[squid-users] squid cache

Majed Zouhairy m_zouhairy at ckta.by
Tue Mar 2 06:04:53 UTC 2021 

Thanks for, at least, the explanation

On 3/1/21 6:12 PM, Alex Rousskov wrote:
> On 3/1/21 2:07 AM, Majed Zouhairy wrote:
>> i tried this, but neither the https download bandwidth restriction nor
>> caching seems to be working as expected
> 
> Squid cannot cache HTTP responses without bumping HTTPS traffic. This is
> a protocol-level limitation, not a bug.
> 
> There are known delay pools bugs for not-bumped (i.e. tunneled or
> CONNECT) traffic. IIRC, the pools may work for some tunnels, but the
> imposed limits may vary significantly from the configured values.
> 
> 
> HTH,
> 
> Alex.
> 
> 
>> acl slower src 10.46.10.78
>> acl localnet src 10.46.10.0/24
>>
>> acl SSL_ports port 443
>> acl Safe_ports port 80        # http
>> acl Safe_ports port 8080    # http
>> acl Safe_ports port 21        # ftp
>> acl Safe_ports port 443        # https
>> acl Safe_ports port 70        # gopher
>> acl Safe_ports port 210        # wais
>> acl Safe_ports port 1025-65535    # unregistered ports
>> acl Safe_ports port 280        # http-mgmt
>> acl Safe_ports port 488        # gss-http
>> acl Safe_ports port 591        # filemaker
>> acl Safe_ports port 777        # multiling http
>> acl CONNECT method CONNECT
>> acl blockfiles urlpath_regex -i "/etc/squid/blocks.files.acl"
>>
>> #
>> # Recommended minimum Access Permission configuration:
>> #
>> # Deny requests to certain unsafe ports
>> http_access deny !Safe_ports
>>
>> # Deny CONNECT to other than secure SSL ports
>> http_access deny CONNECT !SSL_ports
>>
>> # Only allow cachemgr access from localhost
>> http_access allow localhost manager
>> http_access deny manager
>>
>> # We strongly recommend the following be uncommented to protect innocent
>> # web applications running on the proxy server who think the only
>> # one who can access services on "localhost" is a local user
>> #http_access deny to_localhost
>> visible_hostname proxy.lk.sk
>>
>>
>> delay_pools 1
>> delay_class 1 3
>> delay_access 1 allow slower
>> delay_access 1 deny all
>> delay_parameters 1 51200/51200 -1/-1 51200/25600
>>
>> http_access allow localnet
>> http_access allow localhost
>>
>>
>>
>> # And finally deny all other access to this proxy
>> http_access deny all
>>
>> # Squid normally listens to port 3128
>> http_port 8080
>>
>> # Uncomment and adjust the following to add a disk cache directory.
>> # Updates: chrome and acrobat
>> refresh_pattern -i gvt1.com/.*\.(exe|ms[i|u|f|p]|dat|zip|psf) 43200 80%
>> 129600 reload-into-ims
>> refresh_pattern -i adobe.com/.*\.(exe|ms[i|u|f|p]|dat|zip|psf) 43200 80%
>> 129600 reload-into-ims
>>
>>
>>
>> range_offset_limit 200 MB
>> maximum_object_size 200 MB
>> quick_abort_min -1
>>
>> # DONT MODIFY THESE LINES
>> refresh_pattern \^ftp:           1440    20%     10080
>> refresh_pattern \^gopher:        1440    0%      1440
>> refresh_pattern -i (/cgi-bin/|\?) 0      0%      0
>> refresh_pattern .           0      20%     43200
>>
>> cache_dir ufs /var/cache/squid 3000 16 256
>>
>> # Leave coredumps in the first cache dir
>> coredump_dir /var/cache/squid
>>
>> cache_mem 1024 MB
>>
>> netdb_filename none
>>
>> #
>> # Add any of your own refresh_pattern entries above these.
>> #
>> refresh_pattern ^ftp:        1440    20%    10080
>> refresh_pattern ^gopher:    1440    0%    1440
>> refresh_pattern -i (/cgi-bin/|\?) 0    0%    0
>> refresh_pattern .        0    20%    4320
>>
>> url_rewrite_program /usr/local/ufdbguard/bin/ufdbgclient -m 4 -l
>> /var/log/squid/
>> url_rewrite_children 16 startup=8 idle=2 concurrency=4
>> #debug_options ALL,1 33,2 28,9
>>
>>
>> any help?
>>
>>
>> On 2/26/21 10:22 AM, Majed Zouhairy wrote:
>>>
>>> Health be Upon you,
>>>
>>> i want to cache certain files, let's say exe, msi... above 20MB and
>>> below 300MB, limit the cache directory to 3GB
>>> i have no ssl bump not configured
>>> version 4.14
>>> how to do that?
>>> _______________________________________________
>>> squid-users mailing list
>>> squid-users at lists.squid-cache.org
>>> http://lists.squid-cache.org/listinfo/squid-users
>> _______________________________________________
>> squid-users mailing list
>> squid-users at lists.squid-cache.org
>> http://lists.squid-cache.org/listinfo/squid-users
>

More information about the squid-users mailing list