[squid-users] peek and splice content inspection question

Amos Jeffries squid3 at treenet.co.nz
Sun Aug 23 11:39:09 UTC 2015

On 23/08/2015 10:36 p.m., wmunny william wrote:
>>> Sorry to jump on a late thread - it is also possible to use ICAP/eCAP server to filter the actual contents of the stream.
>>> C-ICAP comes to mind first, then eCap samples from http://www.e-cap.org/Downloads
>> And the *CAP services is a better solution than either URL-rewriting or
>> chaining proxies. Since the HTTPS only gets MITM'd once, not twice or more.
>> Amos
>> _______________________________________________
> Hello All,
> I know DansGuardian, e2guardian, squidguard but no free solution with ICAP
> Do you have an advice for this ?
> Maybe there are some "hubs", Squid > icap > DansGuardian ?

Looking for one single thing that does everything DG or e2guardian do,
or wraps them completely is the wrong approach. They are almost
full-blown proxies like Squid.

The *CAP design is to leave all the transfer proxying and caching duties
to software like Squid and only perform the actual content adaptation
policies in the service/module.

You need to look at what DG is doing for you now and how much of that is
available from squid.conf capabilities. Most of it usually is. Only the
remaining "fiddling with payloads" bit actually needs a third-party service.

GreasySpoon or qlproxy seems to be the high profile ones. c-icap and
Traffic Spicer seem to offer frameworks rather than pre-made filters

The interfaces GreasySpoon or qlproxy describe say easily scriptable to
do filtering. Though filtering is a huge topic, so "easily" is up for

And fiddling around with your customers content is very site-specific
about what can or can't be done. Thus the frameworks and script engines
being most high profile.


More information about the squid-users mailing list