https and nginx as forward proxy

Igor Sysoev is at rambler-co.ru
Tue Oct 20 20:32:41 MSD 2009


On Tue, Oct 20, 2009 at 10:33:43PM +0800, quan nexthop wrote:

> HI Igor:
> 
> Is there any schedule to support the feathure, forward proxy ?

Not in near future: there is alreay good forward proxy Squid.

> thanks
> NextHop
> 
> On Tue, Oct 20, 2009 at 2:12 PM, Igor Sysoev <is at rambler-co.ru> wrote:
> 
> >  On Tue, Oct 20, 2009 at 12:51:02PM +0800, 冉兵 wrote:
> >
> > > Hi,
> > >
> > > I was experimenting using nginx as forward proxy with the conf as
> > attached.
> > >
> > > Regular http requests were passed fine. But any https were rejected right
> > away. Firewall was disabled on the proxy server.
> > >
> > > Here was the trace with curl, where the proxy runs on 192.168.4.217:81
> > >
> > >
> > -------------------------------------8<-----------------------------------------
> > > $ curl -v -x 192.168.4.217:81 https://jersey.dev.java.net/
> > > * About to connect() to proxy 192.168.4.217 port 81 (#0)
> > > *   Trying 192.168.4.217... connected
> > > * Connected to 192.168.4.217 (192.168.4.217) port 81 (#0)
> > > * Establish HTTP proxy tunnel to jersey.dev.java.net:443
> > > > CONNECT jersey.dev.java.net:443 HTTP/1.0
> > > > Host: jersey.dev.java.net:443
> > > > User-Agent: curl/7.16.3 (i686-pc-cygwin) libcurl/7.16.3 OpenSSL/0.9.8k
> > zlib/1.2.3 libssh2/0.15-CVS
> > > > Proxy-Connection: Keep-Alive
> > > >
> > > < <html>
> > > < <head><title>400 Bad Request</title></head>
> > > < <body bgcolor="white">
> > > < <center><h1>400 Bad Request</h1></center>
> > > < <hr><center>nginx/0.8.20</center>
> > > < </body>
> > > < </html>
> > > * Proxy CONNECT aborted
> > > * Closing connection #0
> > > curl: (56) Proxy CONNECT aborted
> > >
> > -------------------------------------8<-----------------------------------------
> >
> > CONNECT differs from other HTTP methods.
> >
> > > Here is the conf file. The prebuilt Nginx 0.8.20 runs on Windows 2003.
> > >
> > -------------------------------------8<-----------------------------------------
> > > worker_processes  1;
> > >
> > > events {
> > >     worker_connections  1024;
> > > }
> > >
> > >
> > > http {
> > >     include       mime.types;
> > >     sendfile        on;
> > >
> > >     resolver 208.67.220.220;
> > >
> > >     server {
> > >         listen       81;
> > >         location / {
> > >               proxy_pass $scheme://$http_host$request_uri;
> > >         }
> > >
> > >     }
> > >
> > > }
> > >
> > -------------------------------------8<-----------------------------------------
> > >
> > > I suspect Nginx has not been designed to be used as a forward proxy. If
> > nginx won't foot the bill, can anyone recommend a free solution please?
> >
> > Yes, nginx has not been disigned as a forward proxy. You should try squid
> > which was a forward proxy from the very start.
> >
> >
> > --
> > Igor Sysoev
> > http://sysoev.ru/en/
> >
> >

-- 
Igor Sysoev
http://sysoev.ru/en/





More information about the nginx mailing list