[squid-users] Clarification on icap
James Lay
jlay at slave-tothe-box.net
Mon Sep 26 14:55:03 UTC 2016
On 2016-09-26 08:52, Alex Rousskov wrote:
> On 09/26/2016 08:43 AM, James Lay wrote:
>> So, from what I've read, it appears that
>> squid sends the data to a listening ICAP/eCAP service, which in turn
>> the
>> IDS can access, depending on the IDS...is that about right?
>
> Not exactly.
>
> Yes, Squid sends the message to the adaptation service ("listening" is
> not a good verb for eCAP because, unlike ICAP, eCAP services are not
> network services but "plugins" or libraries).
>
> No, the IDS does not normally come to the adaptation service for
> messages. Normally, the adaptation service itself needs to give IDS the
> data. How that is done depends on the IDS interfaces, of course.
>
> On a logical level, the message is transmitted using the following
> chain:
>
> Squid -> adaptation service -> IDS
>
> And the allow/block decision (if any) is transmitted in the opposite
> direction:
>
> Squid <- adaptation service <- IDS
>
> Alex.
Beautiful...just what I needed. Last question...any recommended open
source ICAP/eCAP services that squid works well with? Thanks again.
James
More information about the squid-users
mailing list