[squid-users] squid with apple updates caching problem !

--Ahmad-- ahmed.zaeem at netstream.ps
Fri Sep 23 13:32:19 UTC 2016


hi foks .

i need to know what wrong i have in apple caching updates .

1st of all the access.log files as below :
1474636714.291     89 192.168.0.11 TCP_MISS/206 9501 GET http://swcdn.apple.com/content/downloads/49/62/031-1878/hfuvnhh956akbythuxg2im9pdnm3c263sf/BookKitDelta.pkg - ORIGINAL_DST/17.253.37.202 application/octet-stream
1474636777.755     95 192.168.0.11 TCP_MISS/206 9501 GET http://swcdn.apple.com/content/downloads/49/62/031-1878/hfuvnhh956akbythuxg2im9pdnm3c263sf/BookKitDelta.pkg - ORIGINAL_DST/17.253.37.202 application/octet-stream
1474636841.194     99 192.168.0.11 TCP_MISS/206 9501 GET http://swcdn.apple.com/content/downloads/49/62/031-1878/hfuvnhh956akbythuxg2im9pdnm3c263sf/BookKitDelta.pkg - ORIGINAL_DST/17.253.37.202 application/octet-stream
1474636934.576     81 192.168.0.11 TCP_MISS/200 2062 GET http://sr.symcd.com/MFYwVKADAgEAME0wSzBJMAkGBSsOAwIaBQAEFHQkFGcGn/XgmD9ePhproGUqVBV1BBQBWavn3ToLWaZkY9bPIAdX1ZHnagIQEyA4ubHXyrHK2FbDJD3q1A== - ORIGINAL_DST/2.22.139.27 application/ocsp-response

==========
not sure exactly what i need to modify in the ACLS .

===========
squid.conf :

acl localnet src 10.0.0.0/8     # RFC1918 possible internal network
acl localnet src 172.16.0.0/12  # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl localnet src fc00::/7       # RFC 4193 local private network range
acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged) machines
 
acl SSL_ports port 443
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl CONNECT method CONNECT
 
http_access allow localnet
http_access allow localhost
 
# And finally deny all other access to this proxy
http_access  deny all
 
 
http_port 3128
http_port 3129 intercept
 
cache_dir ufs /var/cache/squid1 10000 16 256
 
 
maximum_object_size 6000 MB
range_offset_limit -1
quick_abort_min -1 KB
##################
acl updatesites dstdom_regex "/etc/squid/updatesites.txt"
cache allow updatesites
cache deny all 
############################
cache_store_log /var/log/squid/store.log
access_log daemon:/var/log/squid/access.log squid
cache_log /var/log/squid/cache.log
 
coredump_dir /var/cache/squid
 
store_id_program /lib/squid/storeid_file_rewrite /etc/squid/storeid_rewrite.conf
store_id_children 10 startup=3 idle=1 concurrency=0
############################################
refresh_pattern -i appldnld\.apple\.com 43200 100% 43200 ignore-reload ignore-no-store override-expire override-lastmod
refresh_pattern -i \.apple\.com 43200 100% 43200 ignore-reload ignore-no-store override-expire override-lastmod
refresh_pattern -i .apple\.com 43200 100% 43200 ignore-reload ignore-no-store override-expire override-lastmod


###################################################
cat /etc/squid/updatesites.txt

([^.]+.|)apple.com
([^.]+\.)?(download|(windows)?update)\.(microsoft\.)?com
([^.]+\.)?adobe.com
([^.]+\.)?java.com
([^.]+\.)?sun.com
([^.]+\.)?oracle.com
([^.]+\.)?apple.com
([^.]+\.)?apple.com
([^.]+\.)?ubuntu.com
([^.]+\.)?steampowered.com
([^.]+\.)?google.com <http://google.com/>
#########################################

 cat /etc/squid/storeid_rewrite.conf
^http:\/\/[^\.]+\.phobos\.apple\.com\/(.*)		http://appupdates.apple.squid.internal/$1
^http:\/\/[^\.]+\.cs\.steampowered\.com\/(.*)		 http: //steamupdates.squid.internal/$1


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20160923/c2f74ac3/attachment.html>


More information about the squid-users mailing list