I'm trying to run squid alongside apt-proxy. To keep things cleaner, I'm trying to keep squid from caching apt-proxy requests, or basic Ubuntu repositories. I added this code to my squid.conf file: acl ubuntu_repo dstdomain archive.ubuntu.com archive.canonical.com security.ubuntu.com ke.archive.ubuntu.com cache deny ubuntu_repo but I'm still getting TCP hits on those domains: root@kimende-s:~# tail -F /var/log/squid/access.log | grep "TCP_HIT" 1265098628.591 26 10.42.43.13 TCP_HIT/200 93875 GET http://ke.archive.ubuntu.com/ubuntu/pool/main/g/grub2/grub-common_1.96+20080724-12ubuntu2_i386.deb - NONE/- application/dpkg 1265098628.600 8 10.42.43.13 TCP_HIT/200 16494 GET http://ke.archive.ubuntu.com/ubuntu/pool/main/g/grub/grub_0.97-29ubuntu53_i386.deb - NONE/- application/dpkg 1265098628.665 63 10.42.43.13 TCP_HIT/200 404514 GET http://ke.archive.ubuntu.com/ubuntu/pool/main/g/grub/grub_0.97-29ubuntu53_i386.deb - NONE/- application/dpkg 1265098750.278 392 10.42.43.11 TCP_HIT/206 315 GET http://security.ubuntu.com/ubuntu/dists/jaunty-security/main/source/Sources.bz2 - NONE/- text/plain 1265098750.278 394 10.42.43.11 TCP_HIT/206 315 GET http://security.ubuntu.com/ubuntu/dists/jaunty-security/main/source/Sources.bz2 - NONE/- text/plain 1265098750.279 1 10.42.43.11 TCP_HIT/206 0 GET http://security.ubuntu.com/ubuntu/dists/jaunty-security/restricted/source/Sources.bz2 - NONE/- text/plain Is this normal? It seems like it's still caching.... Attached is my squid.conf file.
authenticate_ip_ttl 2 hours acl manager proto cache_object acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8 acl localnet src 10.42.43.0/255.255.255.0 # RFC1918 possible internal network acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT acl PURGE method PURGE http_access allow manager localhost http_access deny manager all http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localhost PURGE http_access deny PURGE all http_access deny to_localhost http_access allow localnet http_access allow localhost http_access deny all http_reply_access allow localnet http_reply_access allow localhost http_reply_access deny all icp_access allow localnet icp_access allow localhost icp_access deny all htcp_access allow localnet htcp_access allow localhost htcp_access deny all http_port 3128 transparent http_port 80 hierarchy_stoplist cgi-bin ? maximum_object_size_in_memory 16 KB memory_replacement_policy heap GDSF cache_replacement_policy heap LFUDA cache_dir ufs /var/spool/squid3 20000 16 256 maximum_object_size 32768 KB access_log /var/log/squid3/access.log squid ftp_user admin@xxxxxxxxxxxxxx url_rewrite_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf url_rewrite_children 3 url_rewrite_bypass off acl ubuntu_repo dstdomain archive.ubuntu.com archive.canonical.com security.ubuntu.com ke.archive.ubuntu.com cache deny ubuntu_repo cache allow all cache_mgr admin@xxxxxxxxxxxxxx mail_from noreply@xxxxxxxxxxxxxx icp_port 3130 refresh_all_ims on coredump_dir /var/spool/squid3
