[squid-users] urlpath_regex

James Harper james at ejbdigital.com.au
Thu Mar 12 08:14:49 UTC 2015

I have just noticed that urlpath_regex isn't doing what I want:

acl wuau_repo dstdomain .download.windowsupdate.com
acl wuau_path urlpath_regex -i \.psf$
acl dst_server dstdomain server
acl apt_cacher browser apt-cacher

cache deny dst_server
cache deny apt_cacher
cache deny wuau_repo
cache allow all

url_rewrite_program /usr/local/squid/libexec/ext_apt_rewrite
url_rewrite_children 5 startup=0 idle=1 concurrency=0
url_rewrite_access deny apt_cacher
url_rewrite_access allow wuau_repo wuau_path
url_rewrite_access deny all

Basically I am using apt-cacher to cache windows updates (apt-cacher appears to handle and cache partial requests nicely while squid doesn't). The main static windows update content files appear to be .psf. So basically, if the destination is windows update, and the path ends in .psf, then rewrite the url to go to my apt-cacher server (called server, conveniently). If the browser string is apt-cacher then don't rewrite, to avoid loops. Also don't cache anything to do with these servers.

It works except for the wuau_path acl. The line:

url_rewrite_access allow wuau_repo wuau_path

matches all paths on the wuau_repo access list, not just those ending in .psf. I get hits for paths ending in .cab, and even worse, paths with a ? in them.

What am I doing wrong?



More information about the squid-users mailing list