Hello,
I'm testing different proxies with ESI, so far I have gotten Varnish [
http://www.varnish-cache.org/ ] to process simple edge side includes. But I'm
having trouble getting squid to work: ESI processing fails. I would appreciate
any help.
I have two hosts; one with squid3 (esilinuxtst01 10.101.143.70):
Squid Cache: Version 3.1.6
configure options: '--build=x86_64-linux-gnu' '--prefix=/usr'
'--includedir=${prefix}/include' '--mandir=${prefix}/share/man'
'--infodir=${prefix}/share/info' '--sysconfdir=/etc' '--localstatedir=/var'
'--libexecdir=${prefix}/lib/squid3' '--disable-maintainer-mode'
'--disable-dependency-tracking' '--disable-silent-rules' '--srcdir=.'
'--datadir=/usr/share/squid3' '--sysconfdir=/etc/squid3'
'--mandir=/usr/share/man' '--with-cppunit-basedir=/usr' '--enable-inline'
'--enable-async-io=8' '--enable-storeio=ufs,aufs,diskd'
'--enable-removal-policies=lru,heap' '--enable-delay-pools'
'--enable-cache-digests' '--enable-underscores' '--enable-icap-client'
'--enable-follow-x-forwarded-for' '--enable-auth=basic,digest,ntlm,negotiate'
'--enable-basic-auth-helpers=LDAP,MSNT,NCSA,PAM,SASL,SMB,YP,DB,POP3,getpwnam,squid_radius_auth,multi-domain-NTLM'
'--enable-ntlm-auth-helpers=smb_lm,'
'--enable-digest-auth-helpers=ldap,password'
'--enable-negotiate-auth-helpers=squid_kerb_auth'
'--enable-external-acl-helpers=ip_user,ldap_group,session,unix_group,wbinfo_group'
'--enable-arp-acl' '--enable-esi' '--disable-translation'
'--with-logdir=/var/log/squid3' '--with-pidfile=/var/run/squid3.pid'
'--with-filedescriptors=65536' '--with-large-files' '--with-default-user=proxy'
'--enable-linux-netfilter' 'build_alias=x86_64-linux-gnu' 'CFLAGS=-g -O2 -g
-Wall -O2' 'LDFLAGS=-Wl,-Bsymbolic-functions' 'CPPFLAGS=' 'CXXFLAGS=-g -O2 -g
-Wall -O2' --with-squid=/build/buildd/squid3-3.1.6
Test configuration /etc/squid3/squid.conf:
acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localnet
http_access allow localhost
http_access deny all
http_port 8080 accel defaultsite=esiwintst01
cache_peer 10.101.143.71 parent 80 0 no-query originserver name=myAccel
acl our_sites dstdomain esiwintst01 esiwintst01.net.dr.dk
cache_peer_access myAccel allow our_sites
cache_peer_access myAccel deny all
debug_options ALL,3
coredump_dir /var/spool/squid3
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
And a webserver on the other (esiwintst01 10.101.143.71). Configured to add the
response header Surrogate-Control: content="ESI/1.0"
Test content:
<!DOCTYPE html>
</script>
<html lang="da">
<head>
<title>Hello World</title>
</head>
<body>
Hello:
<ul>
<li>1 </li>
<esi:remove><li>2</li></esi:remove>
<li>3 </li>
<li>
<esi:include src="/EsiTest/4.txt" />
</li>
</ul>
</body>
</html>
--
--------------------------------------------------------------------------------------------
Bo Bendtsen
It-Konsulent, DR TU Online
DR
DR Byen
DK-0999 København C
www.dr.dk
--------------------------------------------------------------------------------------------
