Caching windowsupdate in squid
Windows update tells proxy servers not to cache its downloads. To get round this in squid, add the following to your acls:
acl windowsupdate dstdomain .windowsupdate.com never_direct allow windowsupdate
never_direct tells squid to always try to get the object from cache even if the client specifically asks for it.
UPDATE: I found that Microsoft change the updates whilst keeping the old filename, and this will break if you cache the files. So the best solution is to use SUS.
Hi. My testing with SquidNT shows Windows Updates apparently being cached without that setting. I’d like to know what one could do when some of the downloads are corrupted.
The main problem (that I have discovered) is that AFAICT Microsoft produce patched patches which have the same name which means that when the patches are updated the caching proxy server uses the old one in preference to the one that windowsupdate expects.
The best solution is the have an up-to-date slipstreamed distribution which sits on a network and that you install using either a bootable pen drive or FDD. This also means you can automate the install and control what goes on the machine. I think that you can also add drivers to the install as well so it makes life a lot easier for a little bit of work up front.
You could use http://www.microsoft.com/windows2000/windowsupdate/sus/ if you have a spare Wİndows 2000 -> 2003 server available for Microsoft’s solution to the problem. Or http://www.glob.com.au/windowsupdate_cache/ has a redirector that can cache windowsupdate files. Either solution is not perfect, I’ve tried them both.