[squid-users] squid with apple updates caching problem !

Hardik Dangar hardikdangar+squid at gmail.com
Fri Sep 23 14:37:28 UTC 2016 

Hey Ahmed,

You can use reload-into-ms, most other squid refresh patterns you have used
do more harm than benefits,
something like,

refresh_pattern -i appldnld\.apple\.com 43200 100% 43200  reload-into-ims

would work. I am not sure about the regex you have used, i thought i had
different.

On Fri, Sep 23, 2016 at 7:02 PM, --Ahmad-- <ahmed.zaeem at netstream.ps> wrote:

> hi foks .
>
> i need to know what wrong i have in apple caching updates .
>
> 1st of all the access.log files as below :
> 1474636714.291     89 192.168.0.11 TCP_MISS/206 9501 GET
> http://swcdn.apple.com/content/downloads/49/62/031-1878/
> hfuvnhh956akbythuxg2im9pdnm3c263sf/BookKitDelta.pkg - ORIGINAL_DST/
> 17.253.37.202 application/octet-stream
> 1474636777.755     95 192.168.0.11 TCP_MISS/206 9501 GET
> http://swcdn.apple.com/content/downloads/49/62/031-1878/
> hfuvnhh956akbythuxg2im9pdnm3c263sf/BookKitDelta.pkg - ORIGINAL_DST/
> 17.253.37.202 application/octet-stream
> 1474636841.194     99 192.168.0.11 TCP_MISS/206 9501 GET
> http://swcdn.apple.com/content/downloads/49/62/031-1878/
> hfuvnhh956akbythuxg2im9pdnm3c263sf/BookKitDelta.pkg - ORIGINAL_DST/
> 17.253.37.202 application/octet-stream
> 1474636934.576     81 192.168.0.11 TCP_MISS/200 2062 GET
> http://sr.symcd.com/MFYwVKADAgEAME0wSzBJMAkGBSsOAwIaBQAEFHQkFGcGn/
> XgmD9ePhproGUqVBV1BBQBWavn3ToLWaZkY9bPIAdX1ZHnagIQEyA4ubHXyrHK2FbDJD3q1A==
> - ORIGINAL_DST/2.22.139.27 application/ocsp-response
>
> ==========
> not sure exactly what i need to modify in the ACLS .
>
> ===========
> squid.conf :
>
> acl localnet src 10.0.0.0/8     # RFC1918 possible internal network
> acl localnet src 172.16.0.0/12  # RFC1918 possible internal network
> acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
> acl localnet src fc00::/7       # RFC 4193 local private network range
> acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged)
> machines
>
>
> acl SSL_ports port 443
> acl Safe_ports port 80          # http
> acl Safe_ports port 21          # ftp
> acl Safe_ports port 443         # https
> acl Safe_ports port 70          # gopher
> acl Safe_ports port 210         # wais
> acl Safe_ports port 1025-65535  # unregistered ports
> acl Safe_ports port 280         # http-mgmt
> acl Safe_ports port 488         # gss-http
> acl Safe_ports port 591         # filemaker
> acl Safe_ports port 777         # multiling http
> acl CONNECT method CONNECT
>
>
> http_access allow localnet
> http_access allow localhost
>
>
> # And finally deny all other access to this proxy
> http_access  deny all
>
>
>
>
> http_port 3128
> http_port 3129 intercept
>
>
> cache_dir ufs /var/cache/squid1 10000 16 256
>
>
>
>
> maximum_object_size 6000 MB
> range_offset_limit -1
> quick_abort_min -1 KB
> ##################
> acl updatesites dstdom_regex "/etc/squid/updatesites.txt"
> cache allow updatesites
> cache deny all
> ############################
> cache_store_log /var/log/squid/store.log
> access_log daemon:/var/log/squid/access.log squid
> cache_log /var/log/squid/cache.log
>
>
> coredump_dir /var/cache/squid
>
>
> store_id_program /lib/squid/storeid_file_rewrite
> /etc/squid/storeid_rewrite.conf
> store_id_children 10 startup=3 idle=1 concurrency=0
> ############################################
> refresh_pattern -i appldnld\.apple\.com 43200 100% 43200 ignore-reload
> ignore-no-store override-expire override-lastmod
> refresh_pattern -i \.apple\.com 43200 100% 43200 ignore-reload
> ignore-no-store override-expire override-lastmod
> refresh_pattern -i .apple\.com 43200 100% 43200 ignore-reload
> ignore-no-store override-expire override-lastmod
>
>
> ###################################################
> cat /etc/squid/updatesites.txt
>
> ([^.]+.|)apple.com
> ([^.]+\.)?(download|(windows)?update)\.(microsoft\.)?com
> ([^.]+\.)?adobe.com
> ([^.]+\.)?java.com
> ([^.]+\.)?sun.com
> ([^.]+\.)?oracle.com
> ([^.]+\.)?apple.com
> ([^.]+\.)?apple.com
> ([^.]+\.)?ubuntu.com
> ([^.]+\.)?steampowered.com
> ([^.]+\.)?google.com
> #########################################
>
>  cat /etc/squid/storeid_rewrite.conf
> ^http:\/\/[^\.]+\.phobos\.apple\.com\/(.*) http://appupdates.apple.squid.
> internal/$1
> ^http:\/\/[^\.]+\.cs\.steampowered\.com\/(.*) http:
> //steamupdates.squid.internal/$1
>
>
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20160923/c719fff0/attachment.html>

More information about the squid-users mailing list