Re: [squid-users] Cache url's with "?" question marks

From: Amos Jeffries <squid3@dont-contact.us>
Date: Sat, 01 Mar 2008 22:10:14 +1300

Adrian Chadd wrote:
> G'day,
>
> Just remove the QUERY ACL and the cache ACL line using "QUERY" in it.
> Then turn on header logging (log_mime_hdrs on) and see if the replies
> to the dynamically generated content is actually giving caching info.
>
>
>
> Adrian

http://wiki.squid-cache.org/ConfigExamples/DynamicContent

Amos

>
> On Fri, Feb 29, 2008, Saul Waizer wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Hello List,
>>
>> I am having problems trying to cache images*/content that comes from a
>> URL containing a question mark on it ('?')
>>
>> Background:
>> I am running squid Version 2.6.STABLE17 on FreeBSD 6.2 as a reverse
>> proxy to accelerate content hosted in America served in Europe.
>>
>> The content comes from an application that uses TOMCAT so a URL
>> requesting dynamic content would look similar to this:
>>
>> http://domain.com/storage/storage?fileName=/.domain.com-1/usr/14348/image/thumbnail/th_8837728e67eb9cce6fa074df7619cd0d193_1_.jpg
>>
>> The result of such request always results on a MISS with a log similar
>> to this:
>>
>> TCP_MISS/200 8728 GET http://domain.com/storage/storage? -
>> FIRST_UP_PARENT/server_1 image/jpg
>>
>> I've added this to my config: acl QUERY urlpath_regex cgi-bin as you can
>> see bellow but it makes no difference and I tried adding this:
>> acl QUERY urlpath_regex cgi-bin \? and for some reason ALL requests
>> result in a MISS.
>>
>> Any help is greatly appreciated.
>>
>> My squid config looks like this: (obviously real ip's were changed)
>>
>> ################# STANDARD ACL'S ###############################
>> acl all src 0.0.0.0/0.0.0.0
>> acl manager proto cache_object
>> acl localhost src 127.0.0.1/255.255.255.255
>> acl to_localhost dst 127.0.0.0/8
>> ################# REVERSE CONFIG FOR SITE #####
>> http_port 80 accel vhost
>> cache_peer 1.1.1.1 parent 80 0 no-query originserver name=server_1
>> acl sites_server_1 dstdomain domain.com
>> ################# REVERSE ACL'S FOR OUR DOMAINS ##############
>> acl ourdomain0 dstdomain www.domain.com
>> acl ourdomain1 dstdomain domain.com
>> http_access allow ourdomain0
>> http_access allow ourdomain1
>> http_access deny all
>> icp_access allow all
>> ################ HEADER CONTROL ###############
>> visible_hostname cacheA.domain.com
>> cache_effective_user nobody
>> forwarded_for on
>> follow_x_forwarded_for allow all
>> header_access All allow all
>> ############### SNMP CONTROL ###############
>> snmp_port 161
>> acl snmppublic snmp_community public1
>> snmp_access allow all
>> ############## CACHE CONTROL ################
>> access_log /usr/local/squid/var/logs/access.log squid
>> acl QUERY urlpath_regex cgi-bin
>> cache_mem 1280 MB
>> cache_swap_low 95
>> cache_swap_high 98
>> maximum_object_size 6144 KB
>> minimum_object_size 1 KB
>> maximum_object_size_in_memory 4096 KB
>> cache_dir ufs /storage/ram_dir1 128 16 256
>> cache_dir ufs /storage/cache_dir1 5120 16 256
>> cache_dir ufs /storage/cache_dir2 5120 16 256
>> cache_dir ufs /storage/cache_dir3 5120 16 256
>>
>> Also here is the result of a custom script I made to parse the
>> access.log that will sort and display the top 22 responses so I can
>> compare them with cacti, I am trying to increase the Hit ratio but so
>> far is extremely low.
>>
>> 1 571121 69.3643% TCP_MISS/200
>> 2 98432 11.9549% TCP_HIT/200
>> 3 51590 6.26576% TCP_MEM_HIT/200
>> 4 47009 5.70938% TCP_MISS/304
>> 5 17757 2.15664% TCP_IMS_HIT/304
>> 6 11982 1.45525% TCP_REFRESH_HIT/200
>> 7 11801 1.43327% TCP_MISS/404
>> 8 6810 0.827095% TCP_MISS/500
>> 9 2508 0.304604% TCP_MISS/000
>> 10 1323 0.160682% TCP_MISS/301
>> 11 1151 0.139792% TCP_MISS/403
>> 12 1051 0.127647% TCP_REFRESH_HIT/304
>> 13 430 0.0522248% TCP_REFRESH_MISS/200
>> 14 127 0.0154245% TCP_CLIENT_REFRESH_MISS/200
>> 15 83 0.0100806% TCP_MISS/401
>> 16 81 0.00983769% TCP_CLIENT_REFRESH_MISS/304
>> 17 35 0.00425085% TCP_MISS/503
>> 18 20 0.00242906% TCP_DENIED/400
>> 19 19 0.00230761% TCP_HIT/000
>> 20 19 0.00230761% TCP_DENIED/403
>> 21 14 0.00170034% TCP_SWAPFAIL_MISS/200
>> 22 1 0.000121453% TCP_SWAPFAIL_MISS/30
>>
>> Thanks!
>>
>>
>>
>>
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v1.4.6 (GNU/Linux)
>> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>>
>> iD8DBQFHyHfrAcr37anguZsRAtktAKCKlqDTxrtmLLpfEK+cq92OOS0JwQCeIuiG
>> 59G9YtNTZXD5JIExywCYprI=
>> =1Uls
>> -----END PGP SIGNATURE-----
>

-- 
Please use Squid 2.6STABLE17+ or 3.0STABLE1+
There are serious security advisories out on all earlier releases.
Received on Sat Mar 01 2008 - 02:09:49 MST

This archive was generated by hypermail pre-2.1.9 : Tue Apr 01 2008 - 13:00:04 MDT