I learned something today, but if you have no interest in Secure Computing's Sidewinder G2 firewall, you probably want to stop reading now. While the WebProxy service in Sidewinder is based on Squid 2.4.STABLE6, the actual caching functionality is *very* limited, and even though the firewall has a 'cf' command to enable ICP, the service cannot reply to ICP queries. On the firewall, the cache.log file will show errors transmitting the UDP reply packet, like this: comm_udp_sendto: FD 18, 192.168.42.7, port 34467: (1) Operation not permitted I should have known, this limitation is documented in the man pages: $ man squid . . . At this time Sidewinder does not support any of squid's hierarchical caching capability. . . . SIDEWINDER November 14, 2003 1 $ uname -a SecureOS . . . 6.1.0.05 SW_OPS Fri Nov 12 14:19:42 CST 2004 i386 $ exit I realize that the Squid community cannot support the Sidewinder firewall, and that Secure Computing cannot support Squid. I just thought it'd be useful to mention this limitation so the next person attempting this doesn't have to waste as much time as I did in trying (and failing) to get ICP working. Kevin Kadow (P.S. No support for Cache Digests either. When they say the proxy "does not support" features needed for cache hierarchy, they really mean it.)
