Search squid archive

Re: Squid, Symantec LiveUpdate, and HTTP 1.1 versus HTTP 1.0

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The story about Squid and HTTP 1.1 is long...

To get your LiveUpdate working ASAP you might want to
fiddle with the firewall rules and to NOT redirect
port 80 traffic of Symantec servers to Squid, but
simply let the traffic pass.

Nathan Eady wrote:
Okay, we've got port 80 traffic going transparently to a Squid proxy
here, and I need to make a small configuration change, and I can't
seem to find, either in the man pages nor on the web, the
documentation on how to do it.  It's probably one little line in
squid.conf, but I can't find it.

Here's the deal:
When I access a site (I tested with Google as well as our own offsite
web server) from a computer that is NOT behind the transparent squid
proxy, issuing an HTTP/1.1 request, I get the normal expected HTTP/1.1
response:

nathan@externalbox$ telnet www.galionlibrary.org 80
Trying 209.143.16.23...
Connected to galionlibrary.org.
Escape character is '^]'.
GET / HTTP/1.1
Host: www.galionlibrary.org

HTTP/1.1 200 OK
[snip the rest]

However, when I do the same thing from a system that IS behind the
proxy, I get an HTTP/1.0 response back:
nathan@donalbain:~$ telnet www.galionlibrary.org 80
Trying 209.143.16.23...
Connected to galionlibrary.org.
Escape character is '^]'.
GET / HTTP/1.1
Host: www.galionlibrary.org

HTTP/1.0 200 OK
[snip the rest]

Until recently I never even noticed this, but now Symantec LiveUpdate
is failing on all the systems behind the proxy.  I posted about that
on the Norton Community forum, umm, here:
http://community.norton.com/norton/board/message?board.id=nis_feedback&message.id=42361

The long and short of that thread is that recent updates to LU have
caused it to no longer support HTTP 1.0.  The LU servers are all HTTP
1.1, and now the client requires this.  Our setup is not the only
thing breaking as a result (apparently, the built-in "firewalls" on
some home routers also have problems with it), but now that I'm aware
Squid is doing this, it ought to be easy to make some small change in
the configuration and get it to return HTTP 1.1 responses, at least
when the server does -- right?

But I'm coming up blank on how.

One other note:  the version of Squid we have, for reasons that aren't
worth going into here, is I believe somewhat outdated (-v says
2.5.STABLE13).  But HTTP 1.1 is certifiably older than dirt, so I'd be
extremely amazed if the Squid that we have doesn't support it...
We're going to update it hopefully pretty soon, but getting LiveUpdate
working again is significantly more urgent (and, hopefully, easier;
updating Squid in our case  probably means a fresh OS install...)

So where and how do I configure what Squid does with HTTP versions?
Where is this documented?

TIA,

Nathan Eady
Technology Coordinator
Galion Public Library


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux