[squid-users] Squid communications proxy dilemma

Amos Jeffries squid3 at treenet.co.nz
Sun Oct 30 02:21:55 UTC 2016


On 30/10/2016 2:41 p.m., paul.greene.va wrote:
> It is supposed to be some headers in the http protocol; a description from the 
> vendor:
> 
> "Ensure that any proxy, firewall or content filtering applications or devices 
> are not stripping header information from FTP or HTTP traffic, especially file 
> size header information."
> 
>   In the SEPM error log, it is stating that it failed to get file size header 
> information - but I don't know exactly where that would be getting removed. If 
> its not squid, it could be anywhere upstream from me
> I've got a "Squid Proxy Server 3.1 - Beginners Guide" but this doesn't go into 
> that much about modifying packet headers, excepts for headers to obfuscate 
> client information for security reasons. I'm pretty sure squid isn't doing 
> anything about the packet headers since this config file is so basic, so maybe 
> this has gotten outside the scope of a squid mailing list.

Nod. Squid only modifies the headers it is required to modify by HTTP,
or if you configure specific modifications to happen (any
*_header_access, *_header_replace, *_header_add directives in squid.conf).

There is no such thing as "file" in HTTP - so no "file size" exists as
such. If they mean some custom header, then Squid is definitely not
altering it without config making that happen.

There is a Content-Length header but that applies to the payload size of
the message being sent. If that is what they mean , Squid does not alter
it in valid HTTP traffic. They may be using it in invalid ways though
which Squid is required to correct on sight.

You can add "debug_options 11,2" to squid.conf to get a trace of the
HTTP messages going through when SEPM does its update thing. I suggest
only trying that in a period of low traffic.

Amos



More information about the squid-users mailing list