[squid-users] squid with apple updates caching problem !
--Ahmad--
ahmed.zaeem at netstream.ps
Fri Sep 23 13:32:19 UTC 2016
hi foks .
i need to know what wrong i have in apple caching updates .
1st of all the access.log files as below :
1474636714.291 89 192.168.0.11 TCP_MISS/206 9501 GET http://swcdn.apple.com/content/downloads/49/62/031-1878/hfuvnhh956akbythuxg2im9pdnm3c263sf/BookKitDelta.pkg - ORIGINAL_DST/17.253.37.202 application/octet-stream
1474636777.755 95 192.168.0.11 TCP_MISS/206 9501 GET http://swcdn.apple.com/content/downloads/49/62/031-1878/hfuvnhh956akbythuxg2im9pdnm3c263sf/BookKitDelta.pkg - ORIGINAL_DST/17.253.37.202 application/octet-stream
1474636841.194 99 192.168.0.11 TCP_MISS/206 9501 GET http://swcdn.apple.com/content/downloads/49/62/031-1878/hfuvnhh956akbythuxg2im9pdnm3c263sf/BookKitDelta.pkg - ORIGINAL_DST/17.253.37.202 application/octet-stream
1474636934.576 81 192.168.0.11 TCP_MISS/200 2062 GET http://sr.symcd.com/MFYwVKADAgEAME0wSzBJMAkGBSsOAwIaBQAEFHQkFGcGn/XgmD9ePhproGUqVBV1BBQBWavn3ToLWaZkY9bPIAdX1ZHnagIQEyA4ubHXyrHK2FbDJD3q1A== - ORIGINAL_DST/2.22.139.27 application/ocsp-response
==========
not sure exactly what i need to modify in the ACLS .
===========
squid.conf :
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl localnet src fc00::/7 # RFC 4193 local private network range
acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow localnet
http_access allow localhost
# And finally deny all other access to this proxy
http_access deny all
http_port 3128
http_port 3129 intercept
cache_dir ufs /var/cache/squid1 10000 16 256
maximum_object_size 6000 MB
range_offset_limit -1
quick_abort_min -1 KB
##################
acl updatesites dstdom_regex "/etc/squid/updatesites.txt"
cache allow updatesites
cache deny all
############################
cache_store_log /var/log/squid/store.log
access_log daemon:/var/log/squid/access.log squid
cache_log /var/log/squid/cache.log
coredump_dir /var/cache/squid
store_id_program /lib/squid/storeid_file_rewrite /etc/squid/storeid_rewrite.conf
store_id_children 10 startup=3 idle=1 concurrency=0
############################################
refresh_pattern -i appldnld\.apple\.com 43200 100% 43200 ignore-reload ignore-no-store override-expire override-lastmod
refresh_pattern -i \.apple\.com 43200 100% 43200 ignore-reload ignore-no-store override-expire override-lastmod
refresh_pattern -i .apple\.com 43200 100% 43200 ignore-reload ignore-no-store override-expire override-lastmod
###################################################
cat /etc/squid/updatesites.txt
([^.]+.|)apple.com
([^.]+\.)?(download|(windows)?update)\.(microsoft\.)?com
([^.]+\.)?adobe.com
([^.]+\.)?java.com
([^.]+\.)?sun.com
([^.]+\.)?oracle.com
([^.]+\.)?apple.com
([^.]+\.)?apple.com
([^.]+\.)?ubuntu.com
([^.]+\.)?steampowered.com
([^.]+\.)?google.com <http://google.com/>
#########################################
cat /etc/squid/storeid_rewrite.conf
^http:\/\/[^\.]+\.phobos\.apple\.com\/(.*) http://appupdates.apple.squid.internal/$1
^http:\/\/[^\.]+\.cs\.steampowered\.com\/(.*) http: //steamupdates.squid.internal/$1
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20160923/c2f74ac3/attachment.html>
More information about the squid-users
mailing list