Squid configuration with ICAP filter

Question

We're new to Squid and trying to setup this configuration, we're not certain it's possible:

• Incoming compressed HTTP
• Decompress and forward to ICAP service
• Log and discard if ICAP service returns 4xx
• Send original, compressed payload to destination if ICAP returns 2xx

As I said, we're Squid n00bs, we'd appreciate any thoughts.

Answer 1

It is doable but in a slightly different way. I presume you mean gzip and deflate encoding by compressed HTTP.

ICAP has two modes:

• Request mode (browser -> squid -> icap server-> squid -> webserver)
• Response mode (webserver -> squid -> icap server-> squid -> browser)

You will encounter compressed content usually in response mode. Squid will send these responses to your configured ICAP respmod service without decompressing. Service will receive ICAP encapsulated HTTP response as it is. It is your ICAP service's task to do decompressing and doing further processing.

If Squid gets one of 4XX or 5XX responses that is a malfunction, you can configure Squid to bypass ICAP modification or show an Squid error page.

If you want to apply certain action you can return notification/block/redirect page content form ICAP service with 200 status code.

If you want to return the original content just return "204 - No modifications" and squid will send the original response without waiting response form ICAP service. Squid does not support 204 for following cases:

• The size of the payload is greater than 64kb.
• The size of the payload cannot be (easily) ascertained.

If you can decide whether to change the content or not in ICAP preview mode it is better.