[squid-users] squid with apple updates caching problem !
Hardik Dangar
hardikdangar+squid at gmail.com
Fri Sep 23 14:37:28 UTC 2016
Hey Ahmed,
You can use reload-into-ms, most other squid refresh patterns you have used
do more harm than benefits,
something like,
refresh_pattern -i appldnld\.apple\.com 43200 100% 43200 reload-into-ims
would work. I am not sure about the regex you have used, i thought i had
different.
On Fri, Sep 23, 2016 at 7:02 PM, --Ahmad-- <ahmed.zaeem at netstream.ps> wrote:
> hi foks .
>
> i need to know what wrong i have in apple caching updates .
>
> 1st of all the access.log files as below :
> 1474636714.291 89 192.168.0.11 TCP_MISS/206 9501 GET
> http://swcdn.apple.com/content/downloads/49/62/031-1878/
> hfuvnhh956akbythuxg2im9pdnm3c263sf/BookKitDelta.pkg - ORIGINAL_DST/
> 17.253.37.202 application/octet-stream
> 1474636777.755 95 192.168.0.11 TCP_MISS/206 9501 GET
> http://swcdn.apple.com/content/downloads/49/62/031-1878/
> hfuvnhh956akbythuxg2im9pdnm3c263sf/BookKitDelta.pkg - ORIGINAL_DST/
> 17.253.37.202 application/octet-stream
> 1474636841.194 99 192.168.0.11 TCP_MISS/206 9501 GET
> http://swcdn.apple.com/content/downloads/49/62/031-1878/
> hfuvnhh956akbythuxg2im9pdnm3c263sf/BookKitDelta.pkg - ORIGINAL_DST/
> 17.253.37.202 application/octet-stream
> 1474636934.576 81 192.168.0.11 TCP_MISS/200 2062 GET
> http://sr.symcd.com/MFYwVKADAgEAME0wSzBJMAkGBSsOAwIaBQAEFHQkFGcGn/
> XgmD9ePhproGUqVBV1BBQBWavn3ToLWaZkY9bPIAdX1ZHnagIQEyA4ubHXyrHK2FbDJD3q1A==
> - ORIGINAL_DST/2.22.139.27 application/ocsp-response
>
> ==========
> not sure exactly what i need to modify in the ACLS .
>
> ===========
> squid.conf :
>
> acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
> acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
> acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
> acl localnet src fc00::/7 # RFC 4193 local private network range
> acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged)
> machines
>
>
> acl SSL_ports port 443
> acl Safe_ports port 80 # http
> acl Safe_ports port 21 # ftp
> acl Safe_ports port 443 # https
> acl Safe_ports port 70 # gopher
> acl Safe_ports port 210 # wais
> acl Safe_ports port 1025-65535 # unregistered ports
> acl Safe_ports port 280 # http-mgmt
> acl Safe_ports port 488 # gss-http
> acl Safe_ports port 591 # filemaker
> acl Safe_ports port 777 # multiling http
> acl CONNECT method CONNECT
>
>
> http_access allow localnet
> http_access allow localhost
>
>
> # And finally deny all other access to this proxy
> http_access deny all
>
>
>
>
> http_port 3128
> http_port 3129 intercept
>
>
> cache_dir ufs /var/cache/squid1 10000 16 256
>
>
>
>
> maximum_object_size 6000 MB
> range_offset_limit -1
> quick_abort_min -1 KB
> ##################
> acl updatesites dstdom_regex "/etc/squid/updatesites.txt"
> cache allow updatesites
> cache deny all
> ############################
> cache_store_log /var/log/squid/store.log
> access_log daemon:/var/log/squid/access.log squid
> cache_log /var/log/squid/cache.log
>
>
> coredump_dir /var/cache/squid
>
>
> store_id_program /lib/squid/storeid_file_rewrite
> /etc/squid/storeid_rewrite.conf
> store_id_children 10 startup=3 idle=1 concurrency=0
> ############################################
> refresh_pattern -i appldnld\.apple\.com 43200 100% 43200 ignore-reload
> ignore-no-store override-expire override-lastmod
> refresh_pattern -i \.apple\.com 43200 100% 43200 ignore-reload
> ignore-no-store override-expire override-lastmod
> refresh_pattern -i .apple\.com 43200 100% 43200 ignore-reload
> ignore-no-store override-expire override-lastmod
>
>
> ###################################################
> cat /etc/squid/updatesites.txt
>
> ([^.]+.|)apple.com
> ([^.]+\.)?(download|(windows)?update)\.(microsoft\.)?com
> ([^.]+\.)?adobe.com
> ([^.]+\.)?java.com
> ([^.]+\.)?sun.com
> ([^.]+\.)?oracle.com
> ([^.]+\.)?apple.com
> ([^.]+\.)?apple.com
> ([^.]+\.)?ubuntu.com
> ([^.]+\.)?steampowered.com
> ([^.]+\.)?google.com
> #########################################
>
> cat /etc/squid/storeid_rewrite.conf
> ^http:\/\/[^\.]+\.phobos\.apple\.com\/(.*) http://appupdates.apple.squid.
> internal/$1
> ^http:\/\/[^\.]+\.cs\.steampowered\.com\/(.*) http:
> //steamupdates.squid.internal/$1
>
>
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20160923/c719fff0/attachment.html>
More information about the squid-users
mailing list