[squid-users] windowsupdate problem

Hello.

I installed squid-2.4-STABLE2 on OpenBSD-2.9 (Intel).
When I tuned win98 clients by hand and tried "windowsupdate",
downloading started and hung :-(((

Does anybody help me?

--
Alexei Malinin,
System Administrator of
Siberian Aluminium Group
Configure options:
------------------
--enable-dlmalloc \
--enable-gnuregex \
--enable-xmalloc-statistics \
--enable-carp \
--enable-removal-policies=lru,heap \
--enable-icmp \
--enable-delay-pools \
--enable-useragent-log \
--enable-referer-log \
--enable-wccp \
--enable-kill-parent-hack \
--enable-time-hack \
--enable-htcp \
--enable-forw-via-db \
--enable-cache-digests \
--enable-err-language=Russian-koi8-r \
--disable-http-violations \
--enable-ipf-transparent \
--enable-ident-lookups \
--enable-snmp \
--enable-auth-modules=NCS
------------------
squid.conf:
-----------
icp_port 0
htcp_port 0
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 144 MB
cache_swap_low 97
cache_swap_high 99
maximum_object_size_in_memory 64 KB
cache_replacement_policy heap LFUDA
memory_replacement_policy heap LFUDA
cache_dir ufs /Squid.cache/cache1 7168 16 256
cache_dir ufs /Squid.cache/cache2 7168 16 256
cache_dir ufs /Squid.cache/cache3 7168 16 256
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log none
log_mime_hdrs on
pid_filename /var/run/squid.pid
ftp_user proxy@sibal.ru
ftp_list_width 64
ftp_passive off
dns_retransmit_interval 2 seconds
dns_timeout 2 minutes
redirect_program /usr/local/squid/libexec/squid/redirector.pl
redirect_children 32
redirect_rewrites_host_header off
request_header_max_size 64 KB
refresh_pattern ^ftp:           1440    25%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern .               0       25%     10080
reference_age 4 months
quick_abort_min 4 KB
quick_abort_max 4 KB
quick_abort_pct 99
negative_ttl 1 minutes
positive_dns_ttl 4 hours
negative_dns_ttl 1 minutes
request_timeout 60 seconds
shutdown_lifetime 1 seconds
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443 563     # https, snews
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl CONNECT method CONNECT
acl allowed_hosts src 192.168.0.0/255.255.0.0 172.17.0.0/255.255.0.0 172.27.0.0/255.255.0.0
acl unrestricted_hosts src 127.0.0.1/255.255.255.255 192.168.150.0/255.255.255.0 172.17.2.202/255.255.255.255
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow allowed_hosts
http_access deny all
icp_access deny all
proxy_auth_realm  Proxy-caching web server
cache_mgr proxy@sibal.ru
cache_effective_user squid
cache_effective_group squid
httpd_accel_host virtual
httpd_accel_port 0
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
logfile_rotate 1
memory_pools off
forwarded_for off
cachemgr_passwd disable all
buffered_logs on
anonymize_headers allow Allow Authorization Cache-Control
anonymize_headers allow Content-Encoding Content-Length
anonymize_headers allow Content-Type Date Expires Host
anonymize_headers allow If-Modified-Since Last-Modified
anonymize_headers allow Location Pragma Accept
anonymize_headers allow Accept-Encoding Accept-Language
anonymize_headers allow Content-Language Mime-Version
anonymize_headers allow Retry-After Title Connection
anonymize_headers allow Proxy-Connection Referer
fake_user_agent Mozilla/4.0 (compatible)
minimum_retry_timeout 60 seconds
snmp_port 0
delay_pools 2
delay_class 1 1
delay_class 2 3
delay_access 1 allow unrestricted_hosts
delay_access 1 deny all
delay_access 2 deny unrestricted_hosts
delay_access 2 allow allowed_hosts
delay_access 2 deny all
delay_parameters 1 -1/-1
delay_parameters 2 48000/48000 -1/-1 8000/48000
coredump_dir /var/log/squid
digest_generation off
-----------
redirector.pl:
--------------
#!/usr/bin/perl
$0 = 'redirect' ;
$| = 1 ;
@banners    = ('reklama\.ru/cgi-bin/banner/',
               'anekdot\.ru/cgi-bin/banner/',
               'banner\.ru/cgi/sites/' ,
               'linkexchange\.ru/cgi-bin',
               'bizlink\.ru/cgi-bin/irads\.cgi\?',
               'bizlink\.ru/cgi-bin/cgiwrap/ar/irads\.cgi\?',
               'adv\.stars\.ru/cgi-bin/adv\.pl',
               'banner\.ricor\.ru/cgi-bin/banner\.pl\?',
               'ad\.doubleclick\.net/adi?/',
               'ad\.doubleclick\.net/viewad/',
...[cut]...
         'count\.rbc\.ru'
         );
while (<>) {
    ($url, $who, $ident, $method) = /^(\S+) (\S+) (\S+) (\S+)$/ ;
    $url = 'http://linuxnews.ru/images/1x1.gif'
        if grep ($url=~/$_/i, @banners) ;
    print "$url $who $ident $method\n" ;
}
--------------