[squid-users] Squid Reverse Proxy and WebDAV caching

Olivier MARCHETTA olivier.marchetta at outlook.com
Fri Aug 25 12:49:50 UTC 2017


Hello,

Finally Squid is caching my SharePoint online documents.
But it doesn't work yet. 
If I enable offline mode, the WebDAV client will not be able to download documents from the cache.
And I will see the following errors in the log:

---------------------------------------------------------------------------------
TCP_OFFLINE_HIT_ABORTED/000	https://tenant.sharepoint.com/sites/Marketing/Shared%20Documents/large1%20-%20Copy%20-%20Copy%20-%20Copy%20-%20Copy.docx
TCP_OFFLINE_HIT_ABORTED/000	https://tenant.sharepoint.com/sites/Marketing/Shared%20Documents/large1%20-%20Copy%20-%20Copy%20-%20Copy%20-%20Copy.docx
---------------------------------------------------------------------------------

If I disable offline mode, then nothing gets downloaded from the cache.

I have removed all ACL control from the squid conf (to make it easier for now).
I have replaced all refresh patterns by customs one (that I've found on Internet from another SharePoint caching project).

Sorry for the long file below, but I am posting my conf file again.
I don't know why the Squid cache is aborting the cache HIT.
If you have any clue, it would be very welcome.


---------------------------------------------------------------------------------
http_port 92.222.209.108:3128
icp_port 0
digest_generation off
dns_v4_first on
pid_filename /var/run/squid/squid.pid
cache_effective_user squid
cache_effective_group proxy
error_default_language en
icon_directory /usr/local/etc/squid/icons
visible_hostname sv-1101-wvp01.virtualdesk.cloud
cache_mgr pfsense at virtualdesk.cloud
access_log /var/squid/logs/access.log
cache_log /var/squid/logs/cache.log
cache_store_log none
netdb_filename /var/squid/logs/netdb.state
pinger_enable on
pinger_program /usr/local/libexec/squid/pinger

logfile_rotate 7
debug_options rotate=7
shutdown_lifetime 3 seconds
# Allow local network(s) on interface(s)
acl localnet src  92.222.209.0/24
forwarded_for on
uri_whitespace strip


cache_mem 128 MB
maximum_object_size_in_memory 512 KB
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA
minimum_object_size 0 KB
maximum_object_size 20 MB
cache_dir ufs /var/squid/cache 100 16 256
offline_mode off
cache_swap_low 90
cache_swap_high 95
cache allow all

# Cache documents regardless what the server says
refresh_pattern .jpg 14400 50% 18000 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
refresh_pattern .gif 14400 50% 18000 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
refresh_pattern .png 14400 50% 18000 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
refresh_pattern .txt 14400 50% 18000 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
refresh_pattern .doc 14400 50% 18000 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
refresh_pattern .docx 14400 50% 18000 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
refresh_pattern .xls 14400 50% 18000 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
refresh_pattern .xlsx 14400 50% 18000 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth
refresh_pattern .pdf 14400 50% 18000 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth

# Setup acls
acl allsrc src all
http_access allow all

request_body_max_size 0 KB
delay_pools 1
delay_class 1 2
delay_parameters 1 -1/-1 -1/-1
delay_initial_bucket_level 100
delay_access 1 allow allsrc

# Reverse Proxy settings
https_port 92.222.209.108:443 accel cert=/usr/local/etc/squid/599eae0080989.crt key=/usr/local/etc/squid/599eae0080989.key
cache_peer olicomp.sharepoint.com parent 443 0 no-query no-digest originserver login=PASSTHRU connection-auth=on ssl sslflags=DONT_VERIFY_PEER front-end-https=auto name=rvp_sharepoint
deny_info TCP_RESET allsrc
---------------------------------------------------------------------------------

Regards,
Olivier MARCHETTA


More information about the squid-users mailing list