Re: [squid-users] Content Filtering using HEAD Requests to a Parent Proxy?

From: Alex Rousskov <rousskov_at_measurement-factory.com>
Date: Wed, 09 Oct 2013 15:27:03 -0600

On 10/09/2013 12:28 PM, Jeffrey Mealo wrote:

> I need to run several Squid child nodes on budget VPS servers to serve
> as web caches. I have a parent proxy that serves as a content filter.

Does the content filter make its decision based on the request [URL]
only? Or does it convert a HEAD request into a GET request, receives the
response content, and then "filters" it?

> So the content filter doesn't become the bottleneck in terms of
> bandwidth

Are you concerned about child-to-parent bandwidth or parent-to-internet
bandwidth or some other link/direction?

> would it be possible to do the following?
>
> 1. Child proxy receives request from client
> 2. Child proxy issues a HEAD request to parent proxy (Content Filter)
> 3. If the response isn't a block page/error code, the child directly
> connects to the destination server
> 4. If a block page is served, deny the request (possibly show a local
> block page, or even the remote one).
>
> Is there a way to do this without modifying Squid?

Yes, you can accomplish the above using external_acl_type, eCAP, or
ICAP. ICAP and eCAP allow you to show the remote block page.
http://wiki.squid-cache.org/SquidFaq/ContentAdaptation

You may also want to move away from the HTTP interface for your filter
if it only does URL-based filtering. That would simplify implementation.

HTH,

Alex.
Received on Wed Oct 09 2013 - 21:27:04 MDT

This archive was generated by hypermail 2.2.0 : Thu Oct 10 2013 - 12:00:05 MDT