Search squid archive

Re: Re: ONLY Cache certain Websites.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 3/08/2014 3:07 a.m., nuhll wrote:
> im not able to fix it.
> 
> Normal websites work. But i cant get it to cache (or even allow access to
> Windows Update or Kaspersky).
> 
> Whats i am doin wrong?
> 
> 2014/08/02 17:05:35| The request GET
> http://dnl-16.geo.kaspersky.com/updaters/updater.xml is DENIED, because it
> matched 'localhost'
> 2014/08/02 17:05:35| The reply for GET
> http://dnl-16.geo.kaspersky.com/updaters/updater.xml is ALLOWED, because it
> matched 'localhost'
> 
> 
> 2014/08/02 17:06:32| The request CONNECT 62.128.100.41:443 is DENIED,
> because it matched 'localhost'
> 2014/08/02 17:06:32| The reply for CONNECT 62.128.100.41:443 is ALLOWED,
> because it matched 'localhost'
> 
> 
> 014/08/02 17:07:07| The request CONNECT sls.update.microsoft.com:443 is
> DENIED, because it matched 'localhost'
> 2014/08/02 17:07:07| The reply for CONNECT sls.update.microsoft.com:443 is
> ALLOWED, because it matched 'localhost'
> 

So what access.log linesmatch these transactions?

> 
> my config atm:
> debug_options ALL,1 33,2
> acl localnet src 192.168.0.0
> acl all src 0.0.0.0

1) you are defining the entire Internet to be a single IP address
"0.0.0.0" ... which is invalid.

This should be:
   acl all src all

> acl localhost src 127.0.0.1
> 
> access_log daemon:/var/log/squid/access.test.log squid
> 
> http_port 192.168.0.1:3128 transparent
> 
> cache_dir ufs /daten/squid 100000 16 256
> 
> range_offset_limit 100 MB windowsupdate
> maximum_object_size 6000 MB
> quick_abort_min -1
> 
> 
> # Add one of these lines for each of the websites you want to cache.
> 
> refresh_pattern -i
> microsoft.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 432000
> reload-into-ims
> 
> refresh_pattern -i
> windowsupdate.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80%
> 432000 reload-into-ims
> 
> refresh_pattern -i
> windows.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 432000
> reload-into-ims
> 
> refresh_pattern -i
> geo.kaspersky.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80%
> 432000 reload-into-ims
> 
> # DONT MODIFY THESE LINES
> refresh_pattern \^ftp:           1440    20%     10080
> refresh_pattern \^gopher:        1440    0%      1440
> refresh_pattern -i (/cgi-bin/|\?) 0     0%      0
> refresh_pattern .               0       20%     4320
> 
> acl kaspersky dstdomain .kaspersky.com
> acl windowsupdate dstdomain windowsupdate.microsoft.com
> acl windowsupdate dstdomain .update.microsoft.com
> acl windowsupdate dstdomain download.windowsupdate.com
> acl windowsupdate dstdomain redir.metaservices.microsoft.com
> acl windowsupdate dstdomain images.metaservices.microsoft.com
> acl windowsupdate dstdomain c.microsoft.com
> acl windowsupdate dstdomain www.download.windowsupdate.com
> acl windowsupdate dstdomain wustat.windows.com
> acl windowsupdate dstdomain crl.microsoft.com
> acl windowsupdate dstdomain sls.microsoft.com
> acl windowsupdate dstdomain productactivation.one.microsoft.com
> acl windowsupdate dstdomain ntservicepack.microsoft.com
> 
> acl CONNECT method CONNECT
> acl wuCONNECT dstdomain www.update.microsoft.com
> acl wuCONNECT dstdomain sls.microsoft.com
> 
> http_access allow kaspersky localnet
> http_access allow CONNECT wuCONNECT localnet
> http_access allow windowsupdate localnet
> 
> http_access allow localnet
> http_access allow localhost
> 

The above rule set is equivalent to:
 http_access allow localhost
 http_access deny !localnet
 http_access allow all

Amos





[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux