[squid-users] Squid communications proxy dilemma

Amos Jeffries squid3 at treenet.co.nz
Sun Oct 30 00:38:45 UTC 2016


On 30/10/2016 12:38 p.m., paul.greene.va wrote:
> This fixed the WSUS server, it wasn't the cache_peer parameter after all.
> 
> acl inside dstdomain .mydomain.com
> always_direct allow inside
> never_direct allow all
> The SEPM might have an additional known issue (known by Symantec that is)
> 
> If a proxy or a firewall is stripping, compressing, or encrypting content length 
> packet headers, that'll break SEPM too. (SEPM uses port 80 by default, so 
> theoretically it should have been getting out)
> 
> Is there a parameter in squid that would do that? (so I can see if it is 
> configured or not) The squid.conf is 90% of the default file, with just a few 
> tweaks needed for our environment.

Squid is HTTP software, it does not do anything with the TCP packet
level of things.

If by "packets" you actually meant "HTTP messages", then ... HTTP is
designed with middleware alterations of the message along the way. Any
software which cannot handle that is broken.

Likewise any software using port 80 which cannot handle HTTP on the port
is broken.

Amos



More information about the squid-users mailing list