Re: [squid-users] Cosmetics: How to eliminate HTTP error msg completely ?

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Mon, 03 Feb 2014 01:09:01 +1300

On 2/02/2014 11:04 p.m., babajaga wrote:
> Actually, I have a private proxy on the web, set up to be used by me only,
> when on the road, in areas of slow wired/wireless connection. Part of it is
> to remove ads, when browsing. This is done using local DNS on squid machine,
> pointing to 127.0.0.1 for well known ad sites. And a patched web server on
> squid machine, always serving minimum content, so no error is visible in the
> browser, at least.
> This works fine.
> Now, quite a few ad providers start using https:\\wellknown.adsite.com .
> Which then leads to the following error message in the browser, instead of
> the ad:
> "The connection has timed out
> The server at wellknown.adsite.com is taking too long to respond."
> (504 Gateway Timeout)
> I assume, because the CONNECT will not get any response from my local
> (faked) wellknown.adsite.com
>
> Any suggestion, how/where to hack squid2.7 to also get rid of these ones ?
> My idea just now is modifying "504 Gateway Timout" to "204 No Content".
> Not knowing https-protocol, will this lead to more errors later on ?
> Or any other ideas ?

deny_info works in squid-2.7 in a basic way. The to_localhost ACL in
Squid matches the traffic your DNS is dead-routing.

  deny_info ERR_BLANK to_localhost
  http_access deny to_localhost

... where ERR_BLANK is an empty file.

PS. no need for that dummy web server. Squid will be generating the
error response with 0 byte payload to any localhost traffic at around
half the CPU load.

Amos
Received on Sun Feb 02 2014 - 12:09:21 MST

This archive was generated by hypermail 2.2.0 : Wed Feb 05 2014 - 12:00:04 MST