Setting up Apache on NetWare 6 as a Proxy Server
Novell Cool Solutions: Feature
By David Chenworth
Digg This -
Posted: 11 Feb 2003
The open source Apache web server is included with NetWare 6. This is a port of the Apache project to NetWare, and is installed by default when any of the web components are installed (i.e. iManager, WebAccess, NetStorage, etc.). Although on NetWare 6, Apache was included to be a back-end web server for providing access to different web services, the full functionality of the Apache server is present, including the functionality of Apache to function as a Proxy Server.
Apache may be used as a Proxy Server. A proxy by definition is something that makes a request for, and on behalf of something else. In the case of the Internet, a Proxy server is a server that makes requests to different web sites in lieu of the client workstations that sit behind the proxy.
Figure 1. shows the architecture of a network using a Proxy server. What happens in this environment if a client needs to get a page off of the Internet? The answer to this is a multi-step process, as follows:
- The client makes a request to get the page from the Internet.
- The request is forwarded to the Proxy Server.
- The Proxy Server (if it is set up to cache data as well) will check its memory to see if it already contains a copy of the page.
- If the Proxy Server has a copy of the page, it will verify that it is a current copy of the page, then if it is, will return the page to the client fulfilling the request in step 1.
- If the Proxy Server doesn't have a copy of the page, or the copy held by the proxy server is not current, the proxy server will request the page from the Internet. In this step, the proxy server is acting like it is the client making a request for Internet content. Sources that could see this request from the Internet wouldn't have any idea that a client workstation sitting behind the Proxy server is what actually made the request.
- The requested information will be returned to the Proxy server.
- The Proxy server will determine which client workstation made the request of the proxy server and returns the requested page to the client that requested it. Additionally, if the proxy server is caching pages, a copy of the page will be kept on the proxy server.
The default configuration file for Apache is traditionally httpd.conf. While the complete httpd.conf file for the Apache web server is included in the SYS:\Apache\conf subdirectory, Apache on NetWare 6 uses a different configuration file as its main configuration file. On NetWare 6 the default configuration file is the SYS:\Apache\conf\adminserv.conf file. This file contains everything needed to make Apache run on NetWare, but lacks some of the additional functionality.
After the installation of NetWare 6, the adminserv.conf file does NOT contain any information required to make the Apache web server function as a proxy server. However, this information may be added to include the Proxy functionality. This is accomplished by copying the Proxy Server Directives from the SYS:\Apache\conf\httpd.conf file to the adminserv.conf file. As a reference, these directives are included below:
# Proxy Server directives. Uncomment the following lines to # enable the proxy server: # #<IfModule mod_proxy.c> #ProxyRequests On # #<Directory proxy:*> # Order deny,allow # Deny from all # Allow from .your-domain.com #</Directory> # # Enable/disable the handling of HTTP/1.1 "Via:" headers. # ("Full" adds the server version; "Block" removes all outgoing Via: headers) # Set to one of: Off | On | Full | Block # #ProxyVia On # # To enable the cache as well, edit and uncomment the following lines: # (no cacheing without CacheRoot) # #CacheRoot "sys:/apache/proxy" #CacheSize 5 #CacheGcInterval 4 #CacheMaxExpire 24 #CacheLastModifiedFactor 0.1 #CacheDefaultExpire 1 #NoCache a-domain.com another-domain.edu joes.garage-sale.com #</IfModule> # End of proxy directives.
This file contains three different sections of information; the first enables proxy, the second enables HTTP/1.1 headers, and the third the proxy server to function as a caching server as well.
The first step in enabling the server as a proxy server, is to unremark the following set of lines:
<IfModule mod_proxy.c> ProxyRequests On <Directory proxy:*> Order deny,allow Deny from all Allow from .your-domain.com </Directory> . . . </IfModule>
By unremarking and editing the above lines, basic proxy functionality is enabled. The line that must be edited is the Allow from .your-domain.com. The .your-domain.com must be changed either to the domain name (if the server's DNS name is myserver.novell.com, the domain name would be novell.com), or to all.??? The domain name option will allow only workstations from that domain to use apache as a proxy server. Setting this line to all will allow any user with access to the apache server to use it as a proxy server.
To enable HTTP/1.1 headers, the following line needs to be unremarked and edited:
This will be set to Off, On, Full, or Block. Off will disable HTTP/1.1 header and On will enable it. If this is set to Full, the server version will be added. Block removes outgoing Via (HTTP/1.1 headers.
Finally the Proxy Cache is configured by unremarking and editing these lines:
CacheRoot "sys:/apache/proxy" CacheSize 5 CacheGcInterval 4 CacheMaxExpire 24 CacheLastModifiedFactor 0.1 CacheDefaultExpire 1 NoCache a-domain.com another-domain.edu joes.garage-sale.com
In the caching section, the CacheRoot line is required, otherwise caching will NOT work. By default, this is set to SYS:/apache/proxy, but this may be modified to point to wherever the cache is to be kept. The next five lines determine how large the cache will be, how often to grab (or check) newer files, and how long to keep cached pages before purging them from the system. The last line lists (with spaces between domain names) domains that will NOT get cached.
One final note on the Apache server side of things is that proxy servers typically run on a port other than the standard port 80 (i.e. 8080 may be used for proxy servers). If the proxy server is to be running on a port other than 80, the port number of the web server will need to be changed to the port the proxy server will listen on.
After the above changes have been made, you must unload and reload the Apache server by issuing the nvxadmdn and nvxadmup commands.
For the workstation to work with the proxy server, the browser on the client must be configured to use the proxy server (for this article we will use Microsoft Internet Explorer 6.0.26). To do this, open Internet Explorer, select Tools | Internet Options | Connections | LAN Settings, and configure the browser with the IP Address and Port the Apache proxy server is listening on.
After the above settings have been configured, Internet Explorer will need to be stopped and restarted.
By following the above steps the Apache Web Server may be configured to handle basic proxy requests. The filtering methods used by Apache are extremely basic (i.e. this is NOT a high end proxy server), but the Apache server will serve your basic proxy server needs.
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com