OK. Here's the relevant section in my squid config in case you need it: ===[cut]=== # vcache peer setup cache_peer 127.0.0.1 parent 8088 9999 proxy-only no-digest name=vcache acl vcache url_regex -i "/z/vcache/etc/squid3/vcache.acl" cache_peer_access vcache allow vcache cache_peer_access vcache deny all # externel routing helper external_acl_type router children-max=20 children-startup=1 children-idle=1 concurrency=10000 %METHOD %URI %PROTO /z/vcache/bin/router.js # returns either: # <channel> ERR # <channel> OK tag=peer-miss # <channel> OK tag=peer-hit # force direct in case of ERR acl 2peer external router always_direct allow !2peer # TOS marking based on routing helper response. Checking for the effect with: tcpdump -i eth0 -v -n ip and ip[1]=0x10 acl peering tag peer-hit # doesn't work with this acl in Squid 3.3.8 #acl peering src 10.211.55.2 # TOS marking works as expected with this acl clientside_tos 0x10 peering clientside_tos 0x00 !peering ===[cut]=== Hope this helps! Niki On Fri, Sep 6, 2013 at 10:10 AM, Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote: > On 6/09/2013 11:56 a.m., Nikolai Gorchilov wrote: >> >> Sorry for the late reply. Was traveling in the last two days. >> >> On Wed, Sep 4, 2013 at 10:05 AM, Amos Jeffries <squid3@xxxxxxxxxxxxx> >> wrote: >> >>> I would use an external_acl_type helper to do the calculation about >>> whether a request was to be cached and set a tag=value on the transaction. >>> The tag type ACL can then test for this tag and do a "cache deny". Since you >>> have all traffic >>> >>> Something like this: >>> >>> external_acl_type tagger ttl=0 %URL ... (helper returns "OK >>> tag=first-seen" or just "OK"). >>> acl firstSeen external tagger >>> acl taggedFirst tag first-seen >>> http_accesss deny firstSeen !all >>> cache deny !taggedFirst >> >> Yeah. Did something like this, works like a charm. >> >> Even tried to remove all ICP as it is used only for marking via >> qos_flows parent. The helper mostly replicates the logic behind our >> custom ICP listener and returning tag=parent-hit was a no brainer. >> Unfortunately I have discovered that clientside_tos doesn't support >> slow acls like tag. I believe this fact has to be mentioned somewhere >> at http://www.squid-cache.org/Doc/config/clientside_tos/. Will stick >> to ICP HIT/MISS & quos_flows for DSP marking for now, while observing >> ZPH kernel patch as an alternative. > > > 'tag' is a fast-ACL check against the transactions existing tag. I recoomend > it a lot to prevent mistakes using external_acl_type tests in fast ACL > checks. Perhapse you have found a bug in the clientside_tos - checking > that now. > > >> Thanks Amos. For all the efforts keeping the squid development going >> and it's community alive :) > > > Welcome > > Amos
