Squi 0.4.0 Reverse proxy for Exchange 2013
-
Lets put it in a different way; here's the relevant code:
https://github.com/pfsense/pfsense-packages/blob/master/config/squid3/34/squid_reverse.inc#L205
(On your machine, the file is in /usr/local/pkg/squid_reverse.inc. Make a backup, do the changes and post a unified diff (diff -u) adding whatever is needed there after you have tested that it works.)
-
I have identified 3 things not working for my config
Here are the setup installed by the GUI for mapi and autodiscover
acl OWA_URI_pfs url_regex -i ^https://mydomain.com/mapi.*$
acl OWA_URI_pfs url_regex -i ^http://mydomain.com/AutoDiscover/AutoDiscover.xml
acl OWA_URI_pfs url_regex -i ^https://mydomain.com/AutoDiscover/AutoDiscover.xml
acl OWA_URI_pfs url_regex -i ^http://autodiscover.com/AutoDiscover/AutoDiscover.xml
acl OWA_URI_pfs url_regex -i ^https://autodiscover.com/AutoDiscover/AutoDiscover.xmlHere what is working for me:
acl OWA_URI_pfs url_regex -i ^http://autodiscover.mydomain.com/.$
acl OWA_URI_pfs url_regex -i ^https://autodiscover.mydomain.com/.$For mapi
I don't know exactly how to write the rule but in the GUI the URI is:
mydomain.com/mapinothing before
nothing afterI have no idea how to commit this to github ?
-
Starting to get an impression that you simply need to configure your Exchange properly, rather than messing with the package code.
-
Sorry but those lines
acl OWA_URI_pfs url_regex -i ^http://autodiscover.com/AutoDiscover/AutoDiscover.xml
acl OWA_URI_pfs url_regex -i ^https://autodiscover.com/AutoDiscover/AutoDiscover.xmlcould not work at all
http://autodiscover.com/this is a single domain
at least this sould be
http://autodiscover.MYDOMAIN.com/
And in this case my settings are fine ;)
(and I check …I think they are) -
Made a little tweaking on exchange with this
Get-AutodiscoverVirtualDirectory -server MYEXCHANGESERVER | Set-AutodiscoverVirtualDirectory -ExternalUrl ‘https://autodiscover.MYDOMAIN.com/Autodiscover/Autodiscover.xml’ -InternalUrl ‘https://autodiscover.MYDOMAIN.com/Autodiscover/Autodiscover.xml’
After that
Squid reverse is working perfectly for autodiscoverThank you for the issue in exchange
BUT the issue with mapi resides
and I have doubt on one of the syntax for autodiscover (uper comment) -
OK for MAPI
issue too on my partGet-MapiVirtualDirectory | Set-MapiVirtualDirectory -ExternalUrl https://MYDOMAIN.com/mapi
IISRESET /noforceEverything is fine with Exchange
MY BAD :-X
-
So, there are no more problems with this? As said, it's possible to put some hints in the GUI if you provide them, however I cannot see the package being the issue here?
-
You're 90% right
acl OWA_URI_pfs url_regex -i ^http://autodiscover.com/AutoDiscover/AutoDiscover.xml
acl OWA_URI_pfs url_regex -i ^https://autodiscover.com/AutoDiscover/AutoDiscover.xmlare not correct
this should work better
acl OWA_URI_pfs url_regex -i ^http://autodiscover.mydomain.com/AutoDiscover/AutoDiscover.xml
acl OWA_URI_pfs url_regex -i ^https://autodiscover.mydomain.com/AutoDiscover/AutoDiscover.xmlThanks for tips
;D -
But that's NOT what the code is doing? https://github.com/pfsense/pfsense-packages/blob/master/config/squid3/34/squid_reverse.inc#L211
if (($settings['reverse_owa'] == 'on') && (!empty($settings['reverse_owa_ip'])) && ($settings['reverse_owa_autodiscover'] == 'on')) { $reverse_external_domain = strstr($settings['reverse_external_fqdn'], '.'); $conf .= "acl OWA_URI_pfs url_regex -i ^http://{$settings['reverse_external_fqdn']}/AutoDiscover/AutoDiscover.xml\n"; $conf .= "acl OWA_URI_pfs url_regex -i ^https://{$settings['reverse_external_fqdn']}/AutoDiscover/AutoDiscover.xml\n"; $conf .= "acl OWA_URI_pfs url_regex -i ^http://autodiscover{$reverse_external_domain}/AutoDiscover/AutoDiscover.xml\n"; $conf .= "acl OWA_URI_pfs url_regex -i ^https://autodiscover{$reverse_external_domain}/AutoDiscover/AutoDiscover.xml\n"; } }You are still misconfiguring something somewhere… Are you putting things like example.com there, instead of hostname.example.com? You can try this via System Patches:
--- a/usr/local/pkg/squid_reverse.inc 2015-10-12 20:05:27.278005880 +0200 +++ b/usr/local/pkg/squid_reverse.inc 2015-10-14 10:14:29.035540786 +0200 @@ -209,7 +209,11 @@ } if (($settings['reverse_owa'] == 'on') && (!empty($settings['reverse_owa_ip'])) && ($settings['reverse_owa_autodiscover'] == 'on')) { - $reverse_external_domain = strstr($settings['reverse_external_fqdn'], '.'); + if (substr_count($settings['reverse_external_fqdn'], ".") > 1) { + $reverse_external_domain = strstr($settings['reverse_external_fqdn'], '.'); + } else { + $reverse_external_domain = $settings['reverse_external_fqdn']; + } $conf .= "acl OWA_URI_pfs url_regex -i ^http://{$settings['reverse_external_fqdn']}/AutoDiscover/AutoDiscover.xml\n"; $conf .= "acl OWA_URI_pfs url_regex -i ^https://{$settings['reverse_external_fqdn']}/AutoDiscover/AutoDiscover.xml\n"; $conf .= "acl OWA_URI_pfs url_regex -i ^http://autodiscover{$reverse_external_domain}/AutoDiscover/AutoDiscover.xml\n"; -
My settings are good this time
In your 0.4.1 … All is goodThank again
-
Thanks for testing.
-
Double checked the squid.conf
Still an issue
Now it's right
Autodiscover.mydomai.comBUT missing The point between autodicover and mydomain
In mynconf it's
Autodiscovermydomain.com:-\
-
Kindly test this. I won't be doing another 25 pull requests for this nonsense.
--- /usr/local/pkg/squid_reverse.inc 2015-10-15 20:07:31.681133006 +0200 +++ /usr/local/pkg/squid_reverse.inc 2015-10-16 08:23:52.568083417 +0200 @@ -212,7 +212,7 @@ if (substr_count($settings['reverse_external_fqdn'], ".") > 1) { $reverse_external_domain = strstr($settings['reverse_external_fqdn'], '.'); } else { - $reverse_external_domain = $settings['reverse_external_fqdn']; + $reverse_external_domain = ".{$settings['reverse_external_fqdn']}"; } $conf .= "acl OWA_URI_pfs url_regex -i ^http://{$settings['reverse_external_fqdn']}/AutoDiscover/AutoDiscover.xml\n"; $conf .= "acl OWA_URI_pfs url_regex -i ^https://{$settings['reverse_external_fqdn']}/AutoDiscover/AutoDiscover.xml\n";This will be fixed in 0.4.1.1; if it still doesn't work for you, kindly produce some fixes here yourself.
-
ok my pleasure
How do I test this ?
thanks again and again -
Use the system patches package. Or edit the one line manually.
-
working
and in patch 4.1.1
YOU ROCK !
-
Uh, finally… Thanks for report.
-
You're very welcome