Hi,
I checked the FAQ, bugzilla and the archives of this list
without
finding anything...
I am trying to apply what was described in this mail :
http://www.squid-cache.org/mail-archive/squid-users/200204/1013.html
The aim is :
- to make Squid relay new methods
- to restrict these to some users only
Did anyone set up such a config ?
As a proof of concept, I used the following (minimized)
squid.conf :
http_port 3128
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
extension_methods TOTO
acl all src 0.0.0.0/0.0.0.0
acl TEST method TOTO
http_access allow TEST
http_access deny all
http_reply_access allow all
icp_access allow all
coredump_dir /var/spool/squid
As is, the TOTO method does not pass through Squid, but it
should !
Any other methods are also blocked (normal).
If I suppress the "allow TEST" line and change the next line
to "allow
all", everything pass through, even the TOTO method (hence the
"extension_methods" tag works).
If I use a standard method (like GET) in the ACL, it works fine.
I also checked the cache.log in debug mode.
I also tried to put the "extension_methods" tag at
differents positions
in the squid.conf file...
Conclusion : when processing an ACL on HTTP methods, Squid
does not
take into account methods declared in the
"extension_methods" tag.
Do you think it is a bug or did I misunderstand something ?
Thank you in advance for any help or advice.
Frédéric Pailler
Network and Security Projet Manager
--------------------- ALICE SECURITE ENFANTS ---------------------
Protégez vos enfants des dangers d'Internet en installant Sécurité Enfants, le contrôle parental d'Alice.
http://www.aliceadsl.fr/securitepc/default_copa.asp
Received on Fri Jun 16 2006 - 01:27:42 MDT
This archive was generated by hypermail pre-2.1.9 : Sat Jul 01 2006 - 12:00:01 MDT