Beavis wrote:
> hello list:
>
> I have a squid box version:
>
> Squid Cache: Version 2.6.STABLE16
> configure options: '--prefix=/var/squid' '--enable-snmp'
> '--enable-arp-acl' '--enable-htcp' '--enable-follow-x-forwarded-for'
> '--enable-ssl' '--disable-wccp' '--disable-wccpv2'
> '--with-openssl=/usr' '--enable-icmp' '--enable-useragent-log'
> '--enable-referer-log' '--enable-forward-log' '--with-large-files'
> '--enable-kill-parent-hack' '--enable-multicast-miss'
> '--enable-pthreads'
>
> I have squidGuard and AdZap in place as filters. the filters worked
> great, but I would like to allow video streaming through squid as
> well. I have tried putting the URL on a whitelist but without any
> luck. I haven't set up any blocking method on streaming but it seems
> to be doing it. below are my logs.
>
> 1201525684.377 222 172.20.0.253 TCP_CLIENT_REFRESH_MISS/304 313
> GET http://www.cie.purdue.edu/cie.css - DIRECT/128.210.63.40 -
> 1201525684.478 100 172.20.0.253 TCP_CLIENT_REFRESH_MISS/304 329
> GET http://www.cie.purdue.edu/images/logo_purdue3.gif -
> DIRECT/128.210.63.40 -
> 1201525684.511 1366 172.20.0.253 TCP_MISS/200 19230 GET
> http://www.cie.purdue.edu/media/index.cfm - DIRECT/128.210.63.40
> text/html
> 1201525684.581 102 172.20.0.253 TCP_CLIENT_REFRESH_MISS/304 330
> GET http://www.cie.purdue.edu/images/button_search.gif -
> DIRECT/128.210.63.40 -
> 1201525684.603 216 172.20.0.253 TCP_CLIENT_REFRESH_MISS/304 324
> GET http://www.cie.purdue.edu/images/logo_cie.gif -
> DIRECT/128.210.63.40 -
> 1201525684.606 215 172.20.0.253 TCP_CLIENT_REFRESH_MISS/304 322
> GET http://www.cie.purdue.edu/images/spacer.gif - DIRECT/128.210.63.40
> -
> 1201525684.716 135 172.20.0.253 TCP_CLIENT_REFRESH_MISS/304 328
> GET http://www.cie.purdue.edu/images/arrow_links.gif -
> DIRECT/128.210.63.40 -
> 1201525684.728 124 172.20.0.253 TCP_CLIENT_REFRESH_MISS/304 327
> GET http://www.cie.purdue.edu/images/header_dot.gif -
> DIRECT/128.210.63.40 -
> 1201525684.728 122 172.20.0.253 TCP_CLIENT_REFRESH_MISS/304 323
> GET http://www.cie.purdue.edu/images/Petrin.jpg - DIRECT/128.210.63.40
> -
> 1201525684.834 237 172.20.0.253 TCP_CLIENT_REFRESH_MISS/304 324
> GET http://www.cie.purdue.edu/images/bg_links.gif -
> DIRECT/128.210.63.40 -
> 1201525684.841 124 172.20.0.253 TCP_CLIENT_REFRESH_MISS/304 326
> GET http://www.cie.purdue.edu/images/wmp_small.gif -
> DIRECT/128.210.63.40 -
> 1201525684.842 113 172.20.0.253 TCP_CLIENT_REFRESH_MISS/304 323
> GET http://www.cie.purdue.edu/images/Bodner.jpg - DIRECT/128.210.63.40
> -
> 1201525687.047 242 172.20.0.253 TCP_MISS/200 7351 GET
> http://edge1.catalog.video.msn.com/videoByTag.aspx? -
> DIRECT/204.245.162.18 text/xml
> 1201525690.545 159 172.20.0.253 TCP_MISS/200 221 POST
> http://mail.google.com/mail/channel/bind? - DIRECT/66.249.83.83
> text/html
> 1201525693.612 4 172.20.0.253 TCP_IMS_HIT/304 249 GET
> http://www.cie.purdue.edu/images/close.gif - NONE/- image/gif
> 1201525693.614 1 172.20.0.253 TCP_IMS_HIT/304 248 GET
> http://www.cie.purdue.edu/images/spacer.gif - NONE/- image/gif
> 1201525693.618 4 172.20.0.253 TCP_IMS_HIT/304 249 GET
> http://www.cie.purdue.edu/images/helpful_links.gif - NONE/- image/gif
> 1201525693.692 446 172.20.0.253 TCP_MISS/200 6953 GET
> http://www.cie.purdue.edu/media/play.cfm? - DIRECT/128.210.63.40
> text/html
> 1201525693.821 128 172.20.0.253 TCP_IMS_HIT/304 249 GET
> http://www.cie.purdue.edu/images/close_f2.gif - NONE/- image/gif
> 1201525693.822 0 172.20.0.253 TCP_IMS_HIT/304 249 GET
> http://www.cie.purdue.edu/images/close_f4.gif - NONE/- image/gif
> 1201525693.824 1 172.20.0.253 TCP_IMS_HIT/304 249 GET
> http://www.cie.purdue.edu/images/close_f3.gif - NONE/- image/gif
> 1201525694.469 192 172.20.0.253 TCP_MISS/200 529 GET
> http://video.dis.purdue.edu/CIE/Petrin.wmv - DIRECT/128.210.13.134
> video/x-ms-wvx
> 1201525694.666 189 172.20.0.253 TCP_MISS/200 534 GET
> http://video.dis.purdue.edu/CIE/Petrin.wmv - DIRECT/128.210.13.134
> video/x-ms-wvx
>
> is there any other setting I may need to put into my squid.conf
> directly in order to allow streaming? or does it do it by
> default(which if it does by default for some weird reason it's not
> working on mine).
The defaults for 2.6 are wowking properly in yours (preventing dynamic
pages ever caching)
You will need to update your cache policy a little.
KILL any of these in your squid.conf:
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
no_cache deny QUERY
UPDATE the default refresh_patterns:
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern cgi-bin 0 0% 0
refresh_pattern \? 0 0% 0
refresh_pattern . 0 20% 4320
This will allow any dynamic pages that contain proper cache-controls to
follow those settings. Dynamic pages without will continue to non-cache.
Have a look at your logs with the setting updates and decide which
domains you will need to handle specially.
Amos
-- Please use Squid 2.6STABLE17+ or 3.0STABLE1+ There are serious security advisories out on all earlier releases.Received on Mon Jan 28 2008 - 18:22:05 MST
This archive was generated by hypermail pre-2.1.9 : Fri Feb 01 2008 - 12:00:05 MST