[plug] Getting SQUID to play nice with windows updates

William Kenworthy billk at iinet.net.au
Sun Apr 20 11:24:37 WST 2008

I think you will find that the latest windows update uses https so squid
(or any other web cache) that I know of wont cache them.  Is there
anything on MS's website - perhaps for enterprise users?


On Sun, 2008-04-20 at 10:14 +0800, Mark Slatem wrote:
> Hey all,
> This week I have been spending some time dabbling with a squid test 
> server. I have setup squid as a transparent proxy and have the firewall 
> redirect all http requests to the squid box, then on the squid box I am 
> using iptables rules to redirect port 80 >> 3128
> This is all working well but I am having major problems getting "windows 
> updates" to be cached and reserved to windows clients on the LAN. There 
> does not seem to be any definitive information on the net about this, 
> but from what I have read Microsoft keep changing their settings and now 
> specifically send messages to proxy servers requesting updates to not 
> cache, and also they will change the data of update files while 
> retaining the file names, this also causes major problems if you tell 
> squid to cache all update content regardless and then it serves 
> incorrect or  stales versions of updates to clients.
> Since this is one of the reasons we want to deploy squid in lan 
> environments, I was wondering if any of you would like to share your 
> pearls of wisdom on if and how you overcame these challenges, and if in 
> fact it is possible to get this working reliably using squid.
> Thanks
> Mark
> _______________________________________________
> PLUG discussion list: plug at plug.org.au
> http://www.plug.org.au/mailman/listinfo/plug
> Committee e-mail: committee at plug.linux.org.au
William Kenworthy <billk at iinet.net.au>
Home in Perth!

More information about the plug mailing list