OPNsense Forum

English Forums => Web Proxy Filtering and Caching => Topic started by: marshalleq on August 09, 2018, 05:44:53 am

Title: Windows Update Cache / Linux Package Cache
Post by: marshalleq on August 09, 2018, 05:44:53 am

Hi all - first OPNsense post having moved over from IPFire...  Being that I repair a lot of computers as favours for people, the caching of Windows Updates and Linux Packages is a big deal.  However in the age of SSL I don't really care about caching web traffic - there's just not enough HTTP traffic left and I'm not a fan of utilising man in the middle certs etc.  So, questions below:

Q1 - Does anyone know how best to configure the cache just for this purpose?  I find the terminology a bit ambiguous - seems memory might not actually mean memory.
Q2 - Is this based on the update accelerator stuff here? https://github.com/pbinks/update-accelerator

Q3 - If based on update-accelerator, did we leave mac updates out for a reason (IPFire had this). 

Thanks!

(not sure if the Mac stuff is excluded here on purpose

Title: Re: Windows Update Cache / Linux Package Cache
Post by: weust on August 09, 2018, 10:59:53 am

For Windows, either set up a WSUS server OR let Windows 10 handle it.
It has a mechanism build in that will allow Windows 10 machines on the same network query the network for other Windows 10 machines and pull updates from it.

Title: Re: Windows Update Cache / Linux Package Cache
Post by: fabian on August 09, 2018, 10:24:53 pm

Quote from: marshalleq on August 09, 2018, 05:44:53 am

Q1 - Does anyone know how best to configure the cache just for this purpose?  I find the terminology a bit ambiguous - seems memory might not actually mean memory.

The best way is not using it for that and host your own mirror for updates and enter its URL into the package managers configuration.

Quote from: marshalleq on August 09, 2018, 05:44:53 am

Q2 - Is this based on the update accelerator stuff here? https://github.com/pbinks/update-accelerator

No - it is not in any case. I am the author of the feature and I see the repository the first time. It is based on the official wiki of squid (windows updates) with some extensions by me (common Linux distribution package formats for rpm based, deb based and pkg based).
So the Linux variant should work for Debian, Ubuntu, OpenSUSE, Fedora, CentOS, Arch Linux etc.

Quote from: marshalleq on August 09, 2018, 05:44:53 am

Q3 - If based on update-accelerator, did we leave mac updates out for a reason (IPFire had this). 

see Q2

Quote from: marshalleq on August 09, 2018, 05:44:53 am

(not sure if the Mac stuff is excluded here on purpose

probably not (maybe accidentally when similar to Arch Linux).

Title: Re: Windows Update Cache / Linux Package Cache
Post by: opnsensestuyt on February 25, 2019, 03:32:41 am

I'm not sure if this feature is working. I elected for the linux packages and out of curiosity I thought I'd look around /var/squid/cache for packages. Non seem to populate in that space.  I patch a bunch of VM's and nothing appears in this space.

I do see logging going on in the proxy concerning packages being downloaded.