Posts Tagged ‘Squid’

How Snapt Intercepts Data

Wednesday, February 10th, 2010

One of the features packaged in the Snapt Framework is the “Interception Manager”. This provides plugins to the framework such as Snapt Squid or Snapt HAProxy to transparently intercept traffic.

firewallType How Snapt Intercepts Data

In the Squid example, it makes it easy to pick up HTTP (port 80) traffic and cache it without interfering with user configuration, or with HAProxy you can roll out load balancing without changing IP addresses and the like. Typically, this can get confusing and complicated – so we introduced an interception manager.

Each plugin is assigned a “space” in which it can operate to intercept traffic. Each space can have subspaces. For example, each HAProxy group effectively has its own space which can have any number of ports or IP addresses to intercept traffic on and redirect it to HAProxy.

The interception manager automatically integrates with your firewall (currently it supports PF or IPTables) and intercepts the data. You can disable and enable interception spaces without losing their configuration – allowing maintenance without downtime, and you can disable the entire system without losing your setup.

You can see an example of some live HAProxy groups intercepting data below
interceptionStatus How Snapt Intercepts Data

Tags: , , , ,
Posted in Framework, HAProxy, Squid | No Comments »

Snapt in 2010

Tuesday, January 19th, 2010

With work on the Snapt Framework moving along, focus is being shifted toward the completion of our two launch modules; HAProxy and Squid.

Snapt Squid

Some of the features to look forward to in Snapt Squid have already been discussed and work on plugins has started. The plugins aim to bring functionality that might not be common to all installations without adding unnecessary bloat to the Snapt Squid Module. Examples include authentication, WCCP, advanced peering and more.

Snapt HA Proxy

The Snapt HAProxy module is a feature packed front end to the HA Proxy Load Balancer. Among many other features, it includes advanced reporting, simple yet powerful control over the config file as well as status alerts. Scheduled for release with the launch of the Snapt Framework, this will give HA Proxy the frontend needed to position itself as a competitive Open Source load balancer.

We’re excited for 2010 and for the great feedback we have received so far. Remember, by subscribing to the release list you will be the first to know when Snapt is officially launched.

Tags: , , ,
Posted in Framework, HAProxy, Squid | No Comments »

Quick Tip: Windows Update No-Auth

Wednesday, September 23rd, 2009

Here’s a quick Squid tip from their wiki, if you’ve ever wanted to not require authentication for the Windows Update services you can just add the following before any other ACL’s in your config file –

acl windowsupdate dstdomain windowsupdate.microsoft.com
acl windowsupdate dstdomain .update.microsoft.com
acl windowsupdate dstdomain download.windowsupdate.com
acl windowsupdate dstdomain redir.metaservices.microsoft.com
acl windowsupdate dstdomain images.metaservices.microsoft.com
acl windowsupdate dstdomain c.microsoft.com
acl windowsupdate dstdomain www.download.windowsupdate.com
acl windowsupdate dstdomain wustat.windows.com
acl windowsupdate dstdomain crl.microsoft.com
acl windowsupdate dstdomain sls.microsoft.com
acl windowsupdate dstdomain productactivation.one.microsoft.com
acl windowsupdate dstdomain ntservicepack.microsoft.com

acl CONNECT method CONNECT
acl wuCONNECT dstdomain www.update.microsoft.com
acl wuCONNECT dstdomain sls.microsoft.com

http_access allow CONNECT wuCONNECT localnet
http_access allow windowsupdate localnet

This allows the HTTPS and HTTP connections to the suite of Microsoft update sites without authentication. This can be particularly useful if you want to ensure users can update at any time, without needing to enter their information into popup boxes (i.e. non single sign-on setups). There is a quick wizard included in Snapt if you want to automate this!

Tags: , ,
Posted in Squid | No Comments »

Snapt Squid Diagnostics

Thursday, September 17th, 2009

Snapt Squid comes with powerful tools for helping you diagnose any network, cache or even config errors. With many great open source products visibility and troubleshooting can be problems, which is why all Snapt products aim to improve both.

There are many features in Snapt Squid, but today we’ll touch on the Tools section. It enables to you check connectivity through the cache, see an objects status, force a refresh on a cached object, test URL’s, parse the config file and more.

Checking Connectivity

There are several options available to you

A single request through a cache can often not be a good enough test. The connectivity tester can be configured to send as many requests as you want, and will diagnose any problems (e.g. drops, different page sizes etc). You can see an example of this below, each request is sent through Squid.

You can see the responses from Google

Diagnosing a User

Another problem is when a specific user, from a specific IP address is complaining about something that you can’t reproduce – with Snapt you can! As you can see below, you can configure a URL to test, an IP to test from, and the username/password the user is supplying (if you use authentication).

Testing a specific IP or user becomes a breeze

Config Parsing

The config parser doesn’t only pick up any errors – it also offers suggestions for fixing them using an advanced matching algorithm that can detect typing errors! No longer will you have to search for answers to configuration problems!

Do you have configuration errors?

Tags: , , ,
Posted in Squid | No Comments »

Custom Squid Error Pages

Tuesday, September 15th, 2009

No one likes an ugly cache error message – it’s hard for the user to understand and it’s unprofessional! Snapt Squid comes with an advanced error page editor which allows you to quickly convert all your error pages to stylish, readable pages – or create any style of your own!

The standard editor is quick and easy to use

As you can see above, the default process is simple. You can choose what information to display and customize error messages about who to contact and even include a company logo. You can choose between a Modern style (which is shown in the screenshot below) or Simple which displays Apache-like error pages – masking the cache’s presence if you are an ISP etc.

The error pages can be previewed on the fly - while you change them!

Also included is an advanced editor where you can manually edit the HTML code, or use a WYSIWYG editor to customize it to fit your needs exactly. This is shown below, with a popup tip box of all the possible variables available.

The powerful advanced editor allows to control every detail!

Tags: , , ,
Posted in Squid | No Comments »