Data trickle not working when Symantec Scan Engine is integrated with Squid Proxy over the ICAP protocol

Article:TECH96867  |  Created: 2009-01-18  |  Updated: 2009-01-18  |  Article URL http://www.symantec.com/docs/TECH96867
Article Type
Technical Solution


Issue



You enable data trickle within Symantec Scan Engine when integrated with Squid proxy over the ICAP protocol however, data is not being trickled to the HTTP client in small amounts at regular intervals from Squid Proxy.


Cause



Currently Squid proxy does not support data trickling.

Solution



Please check the current stable Squid build release notes for updates on data trickling and Squid: http://www.squid-cache.org/Versions/.


Internet Content Adaptation Protocol (ICAP)

Squid 3.0 supports ICAP/1.0. To enable ICAP support, use the --enable-icap-client ./configure option and icap_enable squid.conf option. You will also need to configure ICAP services in your squid.conf using icap_service, icap_class, and icap_access options. The following example instructs Squid to talk to two ICAP services, one for request and one for response adaptation:

icap_enable on

icap_service service_req reqmod_precache 1 icap://127.0.0.1:1344/request

icap_service service_resp respmod_precache 0 icap://127.0.0.1:1344/response

icap_class class_req service_req

icap_class class_resp service_resp

icap_access class_req allow all

icap_access class_resp allow all

Please see squid.conf.default for more details about these and many other icap_* options.

Squid supports pre-cache request and pre-cache response vectoring points. The following ICAP features are supported: message preview, 204 responses outside of preview, request satisfaction, X-Transfer-* negotiation, persistent ICAP connections, client IP/credentials sharing, and optional bypass of certain service failures.

No more than one ICAP service can be applied to an HTTP message. In other words, chaining or load balancing multiple services is not yet supported.

Proxy-directed data trickling and patience pages are not supported yet.

Following ICAP requirements, Squid never performs HTTP message adaptation without a successful and fresh ICAP OPTIONS response on file. A REQMOD or RESPMOD request will not be sent to a configured ICAP service until Squid receives a valid OPTIONS response from that service. If a service malfunctions or goes down, Squid may stop talking to the service for a while. Several squid.conf options can be used to tune the failure bypass algorithm (e.g., icap_service_failure_limit and icap_service_revival_delay).

The bypass parameter of the icap_service squid.conf option determines whether Squid will try to bypass service failures. Most connectivity and preview-stage failures can be bypassed.
More information about ICAP can be found from the ICAP-forum website http://www.icap-forum.org



References
http://www.squid-cache.org/Versions/v3/3.0/squid-3.0.STABLE19-RELEASENOTES.html





Legacy ID



2009101914193054


Article URL http://www.symantec.com/docs/TECH96867


Terms of use for this information are found in Legal Notices