Hi Support, I am running Squid 3.5.20 in AWS as a forward proxy (http_port 3128) to forward client traffic through a firewall to the Internet.
The proxy works fine when placed behind a Network Load Balancer (NLB). However, when I place Squid behind an Application Load Balancer (ALB) on port 3128, Squid receives malformed requests and logs the following error: ERR_INVALID_URL HTTP/400 Bad Request From my understanding, this happens because ALB only supports HTTP/HTTPS listeners and does not forward raw TCP traffic the way Squid expects on port 3128. My questions are: 1. Is there any Squid configuration that can make it compatible with AWS ALB (which handles HTTP only), while still operating as a forward proxy? 2. If not, are there recommended approaches to integrate Squid with AWS WAF (which requires ALB/CloudFront) so that Squid can still function as a forward proxy for outbound client HTTPS traffic? 3. Would switching to reverse proxy mode help in this case, or would that break HTTPS CONNECT tunneling? Environment details: - Squid 3.5.20 - Deployed in AWS VPC - Works with NLB, fails with ALB Thank you for any guidance or suggestions. Hope to hear from you soon. Thanks and regards, Tan Tang Suan Mobile: 96228330
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org https://lists.squid-cache.org/listinfo/squid-users
