On Tue, Jul 15, 2008 at 03:39:46AM +0900, Patson Luk wrote: > We are using SQUID 3.0 as a reverse proxy on our server and it > boosts the performance a lot! > > However, we have problems when some of the requests are coming in > as XML files. On several forums there are mentions that SQUID is > only HTTP 1.0 compliant hence those XML files comes in as chunked > code-encoding in HTTP1.1 would fail with error code 501 (Not > Implemented) > > I have tried SQUID 2.6 but we still get TCP_DENIED/501 in the > access.log > > There are several ways I can think of that might fix the > problem...but I dun quite know how to implement them :( (SQUID and > our server are on the same machine) > > 1. Make SQUID to ignore all the PUT/POST request ...but as far as > SQUID is trying to forward them...it fails I think you're probably correct in that squid can't deal with it properly, as HTTP/1.1 support is both very basic and experimental so far. As far as I can tell, the support in 2.6 is mostly a workaround to fix specific problems (servers returning chunked encoding in response to HTTP/1.0 requests), and not a general solution. I do somewhat wonder why the clients are sending HTTP/1.1 requests to a HTTP/1.0 server in the first place, but I'm not exactly sure how "negotiation" occurs since the client doesn't know the version of the server until after it has sent its request. > 2. Make SQUID to only catch/forward requests on certain domain > name. For example we have domain name a.com and b.com both runs > on the SAME IP, SAME machine...is it possible to configure SQUID > such that it only touches/forwards stuff that comes in as a.com > but b.com just does not get thru SQUID at all? I don't think this is possible, as you'd need to bypass squid at the network layer, before the client makes a connection to squid. At that point the only things you have to go on are the IP addresses and ports in the connection request -- the domain name being requested isn't known until the connection has been established and the HTTP request is sent. If possible, I'd try to get another IP address for the system as that would probably be the cleanest way to handle it, assuming you can force all the "bad" requests to go to a particular IP address. > 3. (least favorite) Put some stuff on top of SQUID (that can > forward to different PORT based on request type/domain name), etc. > if its a GET request, forward to PORT 83 (with caching) and PORT > 80 for other request types. A servlet can probably do it...but I > really dun want to :( This is probably what you'll need to do. If you're familiar with Apache it might be worth looking at mod_proxy; possibly it has better support for chunked encoding. Then again, it might not.