> On Tue, 2007-09-25 at 13:08 -0400, Richard Bishop wrote: > >> I would suggest that there should be an option to bypass particular >> services based on the results of earlier services - i.e. values of >> ICAP headers returned in the response. In the case of multiple >> chained virus scanners, this would mean that the presence of an >> X-Virus-Found after the first transaction (indicating the first >> scanner found a virus and rewrote the body), would then skip the other >> services since we then know this rewritten body to be clean. > > It would be difficult to support a flexible decision making in > squid.conf (we need a better configuration/scripting language for that), > but we can try to support a few typical scenarios. Specific squid.conf > designs to address this need are very welcome!
It occurs to me that a method superficially similar to that used for cache_peer could look nice here. - define icap_service with specific details, options +name on a single line - define icap_access <name> <acl ...> That way you would become independant of the number and config order of icap services. The ACL side would also allow a checklist of criteria to use-or-skip any given ICAP when its reached. > >> It is certainly pointless (and slow) to buffer data that could be >> piped straight into the next service and onto the client. > > In some cases, buffering request bodies is impossible because they are > too large to be buffered in RAM (e.g., large PUT requests). > > Alex. > Amos