[squid-users] rep_header not working

Omid Kosari omidkosari at yahoo.com
Tue Jul 19 10:19:57 UTC 2016 

Amos Jeffries wrote
> On 19/07/2016 5:48 p.m., Omid Kosari wrote:
>> Amos Jeffries wrote
>>> On 19/07/2016 2:42 a.m., Omid Kosari wrote:
>>>> Hello,
>>>>
>>>> It seems rep_header does not work at all.
>>>>
>>>> acl mshit rep_header X-SHMSCDN .
>>>> acl mshit rep_header Content-Type -i text\/html
>>>> acl html rep_header Content-Type -i ^text\/html
>>>> acl apache rep_header Server ^Apache
>>>> debug_options 28,3
>>>>
>>>
>>> If thats all you put in the config, theres nothing telling Squid when to
>>> use the ACL.
>>>
>>> PS. the other thread where you posted better details of the problem and
>>> config has already been answered, so I wont repeat the details here.
>>>
>> 
>> I thought acl should match even if nothing to do with it . ok .
>> 
>> now
>> #acl mshit rep_header X-SHMSCDN HIT
>> #acl mshit rep_header X-SHMSCDN .
>> acl mshit rep_header X-Shmscdn -i HIT
>> acl testip src 192.168.1.10
>> http_access deny testip mshit
>> 
>> Maybe the problem is  "any of the known reply headers" as Eliezer
>> mentioned
>> in other thread . If so what is the meaning of  known (please refer me to
>> source file in squid to not ask more questions about it :) ) ? Also is
>> there
>> a way to work with unknown headers ?
>> 
> 
> The rep_header ACL code is at [1] which indicates the match()'ing
> function is the generic HTTP headers matching function from [2], applied
> to the HTTP reply object headers.
> 
> [1]
> <http://bazaar.launchpad.net/~squid/squid/trunk/view/head:/src/acl/HttpRepHeader.cc>
> 
> [2]
> <http://bazaar.launchpad.net/~squid/squid/trunk/view/head:/src/acl/HttpRepHeader.cc>
> 
> I see in [2] that both registered header ID (aka "known headers") and
> by-name (custom header lookup) are tested. So your ACL should be
> locating the custom header *if* it exists in the relevant reply headers.
> 
> That 'if' is important, the HTTP state is not always what one thinks it
> is. As demonstrated by the *real* traffic flow in my first reply to the
> "Wrong req_header result in cache_peer_access when using ssl_bump" thread.
> 
> Amos
> 
> _______________________________________________
> squid-users mailing list

> squid-users at .squid-cache

> http://lists.squid-cache.org/listinfo/squid-users

If i understand correctly you mean the rule should work correctly with
custom headers but the problem is squid is not at right place to see that
header .

May i ask you please help me to solve problem from other thread
http://squid-web-proxy-cache.1019090.n4.nabble.com/Windows-Updates-a-Caching-Stub-zone-A-windows-updates-store-td4678454.html

I think now you know what is my problem . The prefered way is by rep_header
and clientside_tos if possible . 
Right now with help of Eliezer i have injected custom header in static
header files . Eliezers code (peer port 8080) successfully sends that header
to clients and squid(i don't know how to be sure ,the important if).

Is it possible to use rep_header and clientside_tos with each other ? (Alexa
says no in other thread but he is not deeply aware of my needs ) 
If yes how to squid be aware of rep_header from peer ?

Knocking my head to wall :(

Thanks ,



--
View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/rep-header-not-working-tp4678561p4678580.html
Sent from the Squid - Users mailing list archive at Nabble.com.

More information about the squid-users mailing list