Página 1 de 4 1234 ÚltimoÚltimo
+ Responder ao Tópico



  1. ola linuxers , estou tendo um problema com o squid , instalei ele em meu redhat 7.1 , peguei o na paguina oficial squid-2.5.stable3-20030614.tar.gz

    , como tinha visto uma materia aqui no underlinux falando de como instalar e configurar o squid , resolvi meter a cara.

    obtive alguns problemas na instalacao , como ele nao achar o meu dominio , só que sempre ele foi me indicando a linha de onde estava errado.

    squid.conf

    entao fui arrumando (acho) , pois hoje eu dou um ./squid e ele nao me mostra + nenhum erro , + tem um problema , quando dou um ps-aux ele nao esta rodando.

    dou um netstat-na ele tambem nao abre a porta 3128.

    tento dar um telnet ou algo do tipo na porta ele me recusa.

    nao sei oq pode ser , acho que deve ser algo na conf do squid.
    assim vou passar meu squid.conf

    é bem longo + por via das duvidas vou manda-lo inteiro

    antes vou passar algumas informacoes , minha rede se chama zion , minha rede é classe 192.168.0.0

    uso varios outros servicos alem do squid , como samba blabablab
    tambem compartilho minha internet com regra de iptables.
    tenho firewall , e nele a porta 3128 esta aceitando conexao , e pode ser aberta.

    ai vai a conf do squid



    # welcome to squid 2
    # ------------------
    #
    # this is the default squid configuration file. you may wish
    # to look at the squid home page (http://www.squid-cache.org/)
    # for the faq and other documentation.
    #
    # the default squid config file shows what the defaults for
    # various options happen to be. if you don´t need to change the
    # default, you shouldn´t uncomment the line. doing so may cause
    # run-time problems. in some cases "none" refers to no default
    # setting at all, while in other cases it refers to a valid
    # option - the comments for that keyword indicate if this is the
    # case.
    #


    # network options
    # -----------------------------------------------------------------------------

    # tag: http_port
    # usage: port
    # hostname<img src="images/forum/icons/icon_razz.gif">ort
    # 1.2.3.4<img src="images/forum/icons/icon_razz.gif">ort
    #
    # the socket addresses where squid will listen for http client
    # requests. you may specify multiple socket addresses.
    # there are three forms: port alone, hostname with port, and
    # ip address with port. if you specify a hostname or ip
    # address, then squid binds the socket to that specific
    # address. this replaces the old &acute;tcp_incoming_address&acute;
    # option. most likely, you do not need to bind to a specific
    # address, so you can use the port number alone.
    #
    # the default port number is 3128.
    #
    # if you are running squid in accelerator mode, then you
    # probably want to listen on port 80 also, or instead.
    #
    # the -a command line option will override the *first* port
    # number listed here. that option will not override an ip
    # address, however.
    #
    # you may specify multiple socket addresses on multiple lines.
    #
    # if you run squid on a dual-homed machine with an internal
    # and an external interface then we recommend you to specify the
    # internal address<img src="images/forum/icons/icon_razz.gif">ort in http_port. this way squid will only be
    # visible on the internal address.
    #
    #default:
    http_port 3128

    # tag: https_port
    # note: this option is only available if squid is rebuilt with the
    # --enable-ssl option
    #
    # usage: [ip:]port cert=certificate.pem [key=key.pem] [options...]
    #
    # the socket address where squid will listen for https client
    # requests.
    #
    # this is really only useful for situations where you are running
    # squid in accelerator mode and you want to do the ssl work at the
    # accelerator level.
    #
    # you may specify multiple socket addresses on multiple lines,
    # each with their own ssl certificate and/or options.
    #
    # options:
    #
    # cert= path to ssl certificate (pem format)
    #
    # key= path to ssl private key file (pem format)
    # if not specified, the certificate file is
    # assumed to be a combined certificate and
    # key file
    #
    # version= the version of ssl/tls supported
    # 1 automatic (default)
    # 2 sslv2 only
    # 3 sslv3 only
    # 4 tlsv1 only
    #
    # cipher= colon separated list of supported ciphers
    #
    # options= varions ssl engine options. the most important
    # being:
    # no_sslv2 disallow the use of sslv2
    # no_sslv3 disallow the use of sslv3
    # no_tlsv1 disallow the use of tlsv1
    # see src/ssl_support.c or openssl documentation
    # for a more complete list.
    #
    #default:
    # none

    # tag: ssl_unclean_shutdown
    # note: this option is only available if squid is rebuilt with the
    # --enable-ssl option
    #
    # some browsers (especially msie) bugs out on ssl shutdown
    # messages.
    #
    #default:
    # ssl_unclean_shutdown off

    # tag: icp_port
    # the port number where squid sends and receives icp queries to
    # and from neighbor caches. default is 3130. to disable use
    # "0". may be overridden with -u on the command line.
    #
    #default:
    icp_port 3130

    # tag: htcp_port
    # note: this option is only available if squid is rebuilt with the
    # --enable-htcp option
    #
    # the port number where squid sends and receives htcp queries to
    # and from neighbor caches. default is 4827. to disable use
    # "0".
    #
    #default:
    # htcp_port 4827

    # tag: mcast_groups
    # this tag specifies a list of multicast groups which your server
    # should join to receive multicasted icp queries.
    #
    # note! be very careful what you put here! be sure you
    # understand the difference between an icp _query_ and an icp
    # _reply_. this option is to be set only if you want to receive
    # multicast queries. do not set this option to send multicast
    # icp (use cache_peer for that). icp replies are always sent via
    # unicast, so this option does not affect whether or not you will
    # receive replies from multicast group members.
    #
    # you must be very careful to not use a multicast address which
    # is already in use by another group of caches.
    #
    # if you are unsure about multicast, please read the multicast
    # chapter in the squid faq (http://www.squid-cache.org/faq/).
    #
    # usage: mcast_groups 239.128.16.128 224.0.1.20
    #
    # by default, squid doesn&acute;t listen on any multicast groups.
    #
    #default:
    # none

    # tag: udp_incoming_address
    # tag: udp_outgoing_address
    # udp_incoming_address is used for the icp socket receiving packets
    # from other caches.
    # udp_outgoing_address is used for icp packets sent out to other
    # caches.
    #
    # the default behavior is to not bind to any specific address.
    #
    # a udp_incoming_address value of 0.0.0.0 indicates that squid should
    # listen for udp messages on all available interfaces.
    #
    # if udp_outgoing_address is set to 255.255.255.255 (the default)
    # then it will use the same socket as udp_incoming_address. only
    # change this if you want to have icp queries sent using another
    # address than where this squid listens for icp queries from other
    # caches.
    #
    # note, udp_incoming_address and udp_outgoing_address can not
    # have the same value since they both use port 3130.
    #
    #default:
    # udp_incoming_address 0.0.0.0
    # udp_outgoing_address 255.255.255.255


    # options which affect the neighbor selection algorithm
    # -----------------------------------------------------------------------------

    # tag: cache_peer
    # to specify other caches in a hierarchy, use the format:
    #
    # cache_peer hostname type http_port icp_port
    #
    # for example,
    #
    # # proxy icp
    # # hostname type port port options
    # # -------------------- -------- ----- ----- -----------
    # cache_peer parent.foo.net parent 3128 3130 [proxy-only]
    # cache_peer sib1.foo.net sibling 3128 3130 [proxy-only]
    # cache_peer sib2.foo.net sibling 3128 3130 [proxy-only]
    #
    # type: either &acute;parent&acute;, &acute;sibling&acute;, or &acute;multicast&acute;.
    #
    # proxy_port: the port number where the cache listens for proxy
    # requests.
    #
    # icp_port: used for querying neighbor caches about
    # objects. to have a non-icp neighbor
    # specify &acute;7&acute; for the icp port and make sure the
    # neighbor machine has the udp echo port
    # enabled in its /etc/inetd.conf file.
    #
    # options: proxy-only
    # weight=n
    # ttl=n
    # no-query
    # default
    # round-robin
    # multicast-responder
    # closest-only
    # no-digest
    # no-netdb-exchange
    # no-delay
    # login=user<img src="images/forum/icons/icon_razz.gif">assword | pass | *<img src="images/forum/icons/icon_razz.gif">assword
    # connect-timeout=nn
    # digest-url=url
    # allow-miss
    # max-conn
    # htcp
    # carp-load-factor
    #
    # use &acute;proxy-only&acute; to specify that objects fetched
    # from this cache should not be saved locally.
    #
    # use &acute;weight=n&acute; to specify a weighted parent.
    # the weight must be an integer. the default weight
    # is 1, larger weights are favored more.
    #
    # use &acute;ttl=n&acute; to specify a ip multicast ttl to use
    # when sending an icp queries to this address.
    # only useful when sending to a multicast group.
    # because we don&acute;t accept icp replies from random
    # hosts, you must configure other group members as
    # peers with the &acute;multicast-responder&acute; option below.
    #
    # use &acute;no-query&acute; to not send icp queries to this
    # neighbor.
    #
    # use &acute;default&acute; if this is a parent cache which can
    # be used as a "last-resort." you should probably
    # only use &acute;default&acute; in situations where you cannot
    # use icp with your parent cache(s).
    #
    # use &acute;round-robin&acute; to define a set of parents which
    # should be used in a round-robin fashion in the
    # absence of any icp queries.
    #
    # &acute;multicast-responder&acute; indicates that the named peer
    # is a member of a multicast group. icp queries will
    # not be sent directly to the peer, but icp replies
    # will be accepted from it.
    #
    # &acute;closest-only&acute; indicates that, for icp_op_miss
    # replies, we&acute;ll only forward closest_parent_misses
    # and never first_parent_misses.
    #
    # use &acute;no-digest&acute; to not request cache digests from
    # this neighbor.
    #
    # &acute;no-netdb-exchange&acute; disables requesting icmp
    # rtt database (netdb) from the neighbor.
    #
    # use &acute;no-delay&acute; to prevent access to this neighbor
    # from influencing the delay pools.
    #
    # use &acute;login=user<img src="images/forum/icons/icon_razz.gif">assword&acute; if this is a personal/workgroup
    # proxy and your parent requires proxy authentication.
    # note: the string can include url escapes (i.e. %20 for
    # spaces). this also means that % must be written as %%.
    #
    # use &acute;login=pass&acute; if users must authenticate against
    # the upstream proxy. this will pass the users credentials
    # as they are to the peer proxy. this only works for the
    # basic http authentication sheme. note: to combine this
    # with proxy_auth both proxies must share the same user
    # database as http only allows for one proxy login.
    # also be warned that this will expose your users proxy
    # password to the peer. use with caution
    #
    # use &acute;login=*<img src="images/forum/icons/icon_razz.gif">assword&acute; to pass the username to the
    # upstream cache, but with a fixed password. this is meant
    # to be used when the peer is in another administrative
    # domain, but it is still needed to identify each user.
    # the star can optionally be followed by some extra
    # information which is added to the username. this can
    # be used to identify this proxy to the peer, similar to
    # the login=username<img src="images/forum/icons/icon_razz.gif">assword option above.
    #
    # use &acute;connect-timeout=nn&acute; to specify a peer
    # specific connect timeout (also see the
    # peer_connect_timeout directive)
    #
    # use &acute;digest-url=url&acute; to tell squid to fetch the cache
    # digest (if digests are enabled) for this host from
    # the specified url rather than the squid default
    # location.
    #
    # use &acute;allow-miss&acute; to disable squid&acute;s use of only-if-cached
    # when forwarding requests to siblings. this is primarily
    # useful when icp_hit_stale is used by the sibling. to
    # extensive use of this option may result in forwarding
    # loops, and you should avoid having two-way peerings
    # with this option. (for example to deny peer usage on
    # requests from peer by denying cache_peer_access if the
    # source is a peer)
    #
    # use &acute;max-conn&acute; to limit the amount of connections squid
    # may open to this peer.
    #
    # use &acute;htcp&acute; to send htcp, instead of icp, queries
    # to the neighbor. you probably also want to
    # set the "icp port" to 4827 instead of 3130.
    #
    # use &acute;carp-load-factor=f&acute; to define a parent
    # cache as one participating in a carp array.
    # the &acute;f&acute; values for all carp parents must add
    # up to 1.0.
    #
    #
    # note: non-icp/htcp neighbors must be specified as &acute;parent&acute;.
    #
    #default:
    # none

    # tag: cache_peer_domain
    # use to limit the domains for which a neighbor cache will be
    # queried. usage:
    #
    # cache_peer_domain cache-host domain [domain ...]
    # cache_peer_domain cache-host !domain
    #
    # for example, specifying
    #
    # cache_peer_domain parent.foo.net .edu
    #
    # has the effect such that udp query packets are sent to
    # &acute;bigserver&acute; only when the requested object exists on a
    # server in the .edu domain. prefixing the domainname
    # with &acute;!&acute; means that the cache will be queried for objects
    # not in that domain.
    #
    # note: * any number of domains may be given for a cache-host,
    # either on the same or separate lines.
    # * when multiple domains are given for a particular
    # cache-host, the first matched domain is applied.
    # * cache hosts with no domain restrictions are queried
    # for all requests.
    # * there are no defaults.
    # * there is also a &acute;cache_peer_access&acute; tag in the acl
    # section.
    #
    #default:
    # none

    # tag: neighbor_type_domain
    # usage: neighbor_type_domain parent|sibling domain domain ...
    #
    # modifying the neighbor type for specific domains is now
    # possible. you can treat some domains differently than the the
    # default neighbor type specified on the &acute;cache_peer&acute; line.
    # normally it should only be necessary to list domains which
    # should be treated differently because the default neighbor type
    # applies for hostnames which do not match domains listed here.
    #
    #example:
    # cache_peer parent cache.foo.org 3128 3130
    # neighbor_type_domain cache.foo.org sibling .com .net
    # neighbor_type_domain cache.foo.org sibling .au .de
    #
    #default:
    # none

    # tag: icp_query_timeout (msec)
    # normally squid will automatically determine an optimal icp
    # query timeout value based on the round-trip-time of recent icp
    # queries. if you want to override the value determined by
    # squid, set this &acute;icp_query_timeout&acute; to a non-zero value. this
    # value is specified in milliseconds, so, to use a 2-second
    # timeout (the old default), you would write:
    #
    # icp_query_timeout 2000
    #
    #default:
    # icp_query_timeout 0

    # tag: maximum_icp_query_timeout (msec)
    # normally the icp query timeout is determined dynamically. but
    # sometimes it can lead to very large values (say 5 seconds).
    # use this option to put an upper limit on the dynamic timeout
    # value. do not use this option to always use a fixed (instead
    # of a dynamic) timeout value. to set a fixed timeout see the
    # &acute;icp_query_timeout&acute; directive.
    #
    #default:
    # maximum_icp_query_timeout 2000

    # tag: mcast_icp_query_timeout (msec)
    # for multicast peers, squid regularly sends out icp "probes" to
    # count how many other peers are listening on the given multicast
    # address. this value specifies how long squid should wait to
    # count all the replies. the default is 2000 msec, or 2
    # seconds.
    #
    #default:
    # mcast_icp_query_timeout 2000

    # tag: dead_peer_timeout (seconds)
    # this controls how long squid waits to declare a peer cache
    # as "dead." if there are no icp replies received in this
    # amount of time, squid will declare the peer dead and not
    # expect to receive any further icp replies. however, it
    # continues to send icp queries, and will mark the peer as
    # alive upon receipt of the first subsequent icp reply.
    #
    # this timeout also affects when squid expects to receive icp
    # replies from peers. if more than &acute;dead_peer&acute; seconds have
    # passed since the last icp reply was received, squid will not
    # expect to receive an icp reply on the next query. thus, if
    # your time between requests is greater than this timeout, you
    # will see a lot of requests sent direct to origin servers
    # instead of to your parents.
    #
    #default:
    # dead_peer_timeout 10 seconds

    # tag: hierarchy_stoplist
    # a list of words which, if found in a url, cause the object to
    # be handled directly by this cache. in other words, use this
    # to not query neighbor caches for certain objects. you may
    # list this option multiple times.
    #we recommend you to use at least the following line.
    hierarchy_stoplist cgi-bin ?

    # tag: no_cache
    # a list of acl elements which, if matched, cause the request to
    # not be satisfied from the cache and the reply to not be cached.
    # in other words, use this to force certain objects to never be cached.
    #
    # you must use the word &acute;deny&acute; to indicate the acl names which should
    # not be cached.
    #
    #we recommend you to use the following two lines.
    acl query urlpath_regex cgi-bin \?
    no_cache deny query


    # options which affect the cache size
    # -----------------------------------------------------------------------------

    # tag: cache_mem (bytes)
    # note: this parameter does not specify the maximum process size.
    # it only places a limit on how much additional memory squid will
    # use as a memory cache of objects. squid uses memory for other
    # things as well. see the squid faq section 8 for details.
    #
    # &acute;cache_mem&acute; specifies the ideal amount of memory to be used
    # for:
    # * in-transit objects
    # * hot objects
    # * negative-cached objects
    #
    # data for these objects are stored in 4 kb blocks. this
    # parameter specifies the ideal upper limit on the total size of
    # 4 kb blocks allocated. in-transit objects take the highest
    # priority.
    #
    # in-transit objects have priority over the others. when
    # additional space is needed for incoming data, negative-cached
    # and hot objects will be released. in other words, the
    # negative-cached and hot objects will fill up any unused space
    # not needed for in-transit objects.
    #
    # if circumstances require, this limit will be exceeded.
    # specifically, if your incoming request rate requires more than
    # &acute;cache_mem&acute; of memory to hold in-transit objects, squid will
    # exceed this limit to satisfy the new requests. when the load
    # decreases, blocks will be freed until the high-water mark is
    # reached. thereafter, blocks will be used to store hot
    # objects.
    #
    #default:
    cache_mem 16 mb

    # tag: cache_swap_low (percent, 0-100)
    # tag: cache_swap_high (percent, 0-100)
    #
    # the low- and high-water marks for cache object replacement.
    # replacement begins when the swap (disk) usage is above the
    # low-water mark and attempts to maintain utilization near the
    # low-water mark. as swap utilization gets close to high-water
    # mark object eviction becomes more aggressive. if utilization is
    # close to the low-water mark less replacement is done each time.
    #
    # defaults are 90% and 95%. if you have a large cache, 5% could be
    # hundreds of mb. if this is the case you may wish to set these
    # numbers closer together.
    #
    #default:
    # cache_swap_low 90
    # cache_swap_high 95

    # tag: maximum_object_size (bytes)
    # objects larger than this size will not be saved on disk. the
    # value is specified in kilobytes, and the default is 4mb. if
    # you wish to get a high bytes hit ratio, you should probably
    # increase this (one 32 mb object hit counts for 3200 10kb
    # hits). if you wish to increase speed more than your want to
    # save bandwidth you should leave this low.
    #
    # note: if using the lfuda replacement policy you should increase
    # this value to maximize the byte hit rate improvement of lfuda!
    # see replacement_policy below for a discussion of this policy.
    #
    #default:
    maximum_object_size 20948 kb

    # tag: minimum_object_size (bytes)
    # objects smaller than this size will not be saved on disk. the
    # value is specified in kilobytes, and the default is 0 kb, which
    # means there is no minimum.
    #
    #default:
    # minimum_object_size 0 kb

    # tag: maximum_object_size_in_memory (bytes)
    # objects greater than this size will not be attempted to kept in
    # the memory cache. this should be set high enough to keep objects
    # accessed frequently in memory to improve performance whilst low
    # enough to keep larger objects from hoarding cache_mem .
    #
    #default:
    # maximum_object_size_in_memory 8 kb

    # tag: ipcache_size (number of entries)
    # tag: ipcache_low (percent)
    # tag: ipcache_high (percent)
    # the size, low-, and high-water marks for the ip cache.
    #
    #default:
    # ipcache_size 1024
    # ipcache_low 90
    # ipcache_high 95

    # tag: fqdncache_size (number of entries)
    # maximum number of fqdn cache entries.
    #
    #default:
    # fqdncache_size 1024

    # tag: cache_replacement_policy
    # the cache replacement policy parameter determines which
    # objects are evicted (replaced) when disk space is needed.
    #
    # lru : squid&acute;s original list based lru policy
    # heap gdsf : greedy-dual size frequency
    # heap lfuda: least frequently used with dynamic aging
    # heap lru : lru policy implemented using a heap
    #
    # applies to any cache_dir lines listed below this.
    #
    # the lru policies keeps recently referenced objects.
    #
    # the heap gdsf policy optimizes object hit rate by keeping smaller
    # popular objects in cache so it has a better chance of getting a
    # hit. it achieves a lower byte hit rate than lfuda though since
    # it evicts larger (possibly popular) objects.
    #
    # the heap lfuda policy keeps popular objects in cache regardless of
    # their size and thus optimizes byte hit rate at the expense of
    # hit rate since one large, popular object will prevent many
    # smaller, slightly less popular objects from being cached.
    #
    # both policies utilize a dynamic aging mechanism that prevents
    # cache pollution that can otherwise occur with frequency-based
    # replacement policies.
    #
    # note: if using the lfuda replacement policy you should increase
    # the value of maximum_object_size above its default of 4096 kb to
    # to maximize the potential byte hit rate improvement of lfuda.
    #
    # for more information about the gdsf and lfuda cache replacement
    # policies see http://www.hpl.hp.com/techreports/1999/hpl-1999-69.html
    # and http://fog.hpl.external.hp.com/techreports/98/hpl-98-173.html.
    #
    #default:
    # cache_replacement_policy lru

    # tag: memory_replacement_policy
    # the memory replacement policy parameter determines which
    # objects are purged from memory when memory space is needed.
    #
    # see cache_replacement_policy for details.
    #
    #default:
    # memory_replacement_policy lru


    # logfile pathnames and cache directories
    # -----------------------------------------------------------------------------

    # tag: cache_dir
    # usage:
    #
    # cache_dir type directory-name fs-specific-data [options]
    #
    # you can specify multiple cache_dir lines to spread the
    # cache among different disk partitions.
    #
    # type specifies the kind of storage system to use. only "ufs"
    # is built by default. to eanble any of the other storage systems
    # see the --enable-storeio configure option.
    #
    # &acute;directory&acute; is a top-level directory where cache swap
    # files will be stored. if you want to use an entire disk
    # for caching, then this can be the mount-point directory.
    # the directory must exist and be writable by the squid
    # process. squid will not create this directory for you.
    #
    # the ufs store type:
    #
    # "ufs" is the old well-known squid storage format that has always
    # been there.
    #
    # cache_dir ufs directory-name mbytes l1 l2 [options]
    #
    # &acute;mbytes&acute; is the amount of disk space (mb) to use under this
    # directory. the default is 100 mb. change this to suit your
    # configuration. do not put the size of your disk drive here.
    # instead, if you want squid to use the entire disk drive,
    # subtract 20% and use that value.
    #
    # &acute;level-1&acute; is the number of first-level subdirectories which
    # will be created under the &acute;directory&acute;. the default is 16.
    #
    # &acute;level-2&acute; is the number of second-level subdirectories which
    # will be created under each first-level directory. the default
    # is 256.
    #
    # the aufs store type:
    #
    # "aufs" uses the same storage format as "ufs", utilizing
    # posix-threads to avoid blocking the main squid process on
    # disk-i/o. this was formerly known in squid as async-io.
    #
    # cache_dir aufs directory-name mbytes l1 l2 [options]
    #
    # see argument descriptions under ufs above
    #
    # the diskd store type:
    #
    # "diskd" uses the same storage format as "ufs", utilizing a
    # separate process to avoid blocking the main squid process on
    # disk-i/o.
    #
    # cache_dir diskd directory-name mbytes l1 l2 [options] [q1=n] [q2=n]
    #
    # see argument descriptions under ufs above
    #
    # q1 specifies the number of unacknowledged i/o requests when squid
    # stops opening new files. if this many messages are in the queues,
    # squid won&acute;t open new files. default is 64
    #
    # q2 specifies the number of unacknowledged messages when squid
    # starts blocking. if this many messages are in the queues,
    # squid blocks until it recevies some replies. default is 72
    #
    # common options:
    #
    # read-only, this cache_dir is read only.
    #
    # max-size=n, refers to the max object size this storedir supports.
    # it is used to initially choose the storedir to dump the object.
    # note: to make optimal use of the max-size limits you should order
    # the cache_dir lines with the smallest max-size value first and the
    # ones with no max-size specification last.
    #
    #default:
    cache_dir diskd /usr/local/squid/var/cache 256 16 256 q1=64 q2=72

    # tag: cache_access_log
    # logs the client request activity. contains an entry for
    # every http and icp queries received. to disable, enter "none".
    #
    #default:
    # cache_access_log /usr/local/squid/var/logs/access.log

    # tag: cache_log
    # cache logging file. this is where general information about
    # your cache&acute;s behavior goes. you can increase the amount of data
    # logged to this file with the "debug_options" tag below.
    #
    #default:
    # cache_log /usr/local/squid/var/logs/cache.log

    # tag: cache_store_log
    # logs the activities of the storage manager. shows which
    # objects are ejected from the cache, and which objects are
    # saved and for how long. to disable, enter "none". there are
    # not really utilities to analyze this data, so you can safely
    # disable it.
    #
    #default:
    # cache_store_log /usr/local/squid/var/logs/store.log

    # tag: cache_swap_log
    # location for the cache "swap.log." this log file holds the
    # metadata of objects saved on disk. it is used to rebuild the
    # cache during startup. normally this file resides in each
    # &acute;cache_dir&acute; directory, but you may specify an alternate
    # pathname here. note you must give a full filename, not just
    # a directory. since this is the index for the whole object
    # list you cannot periodically rotate it!
    #
    # if %s can be used in the file name then it will be replaced with a
    # a representation of the cache_dir name where each / is replaced
    # with &acute;.&acute;. this is needed to allow adding/removing cache_dir
    # lines when cache_swap_log is being used.
    #
    # if have more than one &acute;cache_dir&acute;, and %s is not used in the name
    # then these swap logs will have names such as:
    #
    # cache_swap_log.00
    # cache_swap_log.01
    # cache_swap_log.02
    #
    # the numbered extension (which is added automatically)
    # corresponds to the order of the &acute;cache_dir&acute; lines in this
    # configuration file. if you change the order of the &acute;cache_dir&acute;
    # lines in this file, then these log files will not correspond to
    # the correct &acute;cache_dir&acute; entry (unless you manually rename
    # them). we recommend that you do not use this option. it is
    # better to keep these log files in each &acute;cache_dir&acute; directory.
    #
    #default:
    # none

    # tag: emulate_httpd_log on|off
    # the cache can emulate the log file format which many &acute;httpd&acute;
    # programs use. to disable/enable this emulation, set
    # emulate_httpd_log to &acute;off&acute; or &acute;on&acute;. the default
    # is to use the native log format since it includes useful
    # information that squid-specific log analyzers use.
    #
    #default:
    emulate_httpd_log on

    # tag: log_ip_on_direct on|off
    # log the destination ip address in the hierarchy log tag when going
    # direct. earlier squid versions logged the hostname here. if you
    # prefer the old way set this to off.
    #
    #default:
    # log_ip_on_direct on

    # tag: mime_table
    # pathname to squid&acute;s mime table. you shouldn&acute;t need to change
    # this, but the default file contains examples and formatting
    # information if you do.
    #
    #default:
    # mime_table /usr/local/squid/etc/mime.conf

    # tag: log_mime_hdrs on|off
    # the cache can record both the request and the response mime
    # headers for each http transaction. the headers are encoded
    # safely and will appear as two bracketed fields at the end of
    # the access log (for either the native or httpd-emulated log
    # formats). to enable this logging set log_mime_hdrs to &acute;on&acute;.
    #
    #default:
    # log_mime_hdrs off

    # tag: useragent_log
    # note: this option is only available if squid is rebuilt with the
    # --enable-useragent-log option
    #
    # squid will write the user-agent field from http requests
    # to the filename specified here. by default useragent_log
    # is disabled.
    #
    #default:
    # none

    # tag: referer_log
    # note: this option is only available if squid is rebuilt with the
    # --enable-referer-log option
    #
    # squid will write the referer field from http requests to the
    # filename specified here. by default referer_log is disabled.
    #
    #default:
    # none

    # tag: pid_filename
    # a filename to write the process-id to. to disable, enter "none".
    #
    #default:
    # pid_filename /usr/local/squid/var/logs/squid.pid

    # tag: debug_options
    # logging options are set as section,level where each source file
    # is assigned a unique section. lower levels result in less
    # output, full debugging (level 9) can result in a very large
    # log file, so be careful. the magic word "all" sets debugging
    # levels for all sections. we recommend normally running with
    # "all,1".
    #
    #default:
    # debug_options all,1

    # tag: log_fqdn on|off
    # turn this on if you wish to log fully qualified domain names
    # in the access.log. to do this squid does a dns lookup of all
    # ip&acute;s connecting to it. this can (in some situations) increase
    # latency, which makes your cache seem slower for interactive
    # browsing.
    #
    #default:
    # log_fqdn off

    # tag: client_netmask
    # a netmask for client addresses in logfiles and cachemgr output.
    # change this to protect the privacy of your cache clients.
    # a netmask of 255.255.255.0 will log all ip&acute;s in that range with
    # the last digit set to &acute;0&acute;.
    #
    #default:
    # client_netmask 255.255.255.255


    # options for external support programs
    # -----------------------------------------------------------------------------

    # tag: ftp_user
    # if you want the anonymous login password to be more informative
    # (and enable the use of picky ftp servers), set this to something
    # reasonable for your domain, like wwwuser@somewhere.net
    #
    # the reason why this is domainless by default is that the
    # request can be made on the behalf of a user in any domain,
    # depending on how the cache is used.
    # some ftp server also validate that the email address is valid
    # (for example perl.com).
    #
    #default:
    # ftp_user squid@

    # tag: ftp_list_width
    # sets the width of ftp listings. this should be set to fit in
    # the width of a standard browser. setting this too small
    # can cut off long filenames when browsing ftp sites.
    #
    #default:
    # ftp_list_width 32

    # tag: ftp_passive
    # if your firewall does not allow squid to use passive
    # connections, then turn off this option.
    #
    #default:
    # ftp_passive on

    # tag: ftp_sanitycheck
    # for security and data integrity reasons squid by default performs
    # sanity checks of the addresses of ftp data connections ensure the
    # data connection is to the requested server. if you need to allow
    # ftp connections to servers using another ip address for the data
    # connection then turn this off.
    #
    #default:
    # ftp_sanitycheck on

    # tag: cache_dns_program
    # note: this option is only available if squid is rebuilt with the
    # --disable-internal-dns option
    #
    # specify the location of the executable for dnslookup process.
    #
    #default:
    # cache_dns_program /usr/local/squid/libexec/dnsserver

    # tag: dns_children
    # note: this option is only available if squid is rebuilt with the
    # --disable-internal-dns option
    #
    # the number of processes spawn to service dns name lookups.
    # for heavily loaded caches on large servers, you should
    # probably increase this value to at least 10. the maximum
    # is 32. the default is 5.
    #
    # you must have at least one dnsserver process.
    #
    #default:
    # dns_children 5

    # tag: dns_retransmit_interval
    # initial retransmit interval for dns queries. the interval is
    # doubled each time all configured dns servers have been tried.
    #
    #
    #default:
    # dns_retransmit_interval 5 seconds

    # tag: dns_timeout
    # dns query timeout. if no response is received to a dns query
    # within this time then all dns servers for the queried domain
    # is assumed to be unavailable.
    #
    #default:
    # dns_timeout 5 minutes

    # tag: dns_defnames on|off
    # note: this option is only available if squid is rebuilt with the
    # --disable-internal-dns option
    #
    # normally the &acute;dnsserver&acute; disables the res_defnames resolver
    # option (see res_init(3)). this prevents caches in a hierarchy
    # from interpreting single-component hostnames locally. to allow
    # dnsserver to handle single-component names, enable this
    # option.
    #
    #default:
    # dns_defnames off

    # tag: dns_nameservers
    # use this if you want to specify a list of dns name servers
    # (ip addresses) to use instead of those given in your
    # /etc/resolv.conf file.
    # on windows platforms, if no value is specified here or in
    # the /etc/resolv.conf file, the list of dns name servers are
    # taken from the windows registry, both static and dynamic dhcp
    # configurations are supported.
    #
    # example: dns_nameservers 10.0.0.1 192.172.0.4
    #
    #default:
    # none

    # tag: hosts_file
    # location of the host-local ip name-address associations
    # database. most operating systems have such a file: under
    # un*x it&acute;s by default in /etc/hosts ms-windows nt/2000 places
    # that in %systemroot%(by default
    # c:\winnt)\system32\drivers\etc\hosts, while windows 9x/me
    # places that in %windir%(usually c:\windows)\hosts
    #
    # the file contains newline-separated definitions, in the
    # form ip_address_in_dotted_form name [name ...] names are
    # whitespace-separated. lines beginnng with an hash (#)
    # character are comments.
    #
    # the file is checked at startup and upon configuration. if
    # set to &acute;none&acute;, it won&acute;t be checked. if append_domain is
    # used, that domain will be added to domain-local (i.e. not
    # containing any dot character) host definitions.
    #
    #default:
    # hosts_file /etc/hosts

    # tag: diskd_program
    # specify the location of the diskd executable.
    # note that this is only useful if you have compiled in
    # diskd as one of the store io modules.
    #
    #default:
    # diskd_program /usr/local/squid/libexec/diskd

    # tag: unlinkd_program
    # specify the location of the executable for file deletion process.
    #
    #default:
    # unlinkd_program /usr/local/squid/libexec/unlinkd

    # tag: pinger_program
    # note: this option is only available if squid is rebuilt with the
    # --enable-icmp option
    #
    # specify the location of the executable for the pinger process.
    #
    #default:
    # pinger_program /usr/local/squid/libexec/pinger

    # tag: redirect_program
    # specify the location of the executable for the url redirector.
    # since they can perform almost any function there isn&acute;t one included.
    # see the faq (section 15) for information on how to write one.
    # by default, a redirector is not used.
    #
    #default:
    # none

    # tag: redirect_children
    # the number of redirector processes to spawn. if you start
    # too few squid will have to wait for them to process a backlog of
    # urls, slowing it down. if you start too many they will use ram
    # and other system resources.
    #
    #default:
    # redirect_children 5

    # tag: redirect_rewrites_host_header
    # by default squid rewrites any host: header in redirected
    # requests. if you are running an accelerator then this may
    # not be a wanted effect of a redirector.
    #
    #default:
    # redirect_rewrites_host_header on

    # tag: redirector_access
    # if defined, this access list specifies which requests are
    # sent to the redirector processes. by default all requests
    # are sent.
    #
    #default:
    # none

    # tag: auth_param
    # this is used to pass parameters to the various authentication
    # schemes.
    # format: auth_param scheme parameter [setting]
    #
    # auth_param basic program /usr/local/squid/bin/ncsa_auth /usr/local/squid/etc/passwd
    # would tell the basic authentication scheme it&acute;s program parameter.
    #
    # the order that authentication prompts are presented to the client_agent
    # is dependant on the order the scheme first appears in config file.
    # ie has a bug (it&acute;s not rfc 2617 compliant) in that it will use the basic
    # scheme if basic is the first entry presented, even if more secure schemes
    # are presented. for now use the order in the file below. if other browsers
    # have difficulties (don&acute;t recognise the schemes offered even if you are using
    # basic) then either put basic first, or disable the other schemes (by commenting
    # out their program entry).
    #
    # once an authentication scheme is fully configured, it can only be shutdown
    # by shutting squid down and restarting. changes can be made on the fly and
    # activated with a reconfigure. i.e. you can change to a different helper,
    # but not unconfigure the helper completely.
    #
    # === parameters for the basic scheme follow. ===
    #
    # "program" cmdline
    # specify the command for the external authenticator. such a
    # program reads a line containing "username password" and replies
    # "ok" or "err" in an endless loop. if you use an authenticator,
    # make sure you have 1 acl of type proxy_auth. by default, the
    # basic authentication sheme is not used unless a program is specified.
    #
    # if you want to use the traditional proxy authentication,
    # jump over to the ../auth_modules/ncsa directory and
    # type:
    # % make
    # % make install
    #
    # then, set this line to something like
    #
    # auth_param basic program /usr/local/squid/bin/ncsa_auth /usr/local/squid/etc/passwd
    #
    # "children" numberofchildren
    # the number of authenticator processes to spawn (no default).
    # if you start too few squid will have to wait for them to
    # process a backlog of usercode/password verifications, slowing
    # it down. when password verifications are done via a (slow)
    # network you are likely to need lots of authenticator
    # processes.
    # auth_param basic children 5
    #
    # "realm" realmstring
    # specifies the realm name which is to be reported to the
    # client for the basic proxy authentication scheme (part of
    # the text the user will see when prompted their username and
    # password). there is no default.
    # auth_param basic realm squid proxy-caching web server
    #
    # "credentialsttl" timetolive
    # specifies how long squid assumes an externally validated
    # username<img src="images/forum/icons/icon_razz.gif">assword pair is valid for - in other words how
    # often the helper program is called for that user. set this
    # low to force revalidation with short lived passwords. note
    # that setting this high does not impact your susceptability
    # to replay attacks unless you are using an one-time password
    # system (such as secureid). if you are using such a system,
    # you will be vulnerable to replay attacks unless you also
    # use the max_user_ip acl in an http_access rule.
    #
    # === parameters for the digest scheme follow ===
    #
    # "program" cmdline
    # specify the command for the external authenticator. such
    # a program reads a line containing "username":"realm" and
    # replies with the appropriate h(a1) value base64 encoded.
    # see rfc 2616 for the definition of h(a1). if you use an
    # authenticator, make sure you have 1 acl of type proxy_auth.
    # by default, authentication is not used.
    #
    # if you want to use build an authenticator,
    # jump over to the ../digest_auth_modules directory and choose the
    # authenticator to use. it it&acute;s directory type
    # % make
    # % make install
    #
    # then, set this line to something like
    #
    # auth_param digest program /usr/local/squid/bin/digest_auth_pw /usr/local/squid/etc/digpass
    #
    #
    # "children" numberofchildren
    # the number of authenticator processes to spawn (no default).
    # if you start too few squid will have to wait for them to
    # process a backlog of h(a1) calculations, slowing it down.
    # when the h(a1) calculations are done via a (slow) network
    # you are likely to need lots of authenticator processes.
    # auth_param digest children 5
    #
    # "realm" realmstring
    # specifies the realm name which is to be reported to the
    # client for the digest proxy authentication scheme (part of
    # the text the user will see when prompted their username and
    # password). there is no default.
    # auth_param digest realm squid proxy-caching web server
    #
    # "nonce_garbage_interval" timeinterval
    # specifies the interval that nonces that have been issued
    # to client_agent&acute;s are checked for validity.
    #
    # "nonce_max_duration" timeinterval
    # specifies the maximum length of time a given nonce will be
    # valid for.
    #
    # "nonce_max_count" number
    # specifies the maximum number of times a given nonce can be
    # used.
    #
    # "nonce_strictness" on|off
    # determines if squid requires strict increment-by-1 behaviour
    # for nonce counts, or just incrementing (off - for use when
    # useragents generate nonce counts that occasionally miss 1
    # (ie, 1,2,4,6)). default off.
    #
    # "check_nonce_count" on|off
    # this directive if set to off can disable the nonce count check
    # completely to work around buggy digest qop implementations in
    # certain mainstream browser versions. default on to check the
    # nonce count to protect from authentication replay attacks.
    #
    # "post_workaround" on|off
    # this is a workaround to certain buggy browsers who sends
    # an incorrect request digest in post requests when reusing
    # the same nonce as aquired earlier on a get request.
    #
    # === ntlm scheme options follow ===
    #
    # "program" cmdline
    # specify the command for the external ntlm authenticator.
    # such a program reads a line containing the uuencoded negotiate
    # and replies with the ntlm challenge, then waits for the
    # response and answers with "ok" or "err" in an endless loop.
    # if you use an ntlm authenticator, make sure you have 1 acl
    # of type proxy_auth. by default, the ntlm authenticator_program
    # is not used.
    #
    # auth_param ntlm program /usr/local/squid/bin/ntlm_auth
    #
    # "children" numberofchildren
    # the number of authenticator processes to spawn (no default).
    # if you start too few squid will have to wait for them to
    # process a backlog of credential verifications, slowing it
    # down. when crendential verifications are done via a (slow)
    # network you are likely to need lots of authenticator
    # processes.
    # auth_param ntlm children 5
    #
    # "max_challenge_reuses" number
    # the maximum number of times a challenge given by a ntlm
    # authentication helper can be reused. increasing this number
    # increases your exposure to replay attacks on your network.
    # 0 means use the challenge only once. (disable challenge
    # caching) see max_ntlm_challenge_lifetime for more information.
    # auth_param ntlm max_challenge_reuses 0
    #
    # "max_challenge_lifetime" timespan
    # the maximum time period that a ntlm challenge is reused
    # over. the actual period will be the minimum of this time
    # and the number of reused challenges.
    # auth_param ntlm max_challenge_lifetime 2 minutes
    #
    #recommended minimum configuration:
    #auth_param digest program <uncomment and complete this line>
    #auth_param digest children 5
    #auth_param digest realm squid proxy-caching web server
    #auth_param digest nonce_garbage_interval 5 minutes
    #auth_param digest nonce_max_duration 30 minutes
    #auth_param digest nonce_max_count 50
    #auth_param ntlm program <uncomment and complete this line to activate>
    #auth_param ntlm children 5
    #auth_param ntlm max_challenge_reuses 0
    #auth_param ntlm max_challenge_lifetime 2 minutes
    #auth_param basic program <uncomment and complete this line>
    auth_param basic children 5
    auth_param basic realm squid proxy-caching web server
    auth_param basic credentialsttl 2 hours

    # tag: authenticate_cache_garbage_interval
    # the time period between garbage collection across the
    # username cache. this is a tradeoff between memory utilisation
    # (long intervals - say 2 days) and cpu (short intervals -
    # say 1 minute). only change if you have good reason to.
    #
    #default:
    # authenticate_cache_garbage_interval 1 hour

    # tag: authenticate_ttl
    # the time a user & their credentials stay in the logged in
    # user cache since their last request. when the garbage
    # interval passes, all user credentials that have passed their
    # ttl are removed from memory.
    #
    #default:
    # authenticate_ttl 1 hour

    # tag: authenticate_ip_ttl
    # if you use proxy authentication and the &acute;max_user_ip&acute; acl,
    # this directive controls how long squid remembers the ip
    # addresses associated with each user. use a small value
    # (e.g., 60 seconds) if your users might change addresses
    # quickly, as is the case with dialups. you might be safe
    # using a larger value (e.g., 2 hours) in a corporate lan
    # environment with relatively static address assignments.
    #
    #default:
    # authenticate_ip_ttl 0 seconds

    # tag: external_acl_type
    # this option defines external acl classes using a helper program
    # to look up the status
    #
    # external_acl_type name [options] format.. /path/to/helper [helper arguments..]
    #
    # options:
    #
    # ttl=n ttl in seconds for cached results (defaults to 3600
    # for 1 hour)
    # negative_ttl=n
    # ttl for cached negative lookups (default same
    # as ttl)
    # concurrency=n concurrency level / number of processes spawn
    # to service external acl lookups of this type.
    # cache=n result cache size, 0 is unbounded (default)
    #
    # format specifications
    #
    # %login authenticated user login name
    # %ident ident user name
    # %src client ip
    # %dst requested host
    # %proto requested protocol
    # %port requested port
    # %method request method
    # %{header} http request header
    # %{hdr:member} http request header list member
    # %{hdr:;member}
    # http request header list member using ; as
    # list separator. ; can be any non-alphanumeric
    # character.
    #
    # in addition, any string specified in the referencing acl will
    # also be included in the helper request line, after the specified
    # formats (see the "acl external" directive)
    #
    # the helper receives lines per the above format specification,
    # and returns lines starting with ok or err indicating the validity
    # of the request and optionally followed by additional keywords with
    # more details.
    #
    # general result syntax:
    #
    # ok/err keyword=value ...
    #
    # defined keywords:
    #
    # user= the users name (login)
    # error= error description (only defined for err results)
    #
    # keyword values need to be enclosed in quotes if they may contain
    # whitespace, or the whitespace escaped using \. any quotes or \
    # characters within the keyword value must be \ escaped.
    #
    #default:
    # none


    # options for tuning the cache
    # -----------------------------------------------------------------------------

    # tag: wais_relay_host
    # tag: wais_relay_port
    # relay wais request to host (1st arg) at port (2 arg).
    #
    #default:
    # wais_relay_port 0

    # tag: request_header_max_size (kb)
    # this specifies the maximum size for http headers in a request.
    # request headers are usually relatively small (about 512 bytes).
    # placing a limit on the request header size will catch certain
    # bugs (for example with persistent connections) and possibly
    # buffer-overflow or denial-of-service attacks.
    #
    #default:
    # request_header_max_size 10 kb

    # tag: request_body_max_size (kb)
    # this specifies the maximum size for an http request body.
    # in other words, the maximum size of a put/post request.
    # a user who attempts to send a request with a body larger
    # than this limit receives an "invalid request" error message.
    # if you set this parameter to a zero (the default), there will
    # be no limit imposed.
    #
    #default:
    # request_body_max_size 0 kb

    # tag: refresh_pattern
    # usage: refresh_pattern [-i] regex min percent max [options]
    #
    # by default, regular expressions are case-sensitive. to make
    # them case-insensitive, use the -i option.
    #
    # &acute;min&acute; is the time (in minutes) an object without an explicit
    # expiry time should be considered fresh. the recommended
    # value is 0, any higher values may cause dynamic applications
    # to be erroneously cached unless the application designer
    # has taken the appropriate actions.
    #
    # &acute;percent&acute; is a percentage of the objects age (time since last
    # modification age) an object without explicit expiry time
    # will be considered fresh.
    #
    # &acute;max&acute; is an upper limit on how long objects without an explicit
    # expiry time will be considered fresh.
    #
    # options: override-expire
    # override-lastmod
    # reload-into-ims
    # ignore-reload
    #
    # override-expire enforces min age even if the server
    # sent a expires: header. doing this violates the http
    # standard. enabling this feature could make you liable
    # for problems which it causes.
    #
    # override-lastmod enforces min age even on objects
    # that was modified recently.
    #
    # reload-into-ims changes client no-cache or ``reload&acute;&acute;
    # to if-modified-since requests. doing this violates the
    # http standard. enabling this feature could make you
    # liable for problems which it causes.
    #
    # ignore-reload ignores a client no-cache or ``reload&acute;&acute;
    # header. doing this violates the http standard. enabling
    # this feature could make you liable for problems which
    # it causes.
    #
    # basically a cached object is:
    #
    # fresh if expires < now, else stale
    # stale if age > max
    # fresh if lm-factor < percent, else stale
    # fresh if age < min
    # else stale
    #
    # the refresh_pattern lines are checked in the order listed here.
    # the first entry which matches is used. if none of the entries
    # match, then the default will be used.
    #
    # note, you must uncomment all the default lines if you want
    # to change one. the default setting is only active if none is
    # used.
    #
    #suggested default:
    refresh_pattern ^ftp: 1440 20% 10080
    refresh_pattern ^gopher: 1440 0% 1440
    refresh_pattern . 0 20% 4320

    # tag: quick_abort_min (kb)
    # tag: quick_abort_max (kb)
    # tag: quick_abort_pct (percent)
    # the cache by default continues downloading aborted requests
    # which are almost completed (less than 16 kb remaining). this
    # may be undesirable on slow (e.g. slip) links and/or very busy
    # caches. impatient users may tie up file descriptors and
    # bandwidth by repeatedly requesting and immediately aborting
    # downloads.
    #
    # when the user aborts a request, squid will check the
    # quick_abort values to the amount of data transfered until
    # then.
    #
    # if the transfer has less than &acute;quick_abort_min&acute; kb remaining,
    # it will finish the retrieval.
    #
    # if the transfer has more than &acute;quick_abort_max&acute; kb remaining,
    # it will abort the retrieval.
    #
    # if more than &acute;quick_abort_pct&acute; of the transfer has completed,
    # it will finish the retrieval.
    #
    # if you do not want any retrieval to continue after the client
    # has aborted, set both &acute;quick_abort_min&acute; and &acute;quick_abort_max&acute;
    # to &acute;0 kb&acute;.
    #
    # if you want retrievals to always continue if they are being
    # cached then set &acute;quick_abort_min&acute; to &acute;-1 kb&acute;.
    #
    #default:
    # quick_abort_min 16 kb
    # quick_abort_max 16 kb
    # quick_abort_pct 95

    # tag: negative_ttl time-units
    # time-to-live (ttl) for failed requests. certain types of
    # failures (such as "connection refused" and "404 not found&quot<img src="images/forum/icons/icon_wink.gif"> are
    # negatively-cached for a configurable amount of time. the
    # default is 5 minutes. note that this is different from
    # negative caching of dns lookups.
    #
    #default:
    # negative_ttl 5 minutes

    # tag: positive_dns_ttl time-units
    # time-to-live (ttl) for positive caching of successful dns lookups.
    # default is 6 hours (360 minutes). if you want to minimize the
    # use of squid&acute;s ipcache, set this to 1, not 0.
    #
    #default:
    # positive_dns_ttl 6 hours

    # tag: negative_dns_ttl time-units
    # time-to-live (ttl) for negative caching of failed dns lookups.
    #
    #default:
    # negative_dns_ttl 5 minutes

    # tag: range_offset_limit (bytes)
    # sets a upper limit on how far into the the file a range request
    # may be to cause squid to prefetch the whole file. if beyond this
    # limit then squid forwards the range request as it is and the result
    # is not cached.
    #
    # this is to stop a far ahead range request (lets say start at 17mb)
    # from making squid fetch the whole object up to that point before
    # sending anything to the client.
    #
    # a value of -1 causes squid to always fetch the object from the
    # beginning so that it may cache the result. (2.0 style)
    #
    # a value of 0 causes squid to never fetch more than the
    # client requested. (default)
    #
    #default:
    # range_offset_limit 0 kb


    # timeouts
    # -----------------------------------------------------------------------------

    # tag: connect_timeout time-units
    # some systems (notably linux) can not be relied upon to properly
    # time out connect(2) requests. therefore the squid process
    # enforces its own timeout on server connections. this parameter
    # specifies how long to wait for the connect to complete. the
    # default is two minutes (120 seconds).
    #
    #default:
    # connect_timeout 2 minutes

    # tag: peer_connect_timeout time-units
    # this parameter specifies how long to wait for a pending tcp
    # connection to a peer cache. the default is 30 seconds. you
    # may also set different timeout values for individual neighbors
    # with the &acute;connect-timeout&acute; option on a &acute;cache_peer&acute; line.
    #
    #default:
    # peer_connect_timeout 30 seconds

    # tag: read_timeout time-units
    # the read_timeout is applied on server-side connections. after
    # each successful read(), the timeout will be extended by this
    # amount. if no data is read again after this amount of time,
    # the request is aborted and logged with err_read_timeout. the
    # default is 15 minutes.
    #
    #default:
    # read_timeout 15 minutes

    # tag: request_timeout
    # how long to wait for an http request after initial
    # connection establishment.
    #
    #default:
    # request_timeout 5 minutes

    # tag: persistent_request_timeout
    # how long to wait for the next http request on a persistent
    # connection after the previous request completes.
    #
    #default:
    # persistent_request_timeout 1 minute

    # tag: client_lifetime time-units
    # the maximum amount of time that a client (browser) is allowed to
    # remain connected to the cache process. this protects the cache
    # from having a lot of sockets (and hence file descriptors) tied up
    # in a close_wait state from remote clients that go away without
    # properly shutting down (either because of a network failure or
    # because of a poor client implementation). the default is one
    # day, 1440 minutes.
    #
    # note: the default value is intended to be much larger than any
    # client would ever need to be connected to your cache. you
    # should probably change client_lifetime only as a last resort.
    # if you seem to have many client connections tying up
    # filedescriptors, we recommend first tuning the read_timeout,
    # request_timeout, persistent_request_timeout and quick_abort values.
    #
    #default:
    # client_lifetime 1 day

    # tag: half_closed_clients
    # some clients may shutdown the sending side of their tcp
    # connections, while leaving their receiving sides open. sometimes,
    # squid can not tell the difference between a half-closed and a
    # fully-closed tcp connection. by default, half-closed client
    # connections are kept open until a read(2) or write(2) on the
    # socket returns an error. change this option to &acute;off&acute; and squid
    # will immediately close client connections when read(2) returns
    # "no more data to read."
    #
    #default:
    # half_closed_clients on

    # tag: pconn_timeout
    # timeout for idle persistent connections to servers and other
    # proxies.
    #
    #default:
    # pconn_timeout 120 seconds

    # tag: ident_timeout
    # maximum time to wait for ident lookups to complete.
    #
    # if this is too high, and you enabled ident lookups from untrusted
    # users, then you might be susceptible to denial-of-service by having
    # many ident requests going at once.
    #
    #default:
    # ident_timeout 10 seconds

    # tag: shutdown_lifetime time-units
    # when sigterm or sighup is received, the cache is put into
    # "shutdown pending" mode until all active sockets are closed.
    # this value is the lifetime to set for all open descriptors
    # during shutdown mode. any active clients after this many
    # seconds will receive a &acute;timeout&acute; message.
    #
    #default:
    # shutdown_lifetime 30 seconds


    # access controls
    # -----------------------------------------------------------------------------

    # tag: acl
    # defining an access list
    #
    # acl aclname acltype string1 ...
    # acl aclname acltype "file" ...
    #
    <br

  2. não intendo nada de squid...


    <IMG SRC="images/forum/icons/icon_cool.gif"> <IMG SRC="images/forum/icons/icon_cool.gif"> <IMG SRC="images/forum/icons/icon_cool.gif">

    + quero passar a entender =]

    valew
    abracos



  3. pq ele nao levanta????


    ./squid

    e ele nada me retorna??????

    nem abre nenhum pid =[

    HELP!!!

    plis help !!!


  4. #4
    Bem,

    Mesmo com o .conf do squid, ainda fica dificil de saber pq o serviço naum sobe.
    Para saber com mais detalhes, de uma olhada nos Logs do mesmo...tente rada-lo com as opções de debug, para que qualquer erro, do mais tosco ao mais sutil apareça nos logs. (naum me lembro a sintax, mas tente --help que lah fala...)
    Pelo o que você disse, o squid foi pego da pagina oficial, e é a ultima versão. Pelo que vc disse o seu redhat eh "antigo" (sei que isso eh relativo), pode estar ocorrendo algum conflito...Para testar, tente instalar o squid que vem nessa versão da sua distro.

    desculpe naum poder ajudar totalmente...qualquer coisa poste aki novamente...

    []s



  5. #5
    glasswalk3r
    esse pergunta vai para o moderador: tem como pesquisar histórico do fórum? essa pergunta já foi respondida várias vezes.

    o squid precisa conseguir resolver nomes via dns. ele vai estar isso toda a vez que for iniciado. você pode resolver isso configurando o resolv.conf com um dns externo, ou configurando um servidor dns (pode ser só de cache) na mesma máquina (seria a opção ideal).






Tópicos Similares

  1. Squid não esta atualizando
    Por _MANCHESTER_ no fórum Servidores de Rede
    Respostas: 2
    Último Post: 12-04-2003, 18:33
  2. Squid não instala
    Por PcGuy no fórum Servidores de Rede
    Respostas: 7
    Último Post: 09-04-2003, 17:10
  3. squid nao ler ALCS
    Por no fórum Servidores de Rede
    Respostas: 6
    Último Post: 07-02-2003, 19:27
  4. acl no squid não está funcionando. O que fazer ?
    Por no fórum Servidores de Rede
    Respostas: 3
    Último Post: 20-12-2002, 16:01
  5. Respostas: 3
    Último Post: 25-11-2002, 18:22

Visite: BR-Linux ·  VivaOLinux ·  Dicas-L