Hi!
Got the following "problem" with squid 3.2.7:
We got several ICAP services with request and response-modification, that rewrites the request URL and modifies the response (especially the URLS in the html)on the return path.
That means that a request: http://a.service.name/www.google.com/...
gets translated by the request_modification to: http://www.google.com/...
This then passes the proxy/cache and on the return path we translate the URLS inside the response (like /images/srpr/logo4w.png) back to http://a.service.name/www.google.com/images/srpr/logo4w.png.
This works with a simple config like this:
adaptation_access modify_request_a allow HTTP GETPOST
adaptation_access modify_response_a allow HTTP GETPOST
So far so good.
Now we got several such services running - each one running a separate squid instance.
We want to consolidate those into a single squid instance.
So now in preparation for this second service "b.service.name" with a separate icap handler (with a similar config), I have tried to limit the icap request/response via acls to a specific URL: everything that comes in to the destinationdomain "a.service.name":
acl hosts_allowed_a dstdomain a.service.name
adaptation_access modify_request_a allow HTTP GETPOST hosts_allowed_a
adaptation_access modify_response_a allow HTTP GETPOST hosts_allowed_a
Unfortunately this does not work for the response modification.
Only icap request modification takes place, but no response-modification!
It seems as if I need to use a different ACL for this to work, as dstdomain is now "www.google.com"and not "a.service.name" but I have not found anything that would be of help.
(I am also using adapted_http_access, so this might have an impact as well)
So, how can I achieve this goal?
Is there another acltype besides "dstdomain" to match on the unmodified dstdomain instead of the icap-request modified dstdomain?
As a workaround: do I need to set an additional header (via header_access/header_replace or similar) and trigger on this acl (acl ... req_header <headername>) instead of modify_response_a?
Other ideas?
Thanks,
Martin
This message and the information contained herein is proprietary and confidential and subject to the Amdocs policy statement,
you may review at http://www.amdocs.com/email_disclaimer.asp
Received on Thu Feb 28 2013 - 15:33:09 MST
This archive was generated by hypermail 2.2.0 : Fri Mar 01 2013 - 12:00:04 MST