[squid-users] Clarification on icap

James Lay jlay at slave-tothe-box.net
Mon Sep 26 14:55:03 UTC 2016


On 2016-09-26 08:52, Alex Rousskov wrote:
> On 09/26/2016 08:43 AM, James Lay wrote:
>> So, from what I've read, it appears that
>> squid sends the data to a listening ICAP/eCAP service, which in turn 
>> the
>> IDS can access, depending on the IDS...is that about right?
> 
> Not exactly.
> 
> Yes, Squid sends the message to the adaptation service ("listening" is
> not a good verb for eCAP because, unlike ICAP, eCAP services are not
> network services but "plugins" or libraries).
> 
> No, the IDS does not normally come to the adaptation service for
> messages. Normally, the adaptation service itself needs to give IDS the
> data. How that is done depends on the IDS interfaces, of course.
> 
> On a logical level, the message is transmitted using the following 
> chain:
> 
>   Squid -> adaptation service -> IDS
> 
> And the allow/block decision (if any) is transmitted in the opposite
> direction:
> 
>   Squid <- adaptation service <- IDS
> 
> Alex.

Beautiful...just what I needed.  Last question...any recommended open 
source ICAP/eCAP services that squid works well with?  Thanks again.

James


More information about the squid-users mailing list