IME squid saves between 25%-60% on bandwidth depending on traffic patterns. This is irregardless of size. You already have a proxy with the webscanner..just route the final scanned data through squid for caching.(take a look at the copfilter project which uses ipcop). Just make sure you don't have squid cache in ram much or your ram requirements go through the roof. I have had to tweak several squid configs to reduce squid memory footprint which can be rather large..I'm not a squid expert but if you would like i can post my tweaks that i normally use to reduce squid's memory footprint.
This looks like an excellent product. I have 10 firewalls i admin..some heavily modded ipcop machines and some astaro. Get the caching proxy server in there and i can begin evaluating replacing ALL of those machines with your product.
Last edited by hescominsoon; 09-01-2007 at 07:04 AM.
Hi all!
I am new to Untangle and still learning, but I also miss the proxy feature.
Why not use something like advproxy?
http://www.advproxy.net/
I think this only works on IPCop and Smoothwall but it is an excellent feature.
It works more like a file server then a web proxy, saving all windows update and more.
I will attach a screen shot from my current Router software (endian) were you can see what programs it can save updates for.
As you can see I am only using it to cache windows update.
I have been using untangle on a couple of small networks and I love it!!! But I agree a cache server would be great. Currently we use an Esoft Instagate EX2 and it is linux based I believe and it has a great web cache server built in that allows you to choose the cache size from 1-500mb. Helps a lot with updates and if we are having the whole class go to the same website!!!
Hope this will happen someday!!
Thanx for all the hard work!!!
I have 30%-35% cache hits in a small law-consulting company with 30 computers in it (the statistics is based on a WinRoute report). I think this is quite large amount... so the cache should be really efficient.
And one more thing to add. I think the cache efficiency should raise if there will be a good AD filter before it, because ADs usually loads dynamically and are incacheable. An example of such an AD filter is Mozilla's Adblock Plus plugin.
Every day we download a multi-megabyte pattern file to each computer. See below.
"Virus Pattern Files
Official Pattern Release 5.397.00
As of Jul 09, 2008, the latest pattern file number is 5.397.00.
The Official Pattern Release or OPR is Trend Micro's latest compilation of patterns for identified viruses. It is guaranteed to have passed a series of critical tests to ensure that customers get optimum protection from the latest virus threats.
lpt397.zip (Windows) 15.7MB"
Plus there are Java updates, windows updates, acrobat updates, updates to Firefox, and open office...
None of this benefits from the local browser cache!
I have an enhancement request open on this.
If you want to help pile on the votes for this feature go to
http://bugzilla.untangle.com/show_bug.cgi?id=4015
and vote for “Bug# 4015”
first, let me say what a good idea
this would be.
second, if you want a transparent proxy
outside somewhere ut 5.2 can do this already. portforward?
third, browsers DO know alot about caching, BUT
mostly, that's part of what you have to clean-up (disk-defrag) in XP once month.
i have another box (playing around) with opensuse linux 11
at it does the proxying for me at at the moment.
all my browsers have instruction to cache 0 MB. (less fragmentation and disk
usage)
fourthly? squid (at least) comes with a mechanism to
do "clustering" ... meaning you can add other squid proxy
boxes, it should ask before going for the source.
this is "very" similar" like TOR works (of course not encrypted, yet)
so maybe, -IF- you implement squid in UT, maybe have a page
where people can share their proxy, to form a big-o cluster.
benefit for privacy? anonymous
thanks ...