[squid-users] Squid, Symantec LiveUpdate, and HTTP 1.1 versus HTTP 1.0

From: Nathan Eady <galionlibrary_at_gmail.com>
Date: Wed, 25 Mar 2009 14:46:56 -0400

Okay, we've got port 80 traffic going transparently to a Squid proxy
here, and I need to make a small configuration change, and I can't
seem to find, either in the man pages nor on the web, the
documentation on how to do it. It's probably one little line in
squid.conf, but I can't find it.

Here's the deal:
When I access a site (I tested with Google as well as our own offsite
web server) from a computer that is NOT behind the transparent squid
proxy, issuing an HTTP/1.1 request, I get the normal expected HTTP/1.1
response:

nathan_at_externalbox$ telnet www.galionlibrary.org 80
Trying 209.143.16.23...
Connected to galionlibrary.org.
Escape character is '^]'.
GET / HTTP/1.1
Host: www.galionlibrary.org

HTTP/1.1 200 OK
[snip the rest]

However, when I do the same thing from a system that IS behind the
proxy, I get an HTTP/1.0 response back:
nathan_at_donalbain:~$ telnet www.galionlibrary.org 80
Trying 209.143.16.23...
Connected to galionlibrary.org.
Escape character is '^]'.
GET / HTTP/1.1
Host: www.galionlibrary.org

HTTP/1.0 200 OK
[snip the rest]

Until recently I never even noticed this, but now Symantec LiveUpdate
is failing on all the systems behind the proxy. I posted about that
on the Norton Community forum, umm, here:
http://community.norton.com/norton/board/message?board.id=nis_feedback&message.id=42361

The long and short of that thread is that recent updates to LU have
caused it to no longer support HTTP 1.0. The LU servers are all HTTP
1.1, and now the client requires this. Our setup is not the only
thing breaking as a result (apparently, the built-in "firewalls" on
some home routers also have problems with it), but now that I'm aware
Squid is doing this, it ought to be easy to make some small change in
the configuration and get it to return HTTP 1.1 responses, at least
when the server does -- right?

But I'm coming up blank on how.

One other note: the version of Squid we have, for reasons that aren't
worth going into here, is I believe somewhat outdated (-v says
2.5.STABLE13). But HTTP 1.1 is certifiably older than dirt, so I'd be
extremely amazed if the Squid that we have doesn't support it...
We're going to update it hopefully pretty soon, but getting LiveUpdate
working again is significantly more urgent (and, hopefully, easier;
updating Squid in our case probably means a fresh OS install...)

So where and how do I configure what Squid does with HTTP versions?
Where is this documented?

TIA,

Nathan Eady
Technology Coordinator
Galion Public Library

-- 
$\=$/;$=+=$^F**$^F;$:=chr$=;s;;
###############################
Visit: http://galionlibrary.com
;;($_)=map{$_}reverse split/\//
;s!(?=[.])!$:gmail!;print if$=;
Received on Wed Mar 25 2009 - 18:47:00 MDT

This archive was generated by hypermail 2.2.0 : Wed Apr 01 2009 - 12:00:02 MDT