> Dear Jenny and Amos,
>
> I thought it worth mentioning that I too am having troubles with the
> ACL processing of the "request_header_access User-Agent" configuration
> directive. It seems like Jenny's issue is the same one I am seeing.
>
> Using a "src" ACL in the directive doesn't work when yo
Dear Jenny and Amos,
I thought it worth mentioning that I too am having troubles with the
ACL processing of the "request_header_access User-Agent" configuration
directive. It seems like Jenny's issue is the same one I am seeing.
Using a "src" ACL in the directive doesn't work when you have a cac
Hello Amos,
> To: squid-users@squid-cache.org
> Date: Thu, 9 Jun 2011 13:02:49 +1200
> From: squ...@treenet.co.nz
> Subject: Re: FW: [squid-users] Why doesn't REQUEST_HEADER_ACCESS work
> properly with aclnames?
>
> On Wed,
On Wed, 8 Jun 2011 17:01:39 +, Jenny Lee wrote:
I just realized that "Cookie" headers are also not obeyed when going
through peers.
Everything works going direct, but nothing works if you are using any
peers.
I surely cannot be the only person out of all squid users that is
bitten by this
From: bodycar...@live.com
> To: squ...@treenet.co.nz; squid-users@squid-cache.org
> Date: Thu, 28 Apr 2011 19:25:27 +0000
> Subject: RE: [squid-users] Why doesn't REQUEST_HEADER_ACCESS work properly
> with aclnames?
>
>
> > > It seems to me that ACL SRC is NEVER checked whe
On Thu, 5 May 2011 00:00:37 +, Jenny Lee wrote:
>> kid1| ACLChecklist::preCheck: 0x7504abc0 checking
>> 'request_header_access User-Agent allow OFFICE_IP !PEER1'
>> kid1| ACLList::matches: checking OFFICE_IP
>> kid1| ACL::checklistMatches: checking 'OFFICE_IP'
>> kid1| aclIpAddrNetworkCom
> >> kid1| ACLChecklist::preCheck: 0x7504abc0 checking
> >> 'request_header_access User-Agent allow OFFICE_IP !PEER1'
> >> kid1| ACLList::matches: checking OFFICE_IP
> >> kid1| ACL::checklistMatches: checking 'OFFICE_IP'
> >> kid1| aclIpAddrNetworkCompare: compare:
> >> [::]/[:::ff
On Wed, 4 May 2011 20:40:33 +, Jenny Lee wrote:
No difference whatever is done. PEER1, !PEER1, !PEER2... No peer...
Seperate lines...
SRC IP is never available, so it always fails. PEER is available
though, I can make it work with using just PEER1. Going direct works
also as expected.
T
> No difference whatever is done. PEER1, !PEER1, !PEER2... No peer... Seperate
> lines...
>
> SRC IP is never available, so it always fails. PEER is available though, I
> can make it work with using just PEER1. Going direct works also as expected.
>
> Thanks.
>
> Jenny
>
>
> kid1| ACLChecklist::
> > It seems to me that ACL SRC is NEVER checked when going to a Peer.
> >
> > WHAT I WANT TO DO:
> > acl OFFICE src 1.1.1.1
> > request_header_access User-Agent allow OFFICE
> > request_header_access User-Agent deny all
> > request-header_replace User-Agent BOGUS AGENT
> >
> >
> > [OFFICE UA shou
On 26/04/11 05:27, Jenny Lee wrote:
HALF-BAKED:
acl OFFICE src 1.1.1.1
request_header_access User-Agent allow OFFICE
request_header_access User-Agent deny all
request-header_replace User-Agent BOGUS AGENT
[DIRECT works as expected for OFFICE -- no modifications. However, UA for
OFFICE is r
> I'm a little confused by this scenario and your statement "It would be
> nice if the crawler identified itself".
> Is it spoofing an agent name identical that on your OFFICE machines?
> Even the absence of a U-A header is identification in a way.
That was just an example. In its simplest for
On 21/04/11 13:04, Jenny Lee wrote:
I have 3.2.0.1 and unfortunately this does not work either. I
will check on 3.2.0.7 (would that make a difference?).
May do. I don't recall changing anything there directly but the
passing around of request details has been fixed in a few places
earlier whi
> > I have 3.2.0.1 and unfortunately this does not work either. I will check on
> > 3.2.0.7 (would that make a difference?).
>
> May do. I don't recall changing anything there directly but the passing
> around of request details has been fixed in a few places earlier which
> may affect it.
>
On 21/04/11 05:56, Jenny Lee wrote:
Reality after looking at the code:
Mangling is done after peer selection right at the last milli-second
before sending the headers down the wire. It is done on all HTTP
requests including CONNECT tunnels when they are relayed.
Peering info *is* available. Bu
> Reality after looking at the code:
> Mangling is done after peer selection right at the last milli-second
> before sending the headers down the wire. It is done on all HTTP
> requests including CONNECT tunnels when they are relayed.
>
> Peering info *is* available. But "src" ACL does not chec
On 19/04/11 17:53, Jenny Lee wrote:
To: squid-users@squid-cache.org
Date: Tue, 19 Apr 2011 14:36:31 +1200
From: squ...@treenet.co.nz
Subject: RE: [squid-users] Why doesn't REQUEST_HEADER_ACCESS work properly with
aclnames?
On Mon, 18 Apr 2011 19:15:53 +, Jenny Lee wrote:
What i
> To: squid-users@squid-cache.org
> Date: Tue, 19 Apr 2011 14:36:31 +1200
> From: squ...@treenet.co.nz
> Subject: RE: [squid-users] Why doesn't REQUEST_HEADER_ACCESS work properly
> with aclnames?
>
> On Mon, 18 Apr 2011 19:15:53 +, Jenny Lee wrote:
> >>
On Mon, 18 Apr 2011 19:15:53 +, Jenny Lee wrote:
> What is the definition of OFFICE ?
> request_header_access are fast ACL which will not wait for
unavailable
> details to be fetched.
Ah! proxy_auth :)
Jenny
acl OFFICE src 2.2.2.2
request_header_access User-Agent allow OFFICE
request_
> > What is the definition of OFFICE ?
> > request_header_access are fast ACL which will not wait for unavailable
> > details to be fetched.
>
> Ah! proxy_auth :)
>
> Jenny
acl OFFICE src 2.2.2.2
request_header_access User-Agent allow OFFICE
request_header_access User-Agent deny all
header_r
Hello Amos,
> What is the definition of OFFICE ?
> request_header_access are fast ACL which will not wait for unavailable
> details to be fetched.
Ah! proxy_auth :)
Jenny
On Tue, 5 Apr 2011 18:26:45 +, Jenny Lee wrote:
Hello Squid Folks,
Here is an excerpt from squid.conf.documented:
# TAG: request_header_access
# Usage: request_header_access header_name allow|deny
[!]aclname ...
This seems to work only as:
request_header_access User-Agent deny al
Hello Squid Folks,
Here is an excerpt from squid.conf.documented:
# TAG: request_header_access
# Usage: request_header_access header_name allow|deny [!]aclname ...
This seems to work only as:
request_header_access User-Agent deny all
Why can't I do:
request_header_access
23 matches
Mail list logo