Re: [squid-users] Active feeding of Squid?

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Sat, 24 Jan 2004 23:38:01 +0100 (CET)

On Sat, 24 Jan 2004, Thhoep wrote:

> is there a way to feed squid with pure server-to-client downstream
> without using it as proxy for this purpose? can i somehow let squid
> passively monitor a passing by ip datastream so fill the cache with it,
> to the benefit of the squid proxy clients? can i somehow "pump" the data
> into squid without ever having requested it? or is there a tool that
> works together with squid that does just that?

Interesting question and the answer is not easily.

There is a number of issues you need to deal with to implement the above
ideas

a) You need some kind of software capable of reassembling the TCP streams
and pulling out the relevant HTTP request and resulting replies seen.
There is some quite cool software doing this, for example a traffic
monitor automatically grabbing all pictures seen in web traffic.
Unfortunately the name of such tool have slip my mind at the moment.

b) Squid needs to be modified to accept being fed objects by some method.

c) You also need to find some way of protecting from spoofing, or you have
a serious risk of cache poisoning where malicious users or software on the
other networks may cause traffic fooling 'a' to see traffic not actually
belonging to the requested sites due to the loose coupling between domain
names and IP addresses.

Regards
Henrik
Received on Sat Jan 24 2004 - 15:38:06 MST

This archive was generated by hypermail pre-2.1.9 : Sun Feb 01 2004 - 12:00:08 MST