Allows ip address specification.
This is an option for use with SSL acceleration - it determines where squid listens for SSL requests.
This is used to handle some bugs in browsers that don't fully support SSL.
This has been removed - use the http_port line to specify ip address's.
login= has been extended to allow pass through authentication, fixed password authentication and maximum connection limits.
Directs squid to read in a set of name-address associations upon startup and reconfiguration.
Removed. See auth_param.
This replaces the authenticate_program directive. It allows configuration of multiple authentication helpers, one for each of the supported authentication schemes. Such schemes include "NTLM", "Digest (from RFC 2617)", and "Basic".
This directive sets the garbage collection interval for the authentication cache.
This directive configures the new external ACL Helper interface. VERY useful for authenticating by group membership - i.e. from an LDAP server or NT domain.
The default for this is now 0 - unlimited.
Now multiple size limits are allowed based on ACL lists.
The default is now blank - users must uncomment the suggested default to use it. This allows the use of a blank refresh pattern if desired.
Raised the default to 5 minutes.
New directive - how long to wait after a reply is completed before closing the connection.
New acl types
Limit HTTP replies based on ACL's. This is complementary to http_access.
These three directives allow marking of outbound connections at the IP level - i.e. for choosing routes based on the usercode.
Allows mapping of requests onto specific outbound IP address's.
Removed. See header_access.
Allow granular filtering of HTTP headers.
Replace specific headers with custom values.
Now defaults to off for bandwidth management and access logging reasons.
Enables a workaround for web servers that immediately expire Varied objects because they think squid is unable to handle Vary:.
Give the OS a small amount of time to accomodate the fork+exec used to launch helpers - if squid has a lot of virtual memory allocated the OS may run out of virtual memory during helper spawning otherwise.
This has been removed - starting with Squid-2.4 this directive have had no effect and has now been fully removed to avoid confusion.
This has been removed - it is not referenced anywhere in the source code.
This has been removed - it is not referenced anywhere in the source code.
New directive in 2.5.STABLE5 complement connect_timeout in management of timeouts while connecting to origin servers or peers
New directive in 2.5.STABLE5 to enable an alternative way of referring to icons in FTP directory listings etc.
New acl type in 2.5.STABLE5 to match the login component of Internet style URLs (protocol://user:password@host/path/to/file)
New directive in 2.5.STABLE7 to make it possible to disable the automatic round-robin load balancing on multiple IP addresses normally done by Squid.
New directive in 2.5.STABLE7 limiting the size of HTTP reply headers, similar to request_header_max_size but in the reply direction (from servers to clients). Default is 20KB.
New acl types in 2.5.STABLE7 to match arbitrary HTTP headers, useful to block certain malware/spyware etc.
New directive in 2.5.STABLE8 to control how strict the HTTP parser should be.
New directive in 2.5.STABLE9 to aggressive retry requests on errors (was the default in earlier versions)
No longer matches invalid hosts. Was previously using the IP address "255.255.255.255" on invalid hosts.
There is a few known issues in this version of Squid which we hope to correct in a later release
assertion failed: cbdata.c:249: "c->locks > 0" when using diskd
Problems refreshing pages stored with 'vary' information
users going above their allowed IP count no longer logged in cache.log
ntlm_user_pool assertion error on shutdown
checking if IP-Filter header files are installed... no WARNING: Cannot find necessary IP-Filter header files Transparent Proxy support WILL NOT be enabledTo fix the problem first check if the ip_fil.h, ip_compat.h, ip_nat.h and ipl.h files are present in /usr/include/netinet and copy them from ipfilter source tree if needed. Don't forget to fix files permission and ownership after the copy.
env ac_cv_header_netinet_ip_compat_h=yes ./configure --enable-ipf-transparent
In addition there is a set of limitations in this version of Squid which we hope to correct later
mime.conf and referenced icons must be within chroot
tcp_outgoing_address using an ident ACL does not work
acl max_user_ip and multiple authentication schemes
miss_access fails on "slow" acl types such as dst.
squid -F is starting server sockets to early
does not handle swap.state corruption properly
unstable if runs out of disk space
diskd may appear slow on low loads
delay_pools stops working on -k reconfigure
<prefix>/etc/cachemgr.conf
for details. The configuration is read first from the current directory
(normally where you installed cachemgr.cgi) and if not found there from
<prefix>/etc/cachemgr.conf
. If neither is found only access
to localhost and the full server name is provided, or the cachemgr default
host if specified to configure.