[squid-users] delay_pools from 3.1 to 3.4, media content

Amos Jeffries squid3 at treenet.co.nz
Thu Dec 10 11:02:46 UTC 2015 

On 10/12/2015 11:21 p.m., Massimo.Sala at asl.bergamo.it wrote:
> Massimo :
>>> acl acl_flussi_media rep_mime_type -i ^audio/
>>> acl acl_flussi_media rep_mime_type -i ^video/
> 
>>> 2015/12/03 12:38:45 kid1| WARNING: acl_flussi_media ACL is used in 
>>> context without an HTTP response. Assuming mismatch.
> 
> 
> 
> Amos :
>> It means that *reply* header do not work when using *request* to decide
>> what delay pool the transaction will use.
> 
>> It has never worked. The older Squid just did not tell you about the
>> config problem.
> 
>> If you want traffic to be re-assigned to pools when the reply happens
>> you need to upgrade to at least the Squid-4.0.3 (beta) release.
> 
> 
> 
> Amos, many thanks for your answer.
> 
> 
> An example of ACLs to catch media content, e.g. :
> 
>         acl acl_sites_media dstdomain .ask.fm .facebook.com .fbcdn.net 
> .googlevideo.com .youtube.com
>         acl acl_types_media urlpath_regex -i \.asf$ \.avi$ \.flv$ \.mkv$ 
> \.mov$ \.mp3$ \.mp4$ \.mpeg$ \.mpg$ \.qt$ \.swf$ \.vob$ \.wmv$
> 

Both of those match against parts of the request message URL. Which is
fine for delay_access.

Be aware that neither of those matches the real content type.

Your config used to have a rep_mime_type ACL trying to check reply
header value. Which is the correct way to match mime / content type. It
just happens to be data only available after the reply has started
happening.

  acl acl_flussi_media rep_mime_type -i ^audio/
  acl acl_flussi_media rep_mime_type -i ^video/


> 
> 1) To apply the two ACLs to the same pool, which is the correct syntax ?
> 
>         delay_access 1 allow acl_sites_media
>         delay_access 1 allow acl_types_media
> 
> or
> 
>         delay_access 1 allow acl_sites_media acl_types_media
> 

Both and neither. "correct" depends on what your local administrative
policy is.


> 
> 2)  Can you please add all of these stuff to the official docs ?

Where exactly did you look in the documentation? We dont have anything
provided by the Squid Project mentioning how to use delay pools for mime
content delaying. Specifically because it has not been possible to do
until very recently.


<http://www.squid-cache.org/Doc/config/delay_access/>
 "This is used to determine which delay pool a request falls into."

 Note the use of *request*.

<http://ww.squid-cache.org/Doc/config/acl/>
"
	acl aclname rep_mime_type [-i] mime-type ...
	  # regex match against the mime type of the reply received by
	  # squid. Can be used to detect file download or some
	  # types HTTP tunneling requests. [fast]
	  # NOTE: This has no effect in http_access rules. It only has
	  # effect in rules that affect the reply data stream such as
	  # http_reply_access.
"

Note the repeated used of *reply*. And the extra notice about usage only
with reply related rules (unlike delay_access).

It should be obvious at least from the second that the first is not
somewhere it will be useful.

Amos

More information about the squid-users mailing list