[squid-users] Cache a site which is redirected by DNS manipulation
Hi, i had a thread here: http://squid-web-proxy-cache.1019090.n4.nabble.com/ONLY-Cache-certain-Websites-td4667121.html But ive comen across so many problems that i decided to just cache one website (windows updates). The Squid Proxy need to cache onle domains like: windowsupdate.com microsoft.com windows.com User enteres windows.com, he gets a wrong ip like 192.168.0.8. Squid should then get the page by the origin webserver and cache some files (like cab|exe|ms[i|u|f]|asf|wma|dat|zip). How to archive this? http_port 192.168.0.8:80 accel defaultsite=windowsupdate.com cache_peer windowsupdate.com parent 80 0 no-query originserver works but no cache...? -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/Cache-a-site-which-is-redirected-by-DNS-manipulation-tp4667465.html Sent from the Squid - Users mailing list archive at Nabble.com.
[squid-users] Re: server failover/backup
This appears to be a client (192.168.0.125) connecting to what it thinks is a regular forward-proxy port: http_port 3128 or http_port 192.168.0.1:3128 Like i said the clients get the ip and port thru dhcp, thats correct behaivour in my eyes. This above shows Squid receiving various requests for blizzard.com domains and relaying them to the web server at 192.168.0.4. Do you actually have a blizzard.com web server running at 192.168.0.4 ? I dont think so. This is correct. At 192.168.0.4 is a nginx reverse proxy for caching games like steam, origin... and ofc blizzard games. [if i disable squid it works] It seems to me that you are mixing the HTTP traffic modes up. I dont know what you mean. Like i said i dont use this server as a nat, its just a normal server connected to our router. Clients get proxy thru .pac file via dhcp. -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/ONLY-Cache-certain-Websites-tp4667121p4667325.html Sent from the Squid - Users mailing list archive at Nabble.com.
[squid-users] Re: server failover/backup
I found out why. If i go direct to http://llnw.blizzard.com/hs-pod/beta/EU/4944.direct/Updates/hs-6187-6284-Win_deDE-final.MPQ it works (without proxy). If i enable proxy, it wont work and i get 503. BTW i upgraded to Squid Cache: Version 3.3.8 -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/ONLY-Cache-certain-Websites-tp4667121p4667279.html Sent from the Squid - Users mailing list archive at Nabble.com.
[squid-users] Re: server failover/backup
Hello, thanks for your help. I own a dhcp server which spread the proxy ip:port to all clients (proxy settings are default search for) so all programs are using this proxy automatic for http requests. I use Linux version 3.2.0-4-amd64 (debian-ker...@lists.debian.org) (gcc version 4.6.3 (Debian 4.6.3-14) ) #1 SMP Debian 3.2.60-1+deb7u3 I worked hard to upgrade to 3.3.8. Im not a linux guru. -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/ONLY-Cache-certain-Websites-tp4667121p4667286.html Sent from the Squid - Users mailing list archive at Nabble.com.
[squid-users] Re: server failover/backup
Some Logs: == /var/log/squid3/cache.log == 2014/08/20 19:33:19.809 kid1| client_side.cc(777) swanSong: local=192.168.0.1:3128 remote=192.168.0.125:62595 flags=1 2014/08/20 19:33:20.227 kid1| client_side.cc(777) swanSong: local=192.168.0.1:3128 remote=192.168.0.125:62378 flags=1 2014/08/20 19:33:20.232 kid1| client_side.cc(900) deferRecipientForLater: clientSocketRecipient: Deferring request http://llnw.blizzard.com/hs-pod/beta/EU/4944.direct/Updates/hs-6187-6284-Win_deDE-final.MPQ 2014/08/20 19:33:20.232 kid1| client_side.cc(1518) ClientSocketContextPushDeferredIfNeeded: local=192.168.0.1:3128 remote=192.168.0.125:62611 FD 29 flags=1 Sending next 2014/08/20 19:33:20.235 kid1| client_side.cc(777) swanSong: local=192.168.0.1:3128 remote=192.168.0.125:62611 flags=1 2014/08/20 19:33:20.638 kid1| client_side.cc(777) swanSong: local=192.168.0.1:3128 remote=192.168.0.125:62669 flags=1 == /var/log/squid3/access.log == 1408555999.808 10552 192.168.0.125 TCP_MISS/503 3899 GET http://dist.blizzard.com.edgesuite.net/hs-pod/beta/EU/4944.direct/Updates/hs-6187-6284-Win-final.MPQ - HIER_DIRECT/192.168.0.4 text/html 1408556000.232 9976 192.168.0.125 TCP_MISS/503 3844 GET http://llnw.blizzard.com/hs-pod/beta/EU/4944.direct/Updates/hs-6187-6284-Win-final.MPQ - HIER_DIRECT/192.168.0.4 text/html 1408556000.232 9975 192.168.0.125 TCP_MISS/503 3803 GET http://llnw.blizzard.com/hs-pod/beta/EU/4944.direct/Updates/hs-6187-6284-Win_deDE-final.MPQ - HIER_DIRECT/192.168.0.4 text/html 1408556000.638406 192.168.0.125 TCP_MISS/200 1642 CONNECT dws1.etoro.com:443 - HIER_DIRECT/149.126.77.194 - -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/ONLY-Cache-certain-Websites-tp4667121p4667287.html Sent from the Squid - Users mailing list archive at Nabble.com.
[squid-users] Re: server failover/backup
I give up. Squid sucks so hard. New and easier idea: accel the sites i want to cache. But how? Information about this is crazy much http://wiki.squid-cache.org/SquidFaq/ReverseProxy But how to cache? # #Recommended minimum configuration: # debug_options ALL,1 33,2 # Example rule allowing access from your local networks. # Adapt to list your (internal) IP networks from where browsing # should be allowed acl localnet src 192.168.0.0/16 acl localnet src fc00::/7 acl localnet src fe80::/10 # RFC1918 possible internal network #acl Safe_ports port 1-65535 # RFC1918 possible internal network #acl CONNECT method GET POST HEAD CONNECT PUT DELETE # RFC1918 possible internal network #acl block-fnes urlpath_regex -i .*/fnes/echo # RFC 4193 local private network range #acl noscan dstdomain .symantecliveupdate.com liveupdate.symantec.com psi3.secunia.com update.immunet.com # RFC 4291 link-local (directly plugged) machines #acl video urlpath_regex -i \.(m2a|avi|mov|mp(e?g|a|e|1|2|3|4)|m1s|mp2v|m2v|m2s|wmx|rm|rmvb|3pg|3gpp|omg|ogm|asf|asx|wmvm3u8|flv|ts) # # Recommended minimum Access Permission configuration: # # Only allow cachemgr access from localhost #no_cache deny noscan #always_direct allow noscan #always_direct allow video # Deny requests to certain unsafe ports # Deny CONNECT to other than secure SSL ports # We strongly recommend the following be uncommented to protect innocent # web applications running on the proxy server who think the only # one who can access services on .localhost. is a local user #http_access deny to_localhost # # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS # #cache_peer 192.168.1.1 parent 8080 0 default no-query no-digest #no-netdb-exchange #never_direct allow all # Example rule allowing access from your local networks. # Adapt localnet in the ACL section to list your (internal) IP networks # from where browsing should be allowed #http_access allow all # allow localhost always proxy functionality # And finally deny all other access to this proxy http_port 192.168.0.8:80 accel defaultsite=windowsupdate.com cache_peer windowsupdate.com parent 80 0 no-query originserver http_port 192.168.0.8:80 accel defaultsite=microsoft.com cache_peer microsoft.com parent 80 0 no-query originserver http_port 192.168.0.8:80 accel defaultsite=windows.com cache_peer windows.com parent 80 0 no-query originserver # We recommend you to use at least the following line. hierarchy_stoplist cgi-bin ? # Uncomment and adjust the following to add a disk cache directory. maximum_object_size 5000 MB #store_dir_select_algorithm round-robin cache_dir aufs /daten/squid 10 16 256 # Leave coredumps in the first cache dir coredump_dir /daten/squid #windows update refresh_pattern -i microsoft.com/.*\.(cab|exe|ms[i|u|f]|asf|wma|dat|zip)$ 202974 80% 262974 refresh_pattern -i windowsupdate.com/.*\.(cab|exe|ms[i|u|f]|asf|wma|dat|zip)$ 202974 80% 262974 refresh_pattern -i windows.com/.*\.(cab|exe|ms[i|u|f]|asf|wma|dat|zip)$ 202974 80% 262974 log_icp_queries off icp_port 0 htcp_port 0 snmp_port 3401 acl snmppublic snmp_community public snmp_access allow snmppublic all minimum_object_size 0 KB buffered_logs on cache_effective_user proxy #header_replace User-Agent Mozilla/5.0 (X11; U;) Gecko/20080221 Firefox/2.0.0.9 vary_ignore_expire on cache_swap_low 90 cache_swap_high 95 #visible_hostname shadow #unique_hostname shadow-DHS shutdown_lifetime 0 second request_header_max_size 256 KB half_closed_clients off max_filedesc 65535 connect_timeout 10 second cache_effective_group proxy #access_log /var/log/squid/access.log squid #access_log daemon:/var/log/squid3/access.test.log squid client_db off #dns_nameservers 192.168.0.10 ipcache_size 1024 fqdncache_size 1024 positive_dns_ttl 24 hours negative_dns_ttl 5 minutes #itcp_outgoing_address 192.168.2.2 dns_v4_first on check_hostnames off forwarded_for delete via off #pinger_enable off #memory_replacement_policy heap LFUDA #cache_replacement_policy heap LFUDA cache_mem 2048 MB maximum_object_size_in_memory 512 KB #memory_cache_mode disk cache_store_log none read_ahead_gap 50 MB pipeline_prefetch on reload_into_ims on #quick_abort_min -1 KB Does not cache any windows updates. -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/ONLY-Cache-certain-Websites-tp4667121p4667289.html Sent from the Squid - Users mailing list archive at Nabble.com.
[squid-users] Re: server failover/backup
I got help by email: removed intercept from http port (bc i dont use nat) and removed quick_abort_min. (i got told it bugs sometimes) Still battle.net is not working. I cant believe im the only one with this problem... -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/ONLY-Cache-certain-Websites-tp4667121p4667265.html Sent from the Squid - Users mailing list archive at Nabble.com.
[squid-users] Re: ONLY Cache certain Websites.
What is pnp. Do you mean UPNP? Its enabled. I dont understand RU. If i were able to read and understand it, why u think i post it here? Just so that u tell me thats the answer?! -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/ONLY-Cache-certain-Websites-tp4667121p4667242.html Sent from the Squid - Users mailing list archive at Nabble.com.
[squid-users] Re: ONLY Cache certain Websites.
Just to clarify my problem: I dont use it as a transparente proxy! I distribute the proxy with my dhcp server and a .pac file. So it gets used on all machines with auto detection proxy -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/ONLY-Cache-certain-Websites-tp4667121p4667244.html Sent from the Squid - Users mailing list archive at Nabble.com.
[squid-users] Re: ONLY Cache certain Websites.
Thanks for no help, but could u please spam then? -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/ONLY-Cache-certain-Websites-tp4667121p4667247.html Sent from the Squid - Users mailing list archive at Nabble.com.
[squid-users] Re: server failover/backup
Question: why u spam my thread? -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/ONLY-Cache-certain-Websites-tp4667121p4667249.html Sent from the Squid - Users mailing list archive at Nabble.com.
[squid-users] Re: ONLY Cache certain Websites.
I got nearly all working. Except Battle.net. This problem seems to known, but i dont know how to fix. http://stackoverflow.com/questions/24933962/squid-proxy-blocks-battle-net https://forum.pfsense.org/index.php?topic=72271.0 -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/ONLY-Cache-certain-Websites-tp4667121p4667231.html Sent from the Squid - Users mailing list archive at Nabble.com.
[squid-users] Re: ONLY Cache certain Websites.
Hello, thanks for your help. I fixed the slow issue by myself, i forgott to add nameservers, so it was using the local dns, which ofc fakes some ips... i added nameservers directive and it works now fast again. root@debian-server:~# cat /proc/version Linux version 3.2.0-4-amd64 (debian-ker...@lists.debian.org) (gcc version 4.6.3 (Debian 4.6.3-14) ) #1 SMP Debian 3.2.60-1+deb7u3 If i look at http://wiki.squid-cache.org/SquidFaq/BinaryPackages#Debian 3.1 is the newest? Am i wrong? You tell me that Squid cant connect to some servers. How. Its just connected to normal fritz.box, nothing special, nothign what could block, or do i miss something? -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/ONLY-Cache-certain-Websites-tp4667121p4667191.html Sent from the Squid - Users mailing list archive at Nabble.com.
[squid-users] Re: ONLY Cache certain Websites.
Thanks for your help. But i go crazy. =) Internet is slow as fuck. I dont see any errors in the logs. And some services (Battle.net) is not working. /etc/squid3/squid.conf debug_options ALL,1 33,2 acl domains_cache dstdomain /etc/squid/lists/domains_cache cache allow domains_cache acl localnet src 192.168.0.0 acl all src all acl localhost src 127.0.0.1 cache deny all #access_log daemon:/var/log/squid/access.test.log squid http_port 192.168.0.1:3128 transparent cache_dir ufs /daten/squid 10 16 256 range_offset_limit 100 MB windowsupdate maximum_object_size 6000 MB quick_abort_min -1 # Add one of these lines for each of the websites you want to cache. refresh_pattern -i microsoft.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 432000 reload-into-ims refresh_pattern -i windowsupdate.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 432000 reload-into-ims refresh_pattern -i windows.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 432000 reload-into-ims #kaspersky update refresh_pattern -i geo.kaspersky.com/.*\.(cab|dif|pack|q6v|2fv|49j|tvi|ez5|1nj|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 432000 reload-into-ims #nvidia updates refresh_pattern -i download.nvidia.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 432000 reload-into-ims #java updates refresh_pattern -i sdlc-esd.sun.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 432000 reload-into-ims # DONT MODIFY THESE LINES refresh_pattern \^ftp: 144020% 10080 refresh_pattern \^gopher:14400% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern . 0 20% 4320 #kaspersky update acl kaspersky dstdomain geo.kaspersky.com acl windowsupdate dstdomain windowsupdate.microsoft.com acl windowsupdate dstdomain .update.microsoft.com acl windowsupdate dstdomain download.windowsupdate.com acl windowsupdate dstdomain redir.metaservices.microsoft.com acl windowsupdate dstdomain images.metaservices.microsoft.com acl windowsupdate dstdomain c.microsoft.com acl windowsupdate dstdomain www.download.windowsupdate.com acl windowsupdate dstdomain wustat.windows.com acl windowsupdate dstdomain crl.microsoft.com acl windowsupdate dstdomain sls.microsoft.com acl windowsupdate dstdomain productactivation.one.microsoft.com acl windowsupdate dstdomain ntservicepack.microsoft.com acl CONNECT method CONNECT acl wuCONNECT dstdomain www.update.microsoft.com acl wuCONNECT dstdomain sls.microsoft.com http_access allow kaspersky localnet http_access allow CONNECT wuCONNECT localnet http_access allow windowsupdate localnet #test http_access allow localnet http_access allow all http_access allow localhost /etc/squid/lists/domains_cache microsoft.com windowsupdate.com windows.com #nvidia updates download.nvidia.com #java updates sdlc-esd.sun.com #kaspersky geo.kaspersky.com /var/log/squid3/access.log 1407786051.567 17909 192.168.0.125 TCP_MISS/000 0 GET http://dist.blizzard.com.edgesuite.net/hs-pod/beta/EU/4944.direct/base-Win-deDE.MPQ - DIRECT/dist.blizzard.com.edgesuite.net - 1407786051.567 17909 192.168.0.125 TCP_MISS/000 0 GET http://llnw.blizzard.com/hs-pod/beta/EU/4944.direct/base-Win.MPQ - DIRECT/llnw.blizzard.com - 1407786054.161132 192.168.0.125 TCP_MISS/200 247 GET http://heartbeat.dm.origin.com/pulse? - DIRECT/54.225.219.232 text/plain 1407786054.852 11891 192.168.0.125 TCP_MISS/200 440 POST http://www.netvibes.com/api/my/messagebar/ - DIRECT/193.189.143.34 application/json 1407786055.785125 192.168.0.125 TCP_MISS/304 432 GET http://wiki.squid-cache.org/wiki/squidtheme/js/niftyCorners.css - DIRECT/77.93.254.178 - 1407786055.786124 192.168.0.125 TCP_MISS/304 433 GET http://wiki.squid-cache.org/wiki/squidtheme/js/niftycube.js - DIRECT/77.93.254.178 - 1407786055.787124 192.168.0.125 TCP_MISS/304 431 GET http://wiki.squid-cache.org/wiki/squidtheme/js/kutils.js - DIRECT/77.93.254.178 - 1407786055.788122 192.168.0.125 TCP_MISS/304 433 GET http://wiki.squid-cache.org/wiki/squidtheme/css/common.css - DIRECT/77.93.254.178 - 1407786055.788123 192.168.0.125 TCP_MISS/304 433 GET http://wiki.squid-cache.org/wiki/squidtheme/css/screen.css - DIRECT/77.93.254.178 - 1407786055.843 56 192.168.0.125 TCP_MISS/304 433 GET http://wiki.squid-cache.org/wiki/common/js/common.js - DIRECT/77.93.254.178 - 1407786055.844 54 192.168.0.125 TCP_MISS/304 433 GET http://wiki.squid-cache.org/wiki/squidtheme/img/squid-bubbles.png - DIRECT/77.93.254.178 - 1407786055.845 53 192.168.0.125 TCP_MISS/304 431 GET http://wiki.squid-cache.org/wiki/squidtheme/img/icon-info.png - DIRECT/77.93.254.178 - 1407786055.865 12623 192.168.0.125 TCP_MISS/200 76761 GET http://wiki.squid-cache.org/SquidFaq/BinaryPackages - DIRECT/77.93.254.178 text/html 1407786055.866 59 192.168.0.125 TCP_MISS/304 431 GET http://wiki.squid-cache.org/wiki/squidtheme/img/alert.png - DIRECT/77.93.254.178 - 1407786055.898 50 192.168.0.125 TCP_MISS/304 432
[squid-users] Re: ONLY Cache certain Websites.
Thanks for your answer. Ill try to get it working but im not sure how. I dont understand this acl system. I know there are alot of tutorials out there, but not in my mother language so im not able to fully understand such expert things. Could you maybe show me atleast at one exampel how to get it work? Also maybe there are things i can remove? Heres my actual list: acl localnet src 192.168.0.0 acl all src all acl localhost src 127.0.0.1 #access_log daemon:/var/log/squid/access.test.log squid http_port 192.168.0.1:3128 transparent cache_dir ufs /daten/squid 10 16 256 range_offset_limit 100 MB windowsupdate maximum_object_size 6000 MB quick_abort_min -1 # Add one of these lines for each of the websites you want to cache. refresh_pattern -i microsoft.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 432000 reload-into-ims refresh_pattern -i windowsupdate.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 432000 reload-into-ims refresh_pattern -i windows.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 432000 reload-into-ims #kaspersky update refresh_pattern -i geo.kaspersky.com/.*\.(cab|dif|pack|q6v|2fv|49j|tvi|ez5|1nj|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 432000 reload-into-ims #nvidia updates refresh_pattern -i download.nvidia.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 432000 reload-into-ims #java updates refresh_pattern -i sdlc-esd.sun.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 432000 reload-into-ims # DONT MODIFY THESE LINES refresh_pattern \^ftp: 144020% 10080 refresh_pattern \^gopher:14400% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern . 0 20% 4320 #kaspersky update acl kaspersky dstdomain geo.kaspersky.com acl windowsupdate dstdomain windowsupdate.microsoft.com acl windowsupdate dstdomain .update.microsoft.com acl windowsupdate dstdomain download.windowsupdate.com acl windowsupdate dstdomain redir.metaservices.microsoft.com acl windowsupdate dstdomain images.metaservices.microsoft.com acl windowsupdate dstdomain c.microsoft.com acl windowsupdate dstdomain www.download.windowsupdate.com acl windowsupdate dstdomain wustat.windows.com acl windowsupdate dstdomain crl.microsoft.com acl windowsupdate dstdomain sls.microsoft.com acl windowsupdate dstdomain productactivation.one.microsoft.com acl windowsupdate dstdomain ntservicepack.microsoft.com acl CONNECT method CONNECT acl wuCONNECT dstdomain www.update.microsoft.com acl wuCONNECT dstdomain sls.microsoft.com http_access allow kaspersky localnet http_access allow CONNECT wuCONNECT localnet http_access allow windowsupdate localnet #test http_access allow localnet http_access allow all http_access allow localhost -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/ONLY-Cache-certain-Websites-tp4667121p4667157.html Sent from the Squid - Users mailing list archive at Nabble.com.
[squid-users] Re: ONLY Cache certain Websites.
Thanks, but its not possible to make a list of all possible websites which i could visit but i dont want to cache xD. Is there no way to direct ALL websites direct EXCEPT only some websites? -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/ONLY-Cache-certain-Websites-tp4667121p4667140.html Sent from the Squid - Users mailing list archive at Nabble.com.
[squid-users] Re: ONLY Cache certain Websites.
Hello, you are right. I dont mean redirect like 301. I mean, squid should not touch the website or connection and just send it direct to the website, except some websites which i want to cache. How to archive this? -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/ONLY-Cache-certain-Websites-tp4667121p4667134.html Sent from the Squid - Users mailing list archive at Nabble.com.
[squid-users] Re: ONLY Cache certain Websites.
always_direct allow all and then my other code, or i need to add it before? -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/ONLY-Cache-certain-Websites-tp4667121p4667136.html Sent from the Squid - Users mailing list archive at Nabble.com.
[squid-users] Re: ONLY Cache certain Websites.
Seems like acl all src all fixed it. Thanks! One problem is left. Is it possible to only cache certain websites, the rest should just redirectet? -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/ONLY-Cache-certain-Websites-tp4667121p4667127.html Sent from the Squid - Users mailing list archive at Nabble.com.
[squid-users] Re: ONLY Cache certain Websites.
im not able to fix it. Normal websites work. But i cant get it to cache (or even allow access to Windows Update or Kaspersky). Whats i am doin wrong? 2014/08/02 17:05:35| The request GET http://dnl-16.geo.kaspersky.com/updaters/updater.xml is DENIED, because it matched 'localhost' 2014/08/02 17:05:35| The reply for GET http://dnl-16.geo.kaspersky.com/updaters/updater.xml is ALLOWED, because it matched 'localhost' 2014/08/02 17:06:32| The request CONNECT 62.128.100.41:443 is DENIED, because it matched 'localhost' 2014/08/02 17:06:32| The reply for CONNECT 62.128.100.41:443 is ALLOWED, because it matched 'localhost' 014/08/02 17:07:07| The request CONNECT sls.update.microsoft.com:443 is DENIED, because it matched 'localhost' 2014/08/02 17:07:07| The reply for CONNECT sls.update.microsoft.com:443 is ALLOWED, because it matched 'localhost' my config atm: debug_options ALL,1 33,2 acl localnet src 192.168.0.0 acl all src 0.0.0.0 acl localhost src 127.0.0.1 access_log daemon:/var/log/squid/access.test.log squid http_port 192.168.0.1:3128 transparent cache_dir ufs /daten/squid 10 16 256 range_offset_limit 100 MB windowsupdate maximum_object_size 6000 MB quick_abort_min -1 # Add one of these lines for each of the websites you want to cache. refresh_pattern -i microsoft.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 432000 reload-into-ims refresh_pattern -i windowsupdate.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 432000 reload-into-ims refresh_pattern -i windows.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 432000 reload-into-ims refresh_pattern -i geo.kaspersky.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 432000 reload-into-ims # DONT MODIFY THESE LINES refresh_pattern \^ftp: 144020% 10080 refresh_pattern \^gopher:14400% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern . 0 20% 4320 acl kaspersky dstdomain .kaspersky.com acl windowsupdate dstdomain windowsupdate.microsoft.com acl windowsupdate dstdomain .update.microsoft.com acl windowsupdate dstdomain download.windowsupdate.com acl windowsupdate dstdomain redir.metaservices.microsoft.com acl windowsupdate dstdomain images.metaservices.microsoft.com acl windowsupdate dstdomain c.microsoft.com acl windowsupdate dstdomain www.download.windowsupdate.com acl windowsupdate dstdomain wustat.windows.com acl windowsupdate dstdomain crl.microsoft.com acl windowsupdate dstdomain sls.microsoft.com acl windowsupdate dstdomain productactivation.one.microsoft.com acl windowsupdate dstdomain ntservicepack.microsoft.com acl CONNECT method CONNECT acl wuCONNECT dstdomain www.update.microsoft.com acl wuCONNECT dstdomain sls.microsoft.com http_access allow kaspersky localnet http_access allow CONNECT wuCONNECT localnet http_access allow windowsupdate localnet http_access allow localnet http_access allow localhost -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/ONLY-Cache-certain-Websites-tp4667121p4667123.html Sent from the Squid - Users mailing list archive at Nabble.com.