[squid-users] refresh_pattern and same objects

Amos Jeffries squid3 at treenet.co.nz
Mon Aug 31 17:52:28 UTC 2015


On 1/09/2015 4:01 a.m., FredB wrote:
> 
>>
>> I'm thinking about something like this
>>
>>
> 
> 
> Sorry wrong move :)
> 
> So, What I meant was 
> 
> I'm thinking about something like this
> 
> # HTTP 1/1
> # The refresh_pattern rules applied only to responses without an explicit expiration time
> # min 1440 minutes
> # Max 10080 minutes
> 
> # http 10080 / 60 / 24 H = 7 days
> refresh_pattern ^http 1440 10% 10080

That will match almost everything and the rules below will remain unused.

> 
> # All Files 30 days max
> refresh_pattern -i \.(3gp|7z|ace|asx|bin|deb|divx|dvr-ms|ram|rpm|exe|inc|cab|qt)       43200 99% 43200 ignore-no-cache ignore-no-store reload-into-ims store-stale
> refresh_pattern -i \.(rar|jar|gz|tgz|bz2|iso|m1v|m2(v|p)|mo(d|v)|arj|lha|lzh|zip|tar)  43200 99% 43200 ignore-no-cache ignore-no-store reload-into-ims store-stale
> refresh_pattern -i \.(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|dat|ad|txt|dll)         43200 99% 43200 ignore-no-cache ignore-no-store reload-into-ims store-stale
> refresh_pattern -i \.(avi|ac4|mp(e?g|a|e|1|2|3|4)|mk(a|v)|ms(i|u|p)|og(x|v|a|g)|rm|r(a|p)m|snd|vob) 43200 99% 43200 ignore-no-cache ignore-no-store reload-into-ims store-stale
> refresh_pattern -i \.(pp(t?x)|s|t)|pdf|rtf|wax|wm(a|v)|wmx|wpl|cb(r|z|t)|xl(s?x)|do(c?x)|flv|x-flv) 43200 99% 43200 ignore-no-cache ignore-no-store reload-into-ims store-stale
> 
> Maybe my values are too high ? 

I dont think so. The 99% is probably too low if anything. Try 1000%. It
will be capped by the min/max values anyway.


The problems I see there are more related to the overrides and the file
types listed;

* ignore-no-cache does absolutely nothing since 3.2. So remove it.

* ignore-no-store is dangerous. Particularly when used like this for
blanket "file extension" patterns.

The cases I have personally seen that you might run into serious trouble
with are .tiff files, TFF is a "high quality" format. At least its very
high in detail, and I've seen it used with only no-store protection to
send medical, mapping and hi-res photographic data around by software
where it is supposed to be one-use transmission. Caching that would be
both legally risky, and sometimes just waste space (app dependent).
 And with the .wm* formats, which are pretty much awash with DRM
encryption, maybe others in that set too. By caching them all you would
do is prevent users from being able to view the media.

The patterns will not match only file extensions. Any domain name that
starts with the character sequence will also match query-string segments
listing file types etc.


> 
> About reload-into-ims if I understand right it translates "Pragma: no-cache" into "If-Modified-Since" if the object is cached and if there is no explicit expiration time, in real life this should be dangerous or annoying for users ?
> 

Yes, relative to the fact its Cache-Contro: no-cache and/or max-age=0
from the client. Rather than Pragma.

> The context is many simultaneous users (thousands) with very different kind of profiles

I would use the above patterns but without the extra options, then add
them in one by one to see how the behaviour changes. Starting with the
ones on the right hand-side.

Trying to avoid override-no-store as long as possible, and target it to
problem sites when it is used.

And after placing this at the end of the patterns:

  (\?.*)?$


Amos



More information about the squid-users mailing list