On 02/28/2013 08:32 AM, Martin Sperl wrote:
> Is there another acltype besides "dstdomain" to match on the
> unmodified dstdomain instead of the icap-request modified dstdomain?
AFAIK, no.
> As a workaround: do I need to set an additional header (via
> header_access/header_replace or similar) and trigger on this acl
> (acl ... req_header <headername>) instead of modify_response_a?
Your ICAP service can add that HTTP request header while rewriting the
request. You may even be able to then filter it out on the way from
Squid using request_header_access, but whether that will delete it from
the request that Squid remembers needs to be checked/tested.
> Other ideas?
What you may want is annotations that can be set by the ICAP service in
ICAP response headers, without modifying the HTTP request header. Those
annotations can then be matched using a "note" ACL. eCAP can do
something like that already, but I think that Squid ICAP code lacks the
necessary glue. Eventually, somebody will probably add it.
If you use external helpers for something, they can add annotations as
well (v3.3?).
Similarly, the "note" option can be enhanced to work before logging.
This way, the annotations can be added in squid.conf directly.
Or one could add an "such and such adaptation service was used" ACL. It
would be handy in several use cases.
There are probably other options as well.
HTH,
Alex.
Received on Thu Feb 28 2013 - 23:37:05 MST
This archive was generated by hypermail 2.2.0 : Fri Mar 01 2013 - 12:00:04 MST