+ Responder ao Tópico



  1. Olá!

    Consegui um link com uma instalação (bem Windows) do SquidNT, instalou beleza... o link é http://www.bofi.camelot.de/squid.htm

    Usei as mesmas configurações que utilizo num servidor linux de um cliente meu, só que ele só dá erro de ACESSO NEGADO.

    Segue abaixo o arquivo .conf utilizado...

    Se alguém puder me ajudar à descobrir o que está dando errado eu agradeço!!!

    Valeu!!!

    Arquivo squid.conf

    # WELCOME TO SQUID 2
    # ------------------
    #
    # This is the default Squid configuration file. You may wish
    # to look at the Squid home page (http://www.squid-cache.org/)
    # for the FAQ and other documentation.
    #
    # The default Squid config file shows what the defaults for
    # various options happen to be. If you don't need to change the
    # default, you shouldn't uncomment the line. Doing so may cause
    # run-time problems. In some cases "none" refers to no default
    # setting at all, while in other cases it refers to a valid
    # option - the comments for that keyword indicate if this is the
    # case.
    #
    # NETWORK OPTIONS
    # -----------------------------------------------------------------------------
    # TAG: http_port
    # Usage: port
    # hostnameort
    # 1.2.3.4ort
    #
    # The socket addresses where Squid will listen for HTTP client
    # requests. You may specify multiple socket addresses.
    # There are three forms: port alone, hostname with port, and
    # IP address with port. If you specify a hostname or IP
    # address, then Squid binds the socket to that specific
    # address. This replaces the old 'tcp_incoming_address'
    # option. Most likely, you do not need to bind to a specific
    # address, so you can use the port number alone.
    #
    # The default port number is 3128.
    #
    # If you are running Squid in accelerator mode, then you
    # probably want to listen on port 80 also, or instead.
    #
    # The -a command line option will override the *first* port
    # number listed here. That option will NOT override an IP
    # address, however.
    #
    # You may specify multiple socket addresses on multiple lines.
    #
    # If you run Squid on a dual-homed machine with an internal
    # and an external interface then we recommend you to specify the
    # internal addressort in http_port. This way Squid will only be
    # visible on the internal address.
    #
    # Default:
    # http_port 3128
    http_port 6588

    hierarchy_stoplist cgi-bin ?
    acl QUERY urlpath_regex cgi-bin \?
    no_cache deny QUERY

    # TAG: https_port
    # Note: This option is only available if Squid is rebuilt with the
    # --enable-ssl option
    #
    # Usage: [ip:]port cert=certificate.pem [key=key.pem] [options...]
    #
    # The socket address where Squid will listen for HTTPS client
    # requests.
    #
    # This is really only useful for situations where you are running
    # squid in accelerator mode and you want to do the SSL work at the
    # accelerator level.
    #
    # You may specify multiple socket addresses on multiple lines,
    # each with their own SSL certificate and/or options.
    #
    # Options:
    #
    # cert= Path to SSL certificate (PEM format)
    #
    # key= Path to SSL private key file (PEM format)
    # if not specified, the certificate file is
    # assumed to be a combined certificate and
    # key file
    #
    # version= The version of SSL/TLS supported
    # 1 automatic (default)
    # 2 SSLv2 only
    # 3 SSLv3 only
    # 4 TLSv1 only
    #
    # cipher= Colon separated list of supported ciphers
    #
    # options= Varions SSL engine options. The most important
    # being:
    # NO_SSLv2 Disallow the use of SSLv2
    # NO_SSLv3 Disallow the use of SSLv3
    # NO_TLSv1 Disallow the use of TLSv1
    # See src/ssl_support.c or OpenSSL documentation
    # for a more complete list.
    #
    # Default:
    # none
    # TAG: ssl_unclean_shutdown
    # Note: This option is only available if Squid is rebuilt with the
    # --enable-ssl option
    #
    # Some browsers especially MSIE bugs out on SSL shutdown
    # messages.
    #
    # Default:
    # ssl_unclean_shutdown off
    # TAG: icp_port
    # The port number where Squid sends and receives ICP queries to
    # and from neighbor caches. Default is 3130. To disable use
    # "0". May be overridden with -u on the command line.
    #
    # Default:
    # icp_port 3130
    # TAG: htcp_port
    # The port number where Squid sends and receives HTCP queries to
    # and from neighbor caches. Default is 4827. To disable use
    # "0".
    #
    # Default:
    # htcp_port 4827
    # TAG: mcast_groups
    # This tag specifies a list of multicast groups which your server
    # should join to receive multicasted ICP queries.
    #
    # NOTE! Be very careful what you put here! Be sure you
    # understand the difference between an ICP _query_ and an ICP
    # _reply_. This option is to be set only if you want to RECEIVE
    # multicast queries. Do NOT set this option to SEND multicast
    # ICP.Use cache_peer for that. ICP replies are always sent via
    # unicast, so this option does not affect whether or not you will
    # receive replies from multicast group members.
    #
    # You must be very careful to NOT use a multicast address which
    # is already in use by another group of caches.
    #
    # If you are unsure about multicast, please read the Multicast
    # chapter in the Squid FAQ (http://www.squid-cache.org/FAQ/).
    #
    # Usage: mcast_groups 239.128.16.128 224.0.1.20
    # By default, Squid doesn't listen on any multicast groups.
    #
    # Default:
    # none
    # TAG: udp_incoming_address
    # TAG: udp_outgoing_address
    # udp_incoming_address is used for the ICP socket receiving packets
    # from other caches.
    # udp_outgoing_address is used for ICP packets sent out to other
    # caches.
    #
    # The default behavior is to not bind to any specific address.
    #
    # A udp_incoming_address value of 0.0.0.0 indicates that Squid should
    # listen for UDP messages on all available interfaces.
    #
    # If udp_outgoing_address is set to 255.255.255.255 (the default)
    # then it will use the same socket as udp_incoming_address. Only
    # change this if you want to have ICP queries sent using another
    # address than where this Squid listens for ICP queries from other
    # caches.
    #
    # NOTE, udp_incoming_address and udp_outgoing_address can not
    # have the same value since they both use port 3130.
    #
    # Default:
    # udp_incoming_address 0.0.0.0
    # udp_outgoing_address 255.255.255.255
    # OPTIONS WHICH AFFECT THE NEIGHBOR SELECTION ALGORITHM
    # -----------------------------------------------------------------------------
    # TAG: cache_peer
    # To specify other caches in a hierarchy, use the format:
    #
    # cache_peer hostname type http_port icp_port
    #
    # For example,
    #
    # # proxy icp
    # # hostname type port port options
    # # -------------------- -------- ----- ----- -----------
    # cache_peer parent.foo.net parent 3128 3130 [proxy-only]
    # cache_peer sib1.foo.net sibling 3128 3130 [proxy-only]
    # cache_peer sib2.foo.net sibling 3128 3130 [proxy-only]
    #
    # type: either 'parent', 'sibling', or 'multicast'.
    #
    # proxy_port: The port number where the cache listens for proxy
    # requests.
    #
    # icp_port: Used for querying neighbor caches about
    # objects. To have a non-ICP neighbor
    # specify '7' for the ICP port and make sure the
    # neighbor machine has the UDP echo port
    # enabled in its /etc/inetd.conf file.
    #
    # options: proxy-only
    # weight=n
    # ttl=n
    # no-query
    # default
    # round-robin
    # multicast-responder
    # closest-only
    # no-digest
    # no-netdb-exchange
    # no-delay
    # login=userassword // PASS // *assword
    # connect-timeout=nn
    # digest-url=url
    # allow-miss
    # max-conn
    #
    # use 'proxy-only' to specify that objects fetched
    # from this cache should not be saved locally.
    #
    # use 'weight=n' to specify a weighted parent.
    # The weight must be an integer. The default weight
    # is 1, larger weights are favored more.
    #
    # use 'ttl=n' to specify a IP multicast TTL to use
    # when sending an ICP queries to this address.
    # Only useful when sending to a multicast group.
    # Because we don't accept ICP replies from random
    # hosts, you must configure other group members as
    # peers with the 'multicast-responder' option below.
    #
    # use 'no-query' to NOT send ICP queries to this
    # neighbor.
    #
    # use 'default' if this is a parent cache which can
    # be used as a "last-resort." You should probably
    # only use 'default' in situations where you cannot
    # use ICP with your parent cache(s).
    #
    # use 'round-robin' to define a set of parents which
    # should be used in a round-robin fashion in the
    # absence of any ICP queries.
    #
    # 'multicast-responder' indicates that the named peer
    # is a member of a multicast group. ICP queries will
    # not be sent directly to the peer, but ICP replies
    # will be accepted from it.
    #
    # 'closest-only' indicates that, for ICP_OP_MISS
    # replies, we'll only forward CLOSEST_PARENT_MISSes
    # and never FIRST_PARENT_MISSes.
    #
    # use 'no-digest' to NOT request cache digests from
    # this neighbor.
    #
    # 'no-netdb-exchange' disables requesting ICMP
    # RTT database NetDB from the neighbor.
    #
    # use 'no-delay' to prevent access to this neighbor
    # from influencing the delay pools.
    #
    # use 'login=userassword' if this is a personal/workgroup
    # proxy and your parent requires proxy authentication.
    # Note: The string can include URL escapes i.e. Percent20 for
    # spaces. This also means that Percent must be written as PercentPercent.
    #
    # use 'login=PASS' if users must authenticate against
    # the upstream proxy. This will pass the users credentials
    # as they are to the peer proxy. This only works for the
    # Basic HTTP authentication sheme. Note: To combine this
    # with proxy_auth both proxies must share the same user
    # database as HTTP only allows for one proxy login.
    # Also be warned that this will expose your users proxy
    # password to the peer. USE WITH CAUTION
    #
    # use 'login=*assword' to pass the username to the
    # upstream cache, but with a fixed password. This is meant
    # to be used when the peer is in another administrative
    # domain, but it is still needed to identify each user.
    # The star can optionally be followed by some extra
    # information which is added to the username. This can
    # be used to identify this proxy to the peer, similar to
    # the login=usernameassword option above.
    #
    # use 'connect-timeout=nn' to specify a peer
    # specific connect timeout also see the
    # peer_connect_timeout directive
    #
    # use 'digest-url=url' to tell Squid to fetch the cache
    # digest if digests are enabled for this host from
    # the specified URL rather than the Squid default
    # location.
    #
    # use 'allow-miss' to disable Squid's use of only-if-cached
    # when forwarding requests to siblings. This is primarily
    # useful when icp_hit_stale is used by the sibling. To
    # extensive use of this option may result in forwarding
    # loops, and you should avoid having two-way peerings
    # with this option. (for example to deny peer usage on
    # requests from peer by denying cache_peer_access if the
    # source is a peer)
    #
    # use 'max-conn' to limit the amount of connections Squid
    # may open to this peer.
    #
    # NOTE: non-ICP neighbors must be specified as 'parent'.
    #
    # Default:
    # none
    # TAG: cache_peer_domain
    # Use to limit the domains for which a neighbor cache will be
    # queried. Usage:
    #
    # cache_peer_domain cache-host domain [domain ...]
    # cache_peer_domain cache-host !domain
    #
    # For example, specifying
    #
    # cache_peer_domain parent.foo.net .edu
    #
    # has the effect such that UDP query packets are sent to
    # 'bigserver' only when the requested object exists on a
    # server in the .edu domain. Prefixing the domainname
    # with '!' means that the cache will be queried for objects
    # NOT in that domain.
    #
    # NOTE: * Any number of domains may be given for a cache-host,
    # either on the same or separate lines.
    # * When multiple domains are given for a particular
    # cache-host, the first matched domain is applied.
    # * Cache hosts with no domain restrictions are queried
    # for all requests.
    # * There are no defaults.
    # * There is also a 'cache_peer_access' tag in the ACL
    # section.
    #
    # Default:
    # none
    # TAG: neighbor_type_domain
    # usage: neighbor_type_domain parent//sibling domain domain ...
    #
    # Modifying the neighbor type for specific domains is now
    # possible. You can treat some domains differently than the the
    # default neighbor type specified on the 'cache_peer' line.
    # Normally it should only be necessary to list domains which
    # should be treated differently because the default neighbor type
    # applies for hostnames which do not match domains listed here.
    #
    # EXAMPLE:
    # cache_peer parent cache.foo.org 3128 3130
    # neighbor_type_domain cache.foo.org sibling .com .net
    # neighbor_type_domain cache.foo.org sibling .au .de
    #
    # Default:
    # none
    # TAG: icp_query_timeout msec
    # Normally Squid will automatically determine an optimal ICP
    # query timeout value based on the round-trip-time of recent ICP
    # queries. If you want to override the value determined by
    # Squid, set this 'icp_query_timeout' to a non-zero value. This
    # value is specified in MILLISECONDS, so, to use a 2-second
    # timeout the old default, you would write:
    #
    # icp_query_timeout 2000
    #
    # Default:
    # icp_query_timeout 0
    # TAG: maximum_icp_query_timeout (msec)
    # Normally the ICP query timeout is determined dynamically. But
    # sometimes it can lead to very large values (say 5 seconds).
    # Use this option to put an upper limit on the dynamic timeout
    # value. Do NOT use this option to always use a fixed instead
    # of a dynamic timeout value. To set a fixed timeout see the
    # 'icp_query_timeout' directive.
    #
    # Default:
    # maximum_icp_query_timeout 2000
    # TAG: mcast_icp_query_timeout msec
    # For Multicast peers, Squid regularly sends out ICP "probes" to
    # count how many other peers are listening on the given multicast
    # address. This value specifies how long Squid should wait to
    # count all the replies. The default is 2000 msec, or 2
    # seconds.
    #
    # Default:
    # mcast_icp_query_timeout 2000
    # TAG: dead_peer_timeout seconds
    # This controls how long Squid waits to declare a peer cache
    # as "dead." If there are no ICP replies received in this
    # amount of time, Squid will declare the peer dead and not
    # expect to receive any further ICP replies. However, it
    # continues to send ICP queries, and will mark the peer as
    # alive upon receipt of the first subsequent ICP reply.
    #
    # This timeout also affects when Squid expects to receive ICP
    # replies from peers. If more than 'dead_peer' seconds have
    # passed since the last ICP reply was received, Squid will not
    # expect to receive an ICP reply on the next query. Thus, if
    # your time between requests is greater than this timeout, you
    # will see a lot of requests sent DIRECT to origin servers
    # instead of to your parents.
    #
    # Default:
    # dead_peer_timeout 10 seconds
    # TAG: hierarchy_stoplist
    # A list of words which, if found in a URL, cause the object to
    # be handled directly by this cache. In other words, use this
    # to not query neighbor caches for certain objects. You may
    # list this option multiple times.
    # We recommend you to use at least the following line.
    hierarchy_stoplist cgi-bin ?
    # TAG: no_cache
    # A list of ACL elements which, if matched, cause the request to
    # not be satisfied from the cache and the reply to not be cached.
    # In other words, use this to force certain objects to never be cached.
    #
    # You must use the word 'DENY' to indicate the ACL names which should
    # NOT be cached.
    #
    # We recommend you to use the following two lines.
    acl QUERY urlpath_regex cgi-bin \?
    no_cache deny QUERY
    # OPTIONS WHICH AFFECT THE CACHE SIZE
    # -----------------------------------------------------------------------------
    # TAG: cache_mem (bytes)
    # NOTE: THIS PARAMETER DOES NOT SPECIFY THE MAXIMUM PROCESS SIZE.
    # IT ONLY PLACES A LIMIT ON HOW MUCH ADDITIONAL MEMORY SQUID WILL
    # USE AS A MEMORY CACHE OF OBJECTS. SQUID USES MEMORY FOR OTHER
    # THINGS AS WELL. SEE THE SQUID FAQ SECTION 8 FOR DETAILS.
    #
    # 'cache_mem' specifies the ideal amount of memory to be used
    # for:
    # * In-Transit objects
    # * Hot Objects
    # * Negative-Cached objects
    #
    # Data for these objects are stored in 4 KB blocks. This
    # parameter specifies the ideal upper limit on the total size of
    # 4 KB blocks allocated. In-Transit objects take the highest
    # priority.
    #
    # In-transit objects have priority over the others. When
    # additional space is needed for incoming data, negative-cached
    # and hot objects will be released. In other words, the
    # negative-cached and hot objects will fill up any unused space
    # not needed for in-transit objects.
    #
    # If circumstances require, this limit will be exceeded.
    # Specifically, if your incoming request rate requires more than
    # 'cache_mem' of memory to hold in-transit objects, Squid will
    # exceed this limit to satisfy the new requests. When the load
    # decreases, blocks will be freed until the high-water mark is
    # reached. Thereafter, blocks will be used to store hot
    # objects.
    #
    # Default:
    cache_mem 16 MB
    # TAG: cache_swap_low (percent, 0-100)
    # TAG: cache_swap_high (percent, 0-100)
    #
    # The low- and high-water marks for cache object replacement.
    # Replacement begins when the swap disk usage is above the
    # low-water mark and attempts to maintain utilization near the
    # low-water mark. As swap utilization gets close to high-water
    # mark object eviction becomes more aggressive. If utilization is
    # close to the low-water mark less replacement is done each time.
    #
    # Defaults are 90 Percent and 95 Percent. If you have a large cache, 5 Percent could be
    # hundreds of MB. If this is the case you may wish to set these
    # numbers closer together.
    #
    # Default:
    cache_swap_low 90
    cache_swap_high 95
    # TAG: maximum_object_size (bytes)
    # Objects larger than this size will NOT be saved on disk. The
    # value is specified in kilobytes, and the default is 4MB. If
    # you wish to get a high BYTES hit ratio, you should probably
    # increase this one 32 MB object hit counts for 3200 10KB
    # hits. If you wish to increase speed more than your want to
    # save bandwidth you should leave this low.
    #
    # NOTE: if using the LFUDA replacement policy you should increase
    # this value to maximize the byte hit rate improvement of LFUDA!
    # See replacement_policy below for a discussion of this policy.
    #
    # Default:
    # maximum_object_size 4096 KB
    # TAG: minimum_object_size (bytes)
    # Objects smaller than this size will NOT be saved on disk. The
    # value is specified in kilobytes, and the default is 0 KB, which
    # means there is no minimum.
    #
    # Default:
    minimum_object_size 0 KB
    # TAG: maximum_object_size_in_memory (bytes)
    # Objects greater than this size will not be attempted to kept in
    # the memory cache. This should be set high enough to keep objects
    # accessed frequently in memory to improve performance whilst low
    # enough to keep larger objects from hoarding cache_mem .
    #
    # Default:
    maximum_object_size 16 MB
    # TAG: ipcache_size (number of entries)
    # TAG: ipcache_low (percent)
    # TAG: ipcache_high (percent)
    # The size, low-, and high-water marks for the IP cache.
    #
    # Default:
    # ipcache_size 1024
    # ipcache_low 90
    # ipcache_high 95
    # TAG: fqdncache_size (number of entries)
    # Maximum number of FQDN cache entries.
    #
    # Default:
    # fqdncache_size 1024
    # TAG: cache_replacement_policy
    # The cache replacement policy parameter determines which
    # objects are evicted replaced when disk space is needed.
    #
    # lru : Squid's original list based LRU policy
    # heap GDSF : Greedy-Dual Size Frequency
    # heap LFUDA: Least Frequently Used with Dynamic Aging
    # heap LRU : LRU policy implemented using a heap
    #
    # Applies to any cache_dir lines listed below this.
    #
    # The LRU policies keeps recently referenced objects.
    #
    # The heap GDSF policy optimizes object hit rate by keeping smaller
    # popular objects in cache so it has a better chance of getting a
    # hit. It achieves a lower byte hit rate than LFUDA though since
    # it evicts larger possibly popular objects.
    #
    # The heap LFUDA policy keeps popular objects in cache regardless of
    # their size and thus optimizes byte hit rate at the expense of
    # hit rate since one large, popular object will prevent many
    # smaller, slightly less popular objects from being cached.
    #
    # Both policies utilize a dynamic aging mechanism that prevents
    # cache pollution that can otherwise occur with frequency-based
    # replacement policies.
    #
    # NOTE: if using the LFUDA replacement policy you should increase
    # the value of maximum_object_size above its default of 4096 KB to
    # to maximize the potential byte hit rate improvement of LFUDA.
    #
    # For more information about the GDSF and LFUDA cache replacement
    # policies see http://www.hpl.hp.com/techreports/1999/HPL-1999-69.html
    # and http://fog.hpl.external.hp.com/techr...PL-98-173.html.
    #
    # Default:
    # cache_replacement_policy lru
    # TAG: memory_replacement_policy
    # The memory replacement policy parameter determines which
    # objects are purged from memory when memory space is needed.
    #
    # See cache_replacement_policy for details.
    #
    # Default:
    # memory_replacement_policy lru
    # LOGFILE PATHNAMES AND CACHE DIRECTORIES
    # -----------------------------------------------------------------------------
    # TAG: cache_dir
    # Usage:
    #
    # cache_dir Type Directory-Name Fs-specific-data [options]
    #
    # cache_dir diskd Maxobjsize Directory-Name MB L1 L2 Q1 Q2
    #
    # You can specify multiple cache_dir lines to spread the
    # cache among different disk partitions.
    #
    # Type specifies the kind of storage system to use. Only "ufs"
    # is built by default. To eanble any of the other storage systems
    # see the --enable-storeio configure option.
    #
    # 'Directory' is a top-level directory where cache swap
    # files will be stored. If you want to use an entire disk
    # for caching, then this can be the mount-point directory.
    # The directory must exist and be writable by the Squid
    # process. Squid will NOT create this directory for you.
    #
    # The ufs store type:
    #
    # "ufs" is the old well-known Squid storage format that has always
    # been there.
    #
    # cache_dir ufs Directory-Name Mbytes L1 L2 [options]
    #
    # 'Mbytes' is the amount of disk space MB to use under this
    # directory. The default is 100 MB. Change this to suit your
    # configuration. Do NOT put the size of your disk drive here.
    # Instead, if you want Squid to use the entire disk drive,
    # subtract 20 Percent and use that value.
    #
    # 'Level-1' is the number of first-level subdirectories which
    # will be created under the 'Directory'. The default is 16.
    #
    # 'Level-2' is the number of second-level subdirectories which
    # will be created under each first-level directory. The default
    # is 256.
    #
    # The aufs store type:
    #
    # "aufs" uses the same storage format as "ufs", utilizing
    # POSIX-threads to avoid blocking the main Squid process on
    # disk-I/O. This was formerly known in Squid as async-io.
    #
    # cache_dir aufs Directory-Name Mbytes L1 L2 [options]
    #
    # see argument descriptions under ufs above
    #
    # The awin32 store type:
    #
    # "awin32" uses the same storage format as "ufs", utilizing
    # WIN32-threads to avoid blocking the main Squid process on
    # disk-I/O. This was formerly known in Squid as async-io.
    #
    # cache_dir awin32 Directory-Name Mbytes L1 L2 [options]
    #
    # see argument descriptions under ufs above
    #
    # The diskd store type:
    #
    # "diskd" uses the same storage format as "ufs", utilizing a
    # separate process to avoid blocking the main Squid process on
    # disk-I/O.
    #
    # cache_dir diskd Directory-Name Mbytes L1 L2 [options] [Q1=n] [Q2=n]
    #
    # see argument descriptions under ufs above
    #
    # Q1 specifies the number of unacknowledged I/O requests when Squid
    # stops opening new files. If this many messages are in the queues,
    # Squid won't open new files. Default is 64
    #
    # Q2 specifies the number of unacknowledged messages when Squid
    # starts blocking. If this many messages are in the queues,
    # Squid blocks until it recevies some replies. Default is 72
    #
    # Common options:
    #
    # read-only, this cache_dir is read only.
    #
    # max-size=n, refers to the max object size this storedir supports.
    # It is used to initially choose the storedir to dump the object.
    # Note: To make optimal use of the max-size limits you should order
    # the cache_dir lines with the smallest max-size value first and the
    # ones with no max-size specification last.
    #
    # Default:
    # cache_dir ufs c:/squid/var/cache 100 16 256
    cache_dir ufs C:\Squid/cache 100 16 256
    # TAG: cache_access_log
    # Logs the client request activity. Contains an entry for
    # every HTTP and ICP queries received. To disable, enter "none".
    #
    # Default:
    # cache_access_log c:/squid/var/logs/access.log
    cache_access_log C:\Squid/log/access.log
    # TAG: cache_log
    # Cache logging file. This is where general information about
    # your cache's behavior goes. You can increase the amount of data
    # logged to this file with the "debug_options" tag below.
    #
    # Default:
    # cache_log c:/squid/var/logs/cache.log
    cache_log C:\Squid/log/cache.log
    # TAG: cache_store_log
    # Logs the activities of the storage manager. Shows which
    # objects are ejected from the cache, and which objects are
    # saved and for how long. To disable, enter "none". There are
    # not really utilities to analyze this data, so you can safely
    # disable it.
    #
    # Default:
    # cache_store_log c:/squid/var/logs/store.log
    cache_store_log C:\Squid/log/store.log
    # TAG: cache_swap_log
    # Location for the cache "swap.log." This log file holds the
    # metadata of objects saved on disk. It is used to rebuild the
    # cache during startup. Normally this file resides in each
    # 'cache_dir' directory, but you may specify an alternate
    # pathname here. Note you must give a full filename, not just
    # a directory. Since this is the index for the whole object
    # list you CANNOT periodically rotate it!
    #
    # If Percent s can be used in the file name then it will be replaced with a
    # a representation of the cache_dir name where each / is replaced
    # with '.'. This is needed to allow adding/removing cache_dir
    # lines when cache_swap_log is being used.
    #
    # If have more than one 'cache_dir', and Percents is not used in the name
    # then these swap logs will have names such as:
    #
    # cache_swap_log.00
    # cache_swap_log.01
    # cache_swap_log.02
    # The numbered extension (which is added automatically)
    # corresponds to the order of the 'cache_dir' lines in this
    # configuration file. If you change the order of the 'cache_dir'
    # lines in this file, then these log files will NOT correspond to
    # the correct 'cache_dir' entry (unless you manually rename
    # them). We recommend that you do NOT use this option. It is
    # better to keep these log files in each 'cache_dir' directory.
    #
    # Default:
    # none
    # TAG: emulate_httpd_log on//off
    # The Cache can emulate the log file format which many 'httpd'
    # programs use. To disable/enable this emulation, set
    # emulate_httpd_log to 'off' or 'on'. The default
    # is to use the native log format since it includes useful
    # information that Squid-specific log analyzers use.
    #
    # Default:
    # emulate_httpd_log off
    # TAG: log_ip_on_direct on//off
    # Log the destination IP address in the hierarchy log tag when going
    # direct. Earlier Squid versions logged the hostname here. If you
    # prefer the old way set this to off.
    #
    # Default:
    # log_ip_on_direct on
    # TAG: mime_table
    # Pathname to Squid's MIME table. You shouldn't need to change
    # this, but the default file contains examples and formatting
    # information if you do.
    #
    # Default:
    mime_table C:\Squid/etc/mime.conf
    # TAG: log_mime_hdrs on//off
    # The Cache can record both the request and the response MIME
    # headers for each HTTP transaction. The headers are encoded
    # safely and will appear as two bracketed fields at the end of
    # the access log (for either the native or httpd-emulated log
    # formats). To enable this logging set log_mime_hdrs to 'on'.
    #
    # Default:
    # log_mime_hdrs off
    # TAG: useragent_log
    # Squid will write the User-Agent field from HTTP requests
    # to the filename specified here. By default useragent_log
    # is disabled.
    #
    # Default:
    # none
    # TAG: referer_log
    # Note: This option is only available if Squid is rebuilt with the
    # --enable-referer-log option
    #
    # Squid will write the Referer field from HTTP requests to the
    # filename specified here. By default referer_log is disabled.
    #
    # Default:
    # none
    # TAG: pid_filename
    # A filename to write the process-id to. To disable, enter "none".
    #
    # Default:
    # pid_filename c:/squid/var/logs/squid.pid
    pid_filename C:\Squid/log/squid.pid
    # TAG: debug_options
    # Logging options are set as section,level where each source file
    # is assigned a unique section. Lower levels result in less
    # output, Full debugging (level 9) can result in a very large
    # log file, so be careful. The magic word "ALL" sets debugging
    # levels for all sections. We recommend normally running with
    # "ALL,1".
    #
    # Default:
    # debug_options ALL,1
    # TAG: log_fqdn on//off
    # Turn this on if you wish to log fully qualified domain names
    # in the access.log. To do this Squid does a DNS lookup of all
    # IP's connecting to it. This can (in some situations) increase
    # latency, which makes your cache seem slower for interactive
    # browsing.
    #
    # Default:
    # log_fqdn off
    # TAG: client_netmask
    # A netmask for client addresses in logfiles and cachemgr output.
    # Change this to protect the privacy of your cache clients.
    # A netmask of 255.255.255.0 will log all IP's in that range with
    # the last digit set to '0'.
    #
    # Default:
    # client_netmask 255.255.255.255
    # OPTIONS FOR EXTERNAL SUPPORT PROGRAMS
    # -----------------------------------------------------------------------------
    # TAG: ftp_user
    # If you want the anonymous login password to be more informative
    # (and enable the use of picky ftp servers), set this to something
    # reasonable for your domain, like wwwuser@somewhere.net
    #
    # The reason why this is domainless by default is that the
    # request can be made on the behalf of a user in any domain,
    # depending on how the cache is used.
    # Some ftp server also validate that the email address is valid
    # (for example perl.com).
    #
    # Default:
    # ftp_user Squid@
    ftp_user user@SquidNT
    # TAG: ftp_list_width
    # Sets the width of ftp listings. This should be set to fit in
    # the width of a standard browser. Setting this too small
    # can cut off long filenames when browsing ftp sites.
    #
    # Default:
    # ftp_list_width 32
    # TAG: ftp_passive
    # If your firewall does not allow Squid to use passive
    # connections, then turn off this option.
    #
    # Default:
    # ftp_passive on
    # TAG: ftp_sanitycheck
    # For security and data integrity reasons Squid by default performs
    # sanity checks of the addresses of FTP data connections ensure the
    # data connection is to the requested server. If you need to allow
    # FTP connections to servers using another IP address for the data
    # connection then turn this off.
    #
    # Default:
    # ftp_sanitycheck on
    # TAG: cache_dns_program
    # Note: This option is only available if Squid is rebuilt with the
    # --disable-internal-dns option
    #
    # Specify the location of the executable for dnslookup process.
    #
    # Default:
    # cache_dns_program C:\Squid/libexec/dnsserver.exe
    # TAG: dns_children
    # Note: This option is only available if Squid is rebuilt with the
    # --disable-internal-dns option
    #
    # The number of processes spawn to service DNS name lookups.
    # For heavily loaded caches on large servers, you should
    # probably increase this value to at least 10. The maximum
    # is 32. The default is 5.
    #
    # You must have at least one dnsserver process.
    #
    # Default:
    # dns_children 5
    # TAG: dns_retransmit_interval
    # Initial retransmit interval for DNS queries. The interval is
    # doubled each time all configured DNS servers have been tried.
    #
    #
    # Default:
    # dns_retransmit_interval 5 seconds
    # TAG: dns_timeout
    # DNS Query timeout. If no response is received to a DNS query
    # within this time then all DNS servers for the queried domain
    # is assumed to be unavailable.
    #
    # Default:
    # dns_timeout 5 minutes
    # TAG: dns_defnames on//off
    # Note: This option is only available if Squid is rebuilt with the
    # --disable-internal-dns option
    #
    # Normally the 'dnsserver' disables the RES_DEFNAMES resolver
    # option (see res_init(3)). This prevents caches in a hierarchy
    # from interpreting single-component hostnames locally. To allow
    # dnsserver to handle single-component names, enable this
    # option.
    #
    # Default:
    # dns_defnames off
    # TAG: dns_nameservers
    # Use this if you want to specify a list of DNS name servers
    # (IP addresses) to use instead of those given in your
    # /etc/resolv.conf file.
    # On Windows platforms, if no value is specified here or in
    # the /etc/resolv.conf file, the list of DNS name servers are
    # taken from the Windows registry, both static and dynamic DHCP
    # configurations are supported.
    #
    # Example: dns_nameservers 10.0.0.1 192.172.0.4
    #
    # Default:
    # none
    # TAG: hosts_file
    # Location of the host-local IP name-address associations
    # database. Most Operating Systems have such a file: under
    # Un*X it's by default in /etc/hosts MS-Windows NT/2000 places
    # that in PercentSystemRootPercent(by default
    # c:\winnt)\system32\drivers\etc\hosts, while Windows 9x/ME
    # places that in PercentwindirPercent(usually c:\windows)\hosts
    #
    # The file contains newline-separated definitions, in the
    # form ip_address_in_dotted_form name [name ...] names are
    # whitespace-separated. lines beginnng with an hash ( # )
    # character are comments.
    #
    # The file is checked at startup and upon configuration. If
    # set to 'none', it won't be checked. If append_domain is
    # used, that domain will be added to domain-local (i.e. not
    # containing any dot character) host definitions.
    #
    # Default:
    # none
    # TAG: diskd_program
    # Specify the location of the diskd executable.
    # Note that this is only useful if you have compiled in
    # diskd as one of the store io modules.
    #
    # Default:
    # diskd_program c:/squid/libexec/diskd.exe
    diskd_program C:\Squid/libexec/diskd.exe
    # TAG: unlinkd_program
    # Specify the location of the executable for file deletion process.
    #
    # Default:
    # unlinkd_program c:/squid/libexec/unlinkd.exe
    unlinkd_program C:\Squid/libexec/unlinkd.exe
    # TAG: pinger_program
    # Specify the location of the executable for the pinger process.
    # To disable, enter "none".
    #
    # Default:
    # pinger_program c:/squid/libexec/pinger.exe
    pinger_program C:\Squid/libexec/pinger.exe
    # TAG: redirect_program
    # Specify the location of the executable for the URL redirector.
    # Since they can perform almost any function there isn't one included.
    # See the FAQ (section 15) for information on how to write one.
    # By default, a redirector is not used.
    #
    # Default:
    # none
    # TAG: redirect_children
    # The number of redirector processes to spawn. If you start
    # too few Squid will have to wait for them to process a backlog of
    # URLs, slowing it down. If you start too many they will use RAM
    # and other system resources.
    #
    # Default:
    # redirect_children 5
    # TAG: redirect_rewrites_host_header
    # By default Squid rewrites any Host: header in redirected
    # requests. If you are running an accelerator then this may
    # not be a wanted effect of a redirector.
    #
    # Default:
    # redirect_rewrites_host_header on
    # TAG: redirector_access
    # If defined, this access list specifies which requests are
    # sent to the redirector processes. By default all requests
    # are sent.
    #
    # Default:
    # none
    # TAG: auth_param
    # This is used to pass parameters to the various authentication
    # schemes.
    # format: auth_param scheme parameter [setting]
    #
    # auth_param basic program c:/squid/bin/ncsa_auth c:/squid/etc/passwd
    # would tell the basic authentication scheme it's program parameter.
    #
    # The order that authentication prompts are presented to the client_agent
    # is dependant on the order the scheme first appears in config file.
    # IE has a bug (it's not rfc 2617 compliant) in that it will use the basic
    # scheme if basic is the first entry presented, even if more secure schemes
    # are presented. For now use the order in the file below. If other browsers
    # have difficulties (don't recognise the schemes offered even if you are using
    # basic) then either put basic first, or disable the other schemes (by commenting
    # out their program entry).
    #
    # Once an authentication scheme is fully configured, it can only be shutdown
    # by shutting squid down and restarting. Changes can be made on the fly and
    # activated with a reconfigure. I.E. You can change to a different helper,
    # but not unconfigure the helper completely.
    #
    # === Parameters for the basic scheme follow. ===
    #
    # "program" cmdline
    # Specify the command for the external authenticator. Such a
    # program reads a line containing "username password" and replies
    # "OK" or "ERR" in an endless loop. If you use an authenticator,
    # make sure you have 1 acl of type proxy_auth. By default, the
    # authenticate_program is not used.
    #
    # If you want to use the traditional proxy authentication,
    # jump over to the ../auth_modules/NCSA directory and
    # type:
    # Percent make
    # Percent make install
    #
    # Then, set this line to something like
    # auth_param basic program c:/squid/bin/ncsa_auth c:/squid/etc/passwd
    #
    # "children" numberofchildren
    # The number of authenticator processes to spawn (no default).
    # If you start too few Squid will have to wait for them to
    # process a backlog of usercode/password verifications, slowing
    # it down. When password verifications are done via a (slow)
    # network you are likely to need lots of authenticator
    # processes.
    # auth_param basic children 5
    #
    # "realm" realmstring
    # Specifies the realm name which is to be reported to the
    # client for the basic proxy authentication scheme (part of
    # the text the user will see when prompted their username and
    # password). There is no default.
    # auth_param basic realm Squid proxy-caching web server
    #
    # "credentialsttl" timetolive
    # Specifies how long squid assumes an externally validated
    # usernameassword pair is valid for - in other words how
    # often the helper program is called for that user. Set this
    # low to force revalidation with short lived passwords. Note
    # that setting this high does not impact your susceptability
    # to replay attacks unless you are using an one-time password
    # system (such as SecureID). If you are using such a system,
    # you will be vulnerable to replay attacks unless you also
    # enable the IP ttl is strict option.
    #
    # === Parameters for the digest scheme follow ===
    #
    # "program" cmdline
    # Specify the command for the external authenticator. Such
    # a program reads a line containing "username":"realm" and
    # replies with the appropriate H(A1) value base64 encoded.
    # See rfc 2616 for the definition of H(A1). If you use an
    # authenticator, make sure you have 1 acl of type proxy_auth.
    # By default, authentication is not used.
    #
    # If you want to use build an authenticator,
    # jump over to the ../digest_auth_modules directory and choose the
    # authenticator to use. It it's directory type
    # Percent make
    # Percent make install
    #
    # Then, set this line to something like
    #
    # auth_param digest program c:/squid/bin/digest_auth_pw c:/squid/etc/digpass
    #
    #
    # "children" numberofchildren
    # The number of authenticator processes to spawn (no default).
    # If you start too few Squid will have to wait for them to
    # process a backlog of H(A1) calculations, slowing it down.
    # When the H(A1) calculations are done via a (slow) network
    # you are likely to need lots of authenticator processes.
    # auth_param digest children 5
    #
    # "realm" realmstring
    # Specifies the realm name which is to be reported to the
    # client for the digest proxy authentication scheme (part of
    # the text the user will see when prompted their username and
    # password). There is no default.
    # auth_param digest realm Squid proxy-caching web server
    #
    # "nonce_garbage_interval" timeinterval
    # Specifies the interval that nonces that have been issued
    # to client_agent's are checked for validity.
    #
    # "nonce_max_duration" timeinterval
    # Specifies the maximum length of time a given nonce will be
    # valid for.
    #
    # "nonce_max_count" number
    # Specifies the maximum number of times a given nonce can be
    # used.
    #
    # "nonce_strictness" on//off
    # Determines if squid requires increment-by-1 behaviour for
    # nonce counts (on - the default), or strictly incrementing
    # (off - for use when useragents generate nonce counts that
    # occasionally miss 1 (ie, 1,2,4,6)).
    #
    # === NTLM scheme options follow ===
    #
    # "program" cmdline
    # Specify the command for the external ntlm authenticator.
    # Such a program reads a line containing the uuencoded NEGOTIATE
    # and replies with the ntlm CHALLENGE, then waits for the
    # response and answers with "OK" or "ERR" in an endless loop.
    # If you use an ntlm authenticator, make sure you have 1 acl
    # of type proxy_auth. By default, the ntlm authenticator_program
    # is not used.
    #
    # auth_param ntlm program c:/squid/bin/ntlm_auth
    #
    # "children" numberofchildren
    # The number of authenticator processes to spawn (no default).
    # If you start too few Squid will have to wait for them to
    # process a backlog of credential verifications, slowing it
    # down. When crendential verifications are done via a (slow)
    # network you are likely to need lots of authenticator
    # processes.
    # auth_param ntlm children 5
    #
    # "max_challenge_reuses" number
    # The maximum number of times a challenge given by a ntlm
    # authentication helper can be reused. Increasing this number
    # increases your exposure to replay attacks on your network.
    # 0 means use the challenge only once. (disable challenge
    # caching) See max_ntlm_challenge_lifetime for more information.
    # auth_param ntlm max_challenge_reuses 0
    #
    # "max_challenge_lifetime" timespan
    # The maximum time period that a ntlm challenge is reused
    # over. The actual period will be the minimum of this time
    # AND the number of reused challenges.
    # auth_param ntlm max_challenge_lifetime 2 minutes
    #
    # Recommended minimum configuration:
    # auth_param digest program uncomment and complete this line
    # auth_param digest children 5
    # auth_param digest realm Squid proxy-caching web server
    # auth_param digest nonce_garbage_interval 5 minutes
    # auth_param digest nonce_max_duration 30 minutes
    # auth_param digest nonce_max_count 50
    # auth_param ntlm program uncomment and complete this line to activate
    # auth_param ntlm children 5
    # auth_param ntlm max_challenge_reuses 0
    # auth_param ntlm max_challenge_lifetime 2 minutes
    # auth_param basic program uncomment and complete this line
    auth_param basic children 5
    auth_param basic realm Squid proxy-caching web server
    auth_param basic credentialsttl 2 hours
    # TAG: authenticate_cache_garbage_interval
    # The time period between garbage collection across the
    # username cache. This is a tradeoff between memory utilisation
    # (long intervals - say 2 days) and CPU (short intervals -
    # say 1 minute). Only change if you have good reason to.
    #
    # Default:
    # authenticate_cache_garbage_interval 1 hour
    # TAG: authenticate_ttl
    # The time a user and their credentials stay in the logged in
    # user cache since their last request. When the garbage
    # interval passes, all user credentials that have passed their
    # TTL are removed from memory.
    #
    # Default:
    # authenticate_ttl 1 hour
    # TAG: authenticate_ip_ttl
    # With this option you control how long a proxy authentication
    # will be bound to a specific IP address. If a request using
    # the same user name is received during this time then access
    # will be denied and both users are required to reauthenticate
    # them selves. The idea behind this is to make it annoying
    # for people to share their password to their friends, but
    # yet allow a dialup user to reconnect on a different dialup
    # port.
    #
    # The default is 0 to disable the check. Recommended value
    # if you have dialup users are no more than 60 seconds to allow
    # the user to redial without hassle. If all your users are
    # stationary then higher values may be used.
    #
    # See also the acl max_user_ip. The max_user_ip acl replaces
    # the authenticate_ip_ttl_is_strict option found in earlier
    # Squid versions.
    #
    # Default:
    # authenticate_ip_ttl 0 seconds
    # TAG: external_acl_type
    # This option defines external acl classes using a helper program
    # to look up the status
    #
    # external_acl_type name [options] FORMAT.. /path/to/helper [helper arguments..]
    #
    # Options:
    #
    # ttl=n TTL in seconds for cached results (defaults to 3600
    # for 1 hour)
    # negative_ttl=n
    # TTL for cached negative lookups (default same
    # as ttl)
    # concurrency=n Concurrency level / number of processes spawn
    # to service external acl lookups of this type.
    # cache=n result cache size, 0 is unbounded (default)
    #
    # FORMAT specifications
    #
    # PercentLOGIN Authenticated user login name
    # PercentIDENT Ident user name
    # PercentSRC Client IP
    # PercentDST Requested host
    # PercentPROTO Requested protocol
    # PercentPORT Requested port
    # PercentMETHOD Request method
    # Percent{Header} HTTP request header
    # Percent{Hdr:member} HTTP request header list member
    # Percent{Hdr:;member}
    # HTTP request header list member using ; as
    # list separator. ; can be any non-alphanumeric
    # character.
    #
    # In addition, any string specified in the referencing acl will
    # also be included in the helper request line, after the specified
    # formats (see the "acl external" directive)
    #
    # The helper receives lines per the above format specification,
    # and returns lines starting with OK or ERR indicating the validity
    # of the request and optionally followed by additional keywords with
    # more details.
    #
    # General result syntax:
    #
    # OK/ERR keyword=value ...
    #
    # Defined keywords:
    #
    # user= The users name (login)
    # error= Error description (only defined for ERR results)
    #
    # Keyword values need to be enclosed in quotes if they may contain
    # whitespace, or the whitespace escaped using \. Any quotes or \
    # characters within the keyword value must be \ escaped.
    #
    # Default:
    # none
    # OPTIONS FOR TUNING THE CACHE
    # -----------------------------------------------------------------------------
    # TAG: wais_relay_host
    # TAG: wais_relay_port
    # Relay WAIS request to host (1st arg) at port (2 arg).
    #
    # Default:
    # wais_relay_port 0
    # TAG: request_header_max_size (KB)
    # This specifies the maximum size for HTTP headers in a request.
    # Request headers are usually relatively small (about 512 bytes).
    # Placing a limit on the request header size will catch certain
    # bugs (for example with persistent connections) and possibly
    # buffer-overflow or denial-of-service attacks.
    #
    # Default:
    # request_header_max_size 10 KB
    # TAG: request_body_max_size (KB)
    # This specifies the maximum size for an HTTP request body.
    # In other words, the maximum size of a PUT/POST request.
    # A user who attempts to send a request with a body larger
    # than this limit receives an "Invalid Request" error message.
    # If you set this parameter to a zero (the default), there will
    # be no limit imposed.
    #
    # Default:
    # request_body_max_size 0 KB
    # TAG: refresh_pattern
    # usage: refresh_pattern [-i] regex min percent max [options]
    #
    # By default, regular expressions are CASE-SENSITIVE. To make
    # them case-insensitive, use the -i option.
    #
    # 'Min' is the time (in minutes) an object without an explicit
    # expiry time should be considered fresh. The recommended
    # value is 0, any higher values may cause dynamic applications
    # to be erroneously cached unless the application designer
    # has taken the appropriate actions.
    #
    # 'Percent' is a percentage of the objects age (time since last
    # modification age) an object without explicit expiry time
    # will be considered fresh.
    #
    # 'Max' is an upper limit on how long objects without an explicit
    # expiry time will be considered fresh.
    #
    # options: override-expire
    # override-lastmod
    # reload-into-ims
    # ignore-reload
    #
    # override-expire enforces min age even if the server
    # sent a Expires: header. Doing this VIOLATES the HTTP
    # standard. Enabling this feature could make you liable
    # for problems which it causes.
    #
    # override-lastmod enforces min age even on objects
    # that was modified recently.
    #
    # reload-into-ims changes client no-cache or ``reload''
    # to If-Modified-Since requests. Doing this VIOLATES the
    # HTTP standard. Enabling this feature could make you
    # liable for problems which it causes.
    #
    # ignore-reload ignores a client no-cache or ``reload''
    # header. Doing this VIOLATES the HTTP standard. Enabling
    # this feature could make you liable for problems which
    # it causes.
    #
    # Please see the file doc/Release-Notes-1.1.txt for a full
    # description of Squid's refresh algorithm. Basically a
    # cached object is: (the order is changed from 1.1.X)
    #
    # FRESH if expires now, else STALE
    # STALE if age max
    # FRESH if lm-factor percent, else STALE
    # FRESH if age min
    # else STALE
    #
    # The refresh_pattern lines are checked in the order listed here.
    # The first entry which matches is used. If none of the entries
    # match, then the default will be used.
    #
    # Note, you must uncomment all the default lines if you want
    # to change one. The default setting is only active if none is
    # used.
    #
    # Suggested default:
    refresh_pattern ftp: 1440 20Percent 10080
    refresh_pattern gopher: 1440 0Percent 1440
    refresh_pattern . 0 20Percent 4320
    # TAG: quick_abort_min (KB)
    # TAG: quick_abort_max (KB)
    # TAG: quick_abort_pct (percent)
    # The cache by default continues downloading aborted requests
    # which are almost completed (less than 16 KB remaining). This
    # may be undesirable on slow (e.g. SLIP) links and/or very busy
    # caches. Impatient users may tie up file descriptors and
    # bandwidth by repeatedly requesting and immediately aborting
    # downloads.
    #
    # When the user aborts a request, Squid will check the
    # quick_abort values to the amount of data transfered until
    # then.
    #
    # If the transfer has less than 'quick_abort_min' KB remaining,
    # it will finish the retrieval.
    #
    # If the transfer has more than 'quick_abort_max' KB remaining,
    # it will abort the retrieval.
    #
    # If more than 'quick_abort_pct' of the transfer has completed,
    # it will finish the retrieval.
    #
    # If you do not want any retrieval to continue after the client
    # has aborted, set both 'quick_abort_min' and 'quick_abort_max'
    # to '0 KB'.
    #
    # If you want retrievals to always continue if they are being
    # cached then set 'quick_abort_min' to '-1 KB'.
    #
    # Default:
    # quick_abort_min 16 KB
    # quick_abort_max 16 KB
    # quick_abort_pct 95
    # TAG: negative_ttl time-units
    # Time-to-Live (TTL) for failed requests. Certain types of
    # failures (such as "connection refused" and "404 Not Found") are
    # negatively-cached for a configurable amount of time. The
    # default is 5 minutes. Note that this is different from
    # negative caching of DNS lookups.
    #
    # Default:
    # negative_ttl 5 minutes
    # TAG: positive_dns_ttl time-units
    # Time-to-Live (TTL) for positive caching of successful DNS lookups.
    # Default is 6 hours (360 minutes). If you want to minimize the
    # use of Squid's ipcache, set this to 1, not 0.
    #
    # Default:
    # positive_dns_ttl 6 hours
    # TAG: negative_dns_ttl time-units
    # Time-to-Live (TTL) for negative caching of failed DNS lookups.
    #
    # Default:
    # negative_dns_ttl 5 minutes
    # TAG: range_offset_limit (bytes)
    # Sets a upper limit on how far into the the file a Range request
    # may be to cause Squid to prefetch the whole file. If beyond this
    # limit then Squid forwards the Range request as it is and the result
    # is NOT cached.
    #
    # This is to stop a far ahead range request (lets say start at 17MB)
    # from making Squid fetch the whole object up to that point before
    # sending anything to the client.
    #
    # A value of -1 causes Squid to always fetch the object from the
    # beginning so that it may cache the result. (2.0 style)
    #
    # A value of 0 causes Squid to never fetch more than the
    # client requested. (default)
    #
    # Default:
    # range_offset_limit 0 KB
    # TIMEOUTS
    # -----------------------------------------------------------------------------
    # TAG: connect_timeout time-units
    # Some systems (notably Linux) can not be relied upon to properly
    # time out connect(2) requests. Therefore the Squid process
    # enforces its own timeout on server connections. This parameter
    # specifies how long to wait for the connect to complete. The
    # default is two minutes (120 seconds).
    #
    # Default:
    # connect_timeout 2 minutes
    # TAG: peer_connect_timeout time-units
    # This parameter specifies how long to wait for a pending TCP
    # connection to a peer cache. The default is 30 seconds. You
    # may also set different timeout values for individual neighbors
    # with the 'connect-timeout' option on a 'cache_peer' line.
    #
    # Default:
    # peer_connect_timeout 30 seconds
    # TAG: read_timeout time-units
    # The read_timeout is applied on server-side connections. After
    # each successful read(), the timeout will be extended by this
    # amount. If no data is read again after this amount of time,
    # the request is aborted and logged with ERR_READ_TIMEOUT. The
    # default is 15 minutes.
    #
    # Default:
    # read_timeout 15 minutes
    # TAG: request_timeout
    # How long to wait for an HTTP request after initial
    # connection establishment.
    #
    # Default:
    # request_timeout 5 minutes
    # TAG: persistent_request_timeout
    # How long to wait for the next HTTP request on a persistent
    # connection after the previous request completes.
    #
    # Default:
    # persistent_request_timeout 1 minute
    # TAG: client_lifetime time-units
    # The maximum amount of time that a client (browser

  2. falta a parte das acls e http_access, que onde provavelmente está o problema.



  3. vc pderia ao menos tirar os comentarios antes de postar isso neh?

  4. Alguem sabe como fazer proxy transparente com o squidNT no windows?



  5. Resolvido!

    Foi só editar o arquivo squid.conf e corrigir os caminhos dos logs, .exe, etc ...

    Valeu!

    []´s






Tópicos Similares

  1. openwebmail .. arquivos de configuracao
    Por mcclaudio no fórum Servidores de Rede
    Respostas: 2
    Último Post: 20-04-2004, 11:34
  2. Respostas: 2
    Último Post: 26-09-2003, 17:06
  3. SIS 530 ? Onde fica arquivo de configuração!
    Por joe no fórum Servidores de Rede
    Respostas: 5
    Último Post: 05-09-2003, 12:47
  4. Arquivos de Configuração de Rede
    Por c4f0f0 no fórum Servidores de Rede
    Respostas: 1
    Último Post: 09-08-2003, 15:14
  5. Arquivos de Configuração do Linux
    Por lipealmeida no fórum Servidores de Rede
    Respostas: 1
    Último Post: 24-04-2003, 14:39

Visite: BR-Linux ·  VivaOLinux ·  Dicas-L