On Sun, 17 Apr 2011 13:17:29 -0600, Trever L. Adams wrote:
On 01/-10/-28163 12:59 PM, Amos Jeffries wrote:
On 15/04/11 20:46, Trever L. Adams wrote:
I am using squid 3.1.10. I have a virus scanner and a content
classifier
(to build content filter with Squid ACLs). The virus scanner has
several
modes. One scans transparently and passes on data in chunks. I have
this
working for various update sites, etc.
However, I need to run streaming media through this. So I have acls
like
this:
acl StreamMime rep_mime_type -i ^video/
acl StreamMime rep_mime_type -i ^audio/
adaptation_access updatesChain allow StreamMime
These would be the sites using flash multimedia. Which are neither
video/* nor audio/* media.
Try with:
acl MediaMime rep_mime_type -i audio|video|flv|flash
Yes, I had flash covered in another rule, I forgot to paste it.
Sorry.
Should be working. But its not easy to tell what is going wrong
without the rest of the configuration context. Specifically
everything
about "updatesChain".
Amos
adaptation_service_chain standardChain svcClassify svcVirusScan
adaptation_service_chain updatesChain svcClassify svcVirusScanUpdates
And these are tested for RESPMOD services right?
I was suspecting you hit the bug about RESPMOD not being passed the
request details correctly. The SoftwareUpdateAgent and
SoftwareUpdateDomain would always be failed-match with that bug and thus
inverted to be "true" in standardChain.
adaptation_access standardChain allow !SoftwareUpdateAgent
!SoftwareUpdateDomain !SoftwareUpdateMime !StreamMime
adaptation_access standardChain deny all
adaptation_access updatesChain allow SoftwareUpdateAgent
adaptation_access updatesChain allow SoftwareUpdateDomain
adaptation_access updatesChain allow SoftwareUpdateMime
adaptation_access updatesChain allow StreamMime
adaptation_access updatesChain deny all
These are c_icap modules. svcClassify is one I have written but
haven't
upstreamed yet. (Still trying to get a good base trained set for
people
to use.) It is currently set to only process images (flash, video,
etc.
is ignored with 204).
The virus modules are the same, one is in a virulator mode (where
anything over a certain size isn't directly downloaded). The other
(updatesChain) is in a simple mode which should work well for
streaming.
My entire StreamMime:
acl StreamMime rep_mime_type -i ^video/
acl StreamMime rep_mime_type -i ^audio/
acl StreamMime rep_mime_type -i ^application/octet-stream$
acl StreamMime rep_mime_type -i application/octet-stream
acl StreamMime rep_mime_type -i ^application/x-mplayer2$
acl StreamMime rep_mime_type -i application/x-mplayer2
acl StreamMime rep_mime_type -i ^application/x-oleobject$
acl StreamMime rep_mime_type -i application/x-oleobject
acl StreamMime rep_mime_type -i application/x-pncmd
acl StreamMime rep_mime_type -i ^application/x-shockwave-flash$
acl StreamMime rep_mime_type -i audio|video|flv|flash
Lot of overlap there. It will reduce down to this:
acl StreamMime rep_mime_type -i
application/(octet-stream|x-mplayer2|x-oleobject|x-pncmd)
acl StreamMime rep_mime_type -i audio|video|flv|flash
SoftwareUpdate* is too big to post here. It works except (even mime
types) which I cannot explain.
Thank you,
Trever
Amos
