosut/>
The viewpoints expressed above are entirely false, and in no way
represent Alexei Kosut nor any other person or entity. /--------------