<!doctype linuxdoc system>
<article>
-<title>Squid 3.0.PRE7 release notes</title>
+<title>Squid 3.0.STABLE26 release notes</title>
<author>Squid Developers</author>
-<date>$Id: release-3.0.sgml,v 1.23 2007/08/27 23:58:34 hno Exp $</date>
<abstract>
This document contains the release notes for version 3.0 of Squid.
<sect>Notice
<p>
-The Squid Team are pleased to announce the release of Squid-3.0.PRE7 for pre-release testing.
+The Squid Team are pleased to announce the release of Squid-3.0.STABLE26.
-This new release is available for download from <url url="http://www.squid-cache.org/Versions/v3/3.0/"> or the <url url="http://www.squid-cache.org/Mirrors/http-mirrors.html" name="mirrors">.
+This new release is available for download from <url url="http://www.squid-cache.org/Versions/v3/3.0/"> or the <url url="http://www.squid-cache.org/Download/http-mirrors.html" name="mirrors">.
-A large number of the show-stopper bugs have been fixed along with general improvements to the ICAP support.
-While this release is not deemed ready for production use, we believe it is ready for wider testing by the community.
+A large number of the show-stopper bugs have been fixed along with general improvements to the ICAP support and additional Languages.
-We welcome feedback and bug reports. If you find a bug, please see <url url="http://wiki.squid-cache.org/SquidFaq/TroubleShooting#head-7067fc0034ce967e67911becaabb8c95a34d576d"> for how to submit a report with a stack trace.
+We welcome feedback and bug reports. If you find a bug, please see <url url="http://wiki.squid-cache.org/SquidFaq/BugReporting"> for how to submit a
+report with a stack trace.
<sect>Known issues
<p>
-Although this release is deemed good enough for testing in many setups, please note the existence of <url url="http://www.squid-cache.org/bugs/buglist.cgi?query_format=advanced&short_desc_type=allwordssubstr&short_desc=&target_milestone=3.0&long_desc_type=allwordssubstr&long_desc=&bug_file_loc_type=allwordssubstr&bug_file_loc=&status_whiteboard_type=allwordssubstr&status_whiteboard=&bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&emailtype1=substring&email1=&emailtype2=substring&email2=&bugidtype=include&bug_id=&votes=&chfieldfrom=&chfieldto=Now&chfieldvalue=&cmdtype=doit&order=bugs.bug_severity&field0-0-0=noop&type0-0-0=noop&value0-0-0=" name="open bugs against Squid-3.0">.
+Although this release is deemed good enough for use in many setups, please note the existence of <url url="http://bugs.squid-cache.org/buglist.cgi?query_format=advanced&short_desc_type=allwordssubstr&short_desc=&target_milestone=3.0&long_desc_type=allwordssubstr&long_desc=&bug_file_loc_type=allwordssubstr&bug_file_loc=&status_whiteboard_type=allwordssubstr&status_whiteboard=&bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&emailtype1=substring&email1=&emailtype2=substring&email2=&bugidtype=include&bug_id=&votes=&chfieldfrom=&chfieldto=Now&chfieldvalue=&cmdtype=doit&order=bugs.bug_severity&field0-0-0=noop&type0-0-0=noop&value0-0-0=" name="open bugs against Squid-3.0">.
-In particular, ESI may still be too buggy for meaningful testing at this stage.
-
-<sect>Changes since earlier PRE releases of Squid-3.0
+<sect>Changes since earlier STABLE releases of Squid-3.0
<p>
The 3.0 change history can be <url url="http://www.squid-cache.org/Versions/v3/3.0/changesets/" name="viewed here">.
-<sect>Changes since Squid-2.6.STABLE14
+<sect>Changes since Squid-2.6
<sect1>Major new features
<p>
The most important of these are:
<itemize>
- <item>Edge Side Include implementation (www.esi.org)
- <item>ICAP implementation (www.i-cap.org)
- <item>Finer control over cacheability (refresh_pattern)
+ <item>Code converted to C++, with significant internal restructuring and rewrites.
+ <item>ICAP implementation (RFC 3507 and www.icap-forum.org)
+ <item>Edge Side Includes (ESI) implementation (www.esi.org)
</itemize>
Most user-facing changes are reflected in squid.conf (see below).
+<sect2>Internet Content Adaptation Protocol (ICAP)
+
+<p>Squid 3.0 supports ICAP/1.0. To enable ICAP support, use the --enable-icap-client ./configure option and icap_enable squid.conf option. You will also need to configure ICAP services in your squid.conf using icap_service, icap_class, and icap_access options. The following example instructs Squid to talk to two ICAP services, one for request and one for response adaptation:
+
+<verb>
+icap_enable on
+icap_service service_req reqmod_precache 1 icap://127.0.0.1:1344/request
+icap_service service_resp respmod_precache 0 icap://127.0.0.1:1344/response
+icap_class class_req service_req
+icap_class class_resp service_resp
+icap_access class_req allow all
+icap_access class_resp allow all
+</verb>
+
+<p>Please see squid.conf.default for more details about these and many other icap_* options.
+
+<p>Squid supports pre-cache request and pre-cache response vectoring points. The following ICAP features are supported: message preview, 204 responses outside of preview, request satisfaction, X-Transfer-* negotiation, persistent ICAP connections, client IP/credentials sharing, and optional bypass of certain service failures.
+
+<p>No more than one ICAP service can be applied to an HTTP message. In other words, chaining or load balancing multiple services is not yet supported.
+
+<p>Proxy-directed data trickling and patience pages are not supported yet.
+
+<p>Following ICAP requirements, Squid never performs HTTP message adaptation without a successful and fresh ICAP OPTIONS response on file. A REQMOD or RESPMOD request will not be sent to a configured ICAP service until Squid receives a valid OPTIONS response from that service. If a service malfunctions or goes down, Squid may stop talking to the service for a while. Several squid.conf options can be used to tune the failure bypass algorithm (e.g., icap_service_failure_limit and icap_service_revival_delay).
+
+<p>The bypass parameter of the icap_service squid.conf option determines whether Squid will try to bypass service failures. Most connectivity and preview-stage failures can be bypassed.
+
+<p>More information about ICAP can be found from the ICAP-forum website <url url="http://www.icap-forum.org">
+
+<sect2>Edge Side Includes (ESI)
+
+<p>ESI is an open specification of an markup language enabling reverse proxies
+to perform some simple XML based processing, offloading the final page assembly from the webserver and similar tasks.
+
+<p>More information about ESI can be found from the ESI website <url url="http://www.esi.org">
+
<sect1>2.6 features not found in Squid-3.0
<p>
Some of the features found in Squid-2.6 is not available in Squid-3.
-Some has been dropped as they are not needed. Some has not yet been forward-ported to Squid-3 and may appear in a later release.
+Some have been dropped as they are not needed. Some have not yet been forward-ported to Squid-3 and may appear in a later release.
<itemize>
<item>refresh_stale_hit option. Not yet ported.
<item>Mapping of server error messages. Not yet ported.
<item>http_access2 access directive. Not yet ported.
<item>Location header rewrites. Not yet ported.
- <item>umask directive. Not yet ported.
<item>wais_relay. Feature dropped as it's equivalent to cache_peer + cache_peer_access.
<item>urlgroup. Not yet ported.
<item>collapsed forwarding. Not yet ported.
+ <item>stable Windows support. Irregularly maintained.
</itemize>
<sect1>Logging changes
<tag>TCP_REFRESH_UNMODIFIED</tag>
<p>The requested object was cached but STALE. The IMS query for the object resulted in "304 not modified".
<tag>TCP_REFRESH_MODIFIED</tag>
- <p>The requested object was cached but STALE. The IMS query returned the new content.\r
+ <p>The requested object was cached but STALE. The IMS query returned the new content.
</descrip>
<p>See <url url="http://www.squid-cache.org/Doc/FAQ/FAQ-6.html#ss6.7"> for a definition of all log types.
+<sect>Windows support
+<P>This Squid version can run on Windows as a system service using the Cygwin emulation environment,
+or can be compiled in Windows native mode using the MinGW + MSYS development environment. Windows NT 4 SP4 and later are supported.<newline>
+On Windows 2000 and later the service is configured to use the Windows Service Recovery option
+restarting automatically after 60 seconds.
+<descrip>
+<tag>Usage</tag>
-<sect1>Changes to squid.conf
-<p>
-There have been many changes to Squid's configuration file since Squid-2.6.
+Some new command line options were added for the Windows service support:<newline>
+
+The service installation is made with -i command line switch, it's possible to use -f switch at
+the same time for specify a different config-file settings for the Squid Service that will be
+stored on the Windows Registry.
+
+A new -n switch specify the Windows Service Name, so multiple Squid instance are allowed.
+<em/"Squid"/ is the default when the switch is not used.
+
+So, to install the service, the syntax is:
+
+<verb>squid -i [-f file] [-n name]</verb>
+
+Service uninstallation is made with -r command line switch with the appropriate -n switch.
+
+The -k switch family must be used with the appropriate -f and -n switches, so the syntax is:
+
+<verb>squid -k command [-f file] -n service-name</verb>
+where <em/service-name/ is the name specified with -n options at service install time.
+
+To use the Squid original command line, the new -O switch must be used ONCE, the syntax is:
+
+<verb>squid -O cmdline [-n service-name]</verb>
+If multiple service command line options must be specified, use quote. The -n switch is
+needed only when a non default service name is in use.
+
+Don't use the "Start parameters" in the Windows 2000/XP/2003 Service applet: they are
+specific to Windows services functionality and Squid is not designed for understand they.
+
+In the following example the command line of the "squidsvc" Squid service is set to "-D -u 3130":
+
+<verb>squid -O "-D -u 3130" -n squidsvc</verb>
+</descrip>
+
+<descrip>
+<tag>PSAPI.DLL (Process Status Helper) Considerations</tag>
-This section gives a thorough account of those changes in three categories:
+The process status helper functions make it easier for you to obtain information about
+processes and device drivers running on Microsoft? Windows NT?/Windows? 2000. These
+functions are available in PSAPI.DLL, which is distributed in the Microsoft? Platform
+Software Development Kit (SDK). The same information is generally available through the
+performance data in the registry, but it is more difficult to get to it. PSAPI.DLL is
+freely redistributable.
+PSAPI.DLL is available only on Windows NT, 2000, XP and 2003. The implementation in Squid is
+aware of this, and try to use it only on the right platform.
+
+On Windows NT PSAPI.DLL can be found as component of many applications, if you need it,
+you can find it on Windows NT Resource KIT. If you have problem, it can be
+downloaded from here:
+<url url="http://download.microsoft.com/download/platformsdk/Redist/4.0.1371.1/NT4/EN-US/psinst.EXE" name="http://download.microsoft.com/download/platformsdk/Redist/4.0.1371.1/NT4/EN-US/psinst.EXE">
+
+On Windows 2000 and later it is available installing the Windows Support Tools, located on the
+Support\Tools folder of the installation Windows CD-ROM.
+</descrip>
+
+<descrip>
+<tag>Registry DNS lookup</tag>
+On Windows platforms, if no value is specified in the <em/dns_nameservers/ option on
+squid.conf or in the /etc/resolv.conf file, the list of DNS name servers are
+taken from the Windows registry, both static and dynamic DHCP configurations
+are supported.
+</descrip>
+
+<descrip>
+<tag>Compatibility Notes</tag>
<itemize>
- <item><ref id="newtags" name="New tags">
- <item><ref id="modifiedtags" name="Changes to existing tags">
- <item><ref id="removedtags" name="Removed tags">
+<item>It's recommended to use '/' char in Squid paths instead of '\'
+<item>Paths with spaces (like 'C:\Programs Files\Squid) are NOT supported by Squid
+<item>When using ACL like 'acl aclname acltype "file"' the file must be in DOS text
+format (CR+LF) and the full Windows path must be specified, for example:
+
+<verb>acl blocklist url_regex -i "c:/squid/etc/blocked1.txt"</verb>
+
+<item>The Windows equivalent of '/dev/null' is 'NUL'
+<item>Squid doesn't know how to run external helpers based on scripts, like .bat, .cmd,
+.vbs, .pl, etc. So in squid.conf the interpreter path must be always specified, for example:
+
+<verb>redirect_program c:/perl/bin/perl.exe c:/squid/libexec/redir.pl
+redirect_program c:/winnt/system32/cmd.exe /C c:/squid/libexec/redir.cmd</verb>
+<item>When Squid runs in command line mode, the launching user account must have administrative privilege on the system
+<item>"Start parameters" in the Windows 2000/XP/2003 Service applet cannot be used
+<item>Building with MinGW, when the configure option --enable-truncate is used, Squid cannot run on Windows NT, only Windows 2000 and later are supported
+<item>On Windows Vista and later, User Account Control (UAC) must be disabled before running service installation
</itemize>
+</descrip>
+
+<descrip>
+<tag>Known Limitations</tag>
+<itemize>
+<item>Squid features not operational:<newline>
+<itemize>
+<item>DISKD: still needs to be ported<newline>
+<item>WCCP: cannot work because user space GRE support on Windows is missing<newline>
+<item>Transparent Proxy: missing Windows non commercial interception driver<newline>
+</itemize>
+<item>Some code sections can make blocking calls.
+<item>Some external helpers may not work.
+<item>File Descriptors number hard-limited to 2048 when building with MinGW.
+</itemize>
+</descrip>
+
+<descrip>
+<tag>Building Squid on Windows</tag>
+A reasonably recent release of <url url="http://www.cygwin.com/" name="Cygwin"> or <url url="http://www.mingw.org/" name="MinGW"> is needed.<newline>
+The usage of the Cygwin environment is very similar to other Unix/Linux environments, and -devel version of libraries must be installed.<newline>
+For the MinGW environment, the packages MSYS, MinGW and msysDTK must be installed. Some additional libraries and tools must be downloaded separately:<newline><newline>
+OpenSSL: <url url="http://www.slproweb.com/products/Win32OpenSSL.html" name="Shining Light Productions Win32 OpenSSL"><newline>
+libcrypt: <url url="http://sourceforge.net/projects/mingwrep/" name="MinGW packages repository"><newline>
+db-1.85: <url url="http://tinycobol.org/download.html" name="TinyCOBOL download area"><newline>
+uudecode: <url url="http://unxutils.sourceforge.net/" name="Native Win32 ports of some GNU utilities"><newline><newline>
+When running configure, --disable-wccp and --disable-wccpv2 options should always specified to avoid compile errors.<newline>
+<itemize>
+<item>New configure options:<newline>
+<itemize>
+<item>--enable-win32-service<newline>
+</itemize>
+<item>Updated configure options:<newline>
+<itemize>
+<item>--enable-arp-acl<newline>
+<item>--enable-default-hostsfile<newline>
+</itemize>
+<item>Unsupported configure options:<newline>
+<itemize>
+<item>--enable-coss-aio-ops: On Windows Posix AIO is not available<newline>
+<item>--with-large-files: No suitable build environment is available on both Cygwin and MinGW, but --enable-large-cache-files works fine<newline>
+</itemize>
+<item>Recommended configure minimal options for Windows:<newline>
+<itemize>
+<item>--prefix=c:/squid --disable-wccp --disable-wccpv2 --enable-win32-service --enable-default-hostsfile=none
+</itemize>
+</itemize>
+<newline>
+Before build Squid with SSL support, some operations are needed (in the following example OpenSSL is installed in C:\OpenSSL and MinGW in C:\MinGW):
+<itemize>
+<item>Copy C:\OpenSSL\lib\MinGW content to C:\MinGW\lib<newline>
+<item>Copy C:\OpenSSL\include\openssl content to C:\MinGW\include\openssl<newline>
+<item>Rename C:\MinGW\lib\ssleay32.a to C:\MinGW\lib\libssleay32.a<newline>
+</itemize>
+
+</descrip>
+
+<descrip>
+<tag>Using cache manager on Windows:</tag>
+On Windows, cache manager (cachemgr.cgi) can be used with Microsoft IIS or Apache.<newline>
+Some specific configuration could be needed:<newline>
+<itemize>
+<item>IIS 6 (Windows 2003):<newline>
+<itemize>
+<item>On IIS 6.0 all CGI extensions are denied by default for security reason, so the following configuration is needed:<newline>
+<itemize>
+<item>Create a cgi-bin Directory
+<item>Define the cgi-bin IIS Virtual Directory with read and CGI execute IIS
+permissions, ASP scripts are not needed. This automatically defines a
+cgi-bin IIS web application
+<item>Copy cachemgr.cgi into cgi-bin directory and look to file permissions:
+the IIS system account and SYSTEM must be able to read and execute the file
+<item>In IIS manager go to Web Service extensions and add a new Web Service
+Extension called <em/"Squid Cachemgr"/, add the cachemgr.cgi file and set the
+extension status to <em/Allowed/
+</itemize>
+</itemize>
+<item>Apache:<newline>
+<itemize>
+<item>On Windows, cachemgr.cgi needs to create a temporary file, so Apache must be instructed
+ to pass the TMP and TEMP Windows environment variables to CGI applications:<newline>
+<verb>
+ScriptAlias /squid/cgi-bin/ "c:/squid/libexec/"
+<Location /squid/cgi-bin/cachemgr.cgi>
+ PassEnv TMP TEMP
+ Order allow,deny
+ Allow from workstation.example.com
+</Location>
+</verb>
+</itemize>
+</itemize>
+</descrip>
-<p>
+<sect>Changes to squid.conf since Squid-2.6
+<p>There have been many changes to Squid's configuration file since Squid-2.6.
-<sect2>New tags<label id="newtags">
+<p>This section gives a detailed account of those changes in three categories:
+<itemize>
+ <item><ref id="newtags" name="New tags">
+ <item><ref id="modifiedtags" name="Changes to existing tags">
+ <item><ref id="removedtags" name="Removed tags">
+</itemize>
+<p>
+
+<sect1>New tags<label id="newtags">
<p>
<descrip>
<tag>minimum_icp_query_timeout (msec)</tag>
of a dynamic) timeout value. To set a fixed timeout see the
'icp_query_timeout' directive.
</verb>
+
<tag>background_ping_rate</tag>
<verb>
Default: 10 seconds
through without being processed by an ICAP server
service_url = icap://servername:port/service
-Note: reqmod_precache and respmod_postcache is not yet implemented
+Note: reqmod_postcache and respmod_postcache is not yet implemented
Example:
icap_service service_1 reqmod_precache 0 icap://icap1.mydomain.net:1344/reqmod
to Squid until a full HTTP request has been received.
See the accf_http(9) man page.
</verb>
+
+ <tag>include</tag>
+ <p>New option to import entire secondary configuration files into squid.conf.
+ <verb>
+ Squid will follow the files immediately and insert all their content
+ as if it was at that position in squid.conf. As per squid.conf some
+ options are order-specific within the config as a whole.
+
+ A few layers of include are allowed, but too many are confusing and
+ squid will enforce an include depth of 16 files.
+
+ Syntax:
+ include /path/to/file1 /path/to/file2
+ </verb>
+
+ <tag>acl myportname</tag>
+ <p>New acl type myportname, matching the name of the http(s)_port where the request was accepted
+ <verb>
+ acl aclname myportname 3128 ... # http(s)_port name
+ </verb>
+
+ <tag>umask</tag>
+ <p>Ported from 2.6. Behaviour identical.
+ <verb>
+ Minimum umask which should be enforced while the proxy
+ is running, in addition to the umask set at startup.
+
+ For a traditional octal representation of umasks, start
+ your value with 0.
+ </verb>
+
</descrip>
-<sect2>Changes to existing tags<label id="modifiedtags">
+<sect1>Changes to existing tags<label id="modifiedtags">
<p>
<descrip>
<tag>http_port</tag>
certain clients sporadically hang or never complete requests set
disable-pmtu-discovery option to 'transparent'.
</verb>
- <p>Removed options:
- <verb>
- urlgroup=, not yet ported to Squid-3.
-
- no-connection-auth, not yet ported to Squid-3.
- </verb>
- <tag> https_port</tag>
- <p>Removed options:
- <verb>
- urlgroup=, not yet ported to Squid-3.
- </verb>
+
<tag>cache_peer</tag>
<p>New options:
<verb>
frequency of each parent being based on the round trip
time. Closer parents are used more often.
Usually used for background-ping parents.
-
</verb>
- <p>Removed options:
- <verb>
- userhash, not yet ported to Squid-3
-
- sourcehash, not yet ported to Squid-2
- monitorurl, monitorsize etc, not yet ported to Squid-3
-
- connection-auth=, not yet ported to Squid-3
- </verb>
<tag>cache_dir</tag>
- <p>Common options
- <verb>
- no-store, replaces the older read-only option
-
- min-size, not yet portedto Squid-3
- </verb>
- <p>COSS file system:
- <verb>
- The coss file store is experimental, and still lacks much
- of the functionality found in 2.6.
+ <p>Common options <em>no-store</em>, replaces the older <em>read-only</em> option
- overwrite-percent=n, not yet ported to Squid-3.
-
- max-stripe-waste=n, not yet ported to Squid-3.
-
- membufs=n, not yet ported to Squid-3.
-
- maxfullbufs=n, not yet ported to Squid-3.
- </verb>
<tag>auth_param</tag>
+ <p>NCSA authenticator updated in 3.0.STALE26 to alert if passwords with more
+ than 8 characters are used with DES encryption method.
<p>Removed Basic auth option
<verb>
blankpasswor, not yet ported to squid-3.
auth_param basic concurrency 0
</verb>
- <p>Removed digest options:
- <verb>
- concurrency, not yet ported to Squid-3.
- </verb>
<tag>external_acl_type</tag>
<p>New format specifications:
%URI Requested URI
%PATH Requested URL path
- </verb>
- <P>Removed format specifications:
- <verb>
- %ACL, not yet ported to Squid-3
-
- %DATA, not yet ported to Squid-3
</verb>
<p>New result keywords:
<verb>
ensures that the client will receive an updated version
if one is available.
</verb>
+
<tag>acl</tag>
+ <p>The 'all' ACL is now provided as a built-in. Warnings will be displayed if any attempt is made to redefine it.
<p>New types:
<verb>
acl aclname http_status 200 301 500- 400-403 ... # status code in reply
-
</verb>
- <p>Removed types:
- <verb>
- acl aclname urllogin [-i] [^a-zA-Z0-9] ... # regex matching on URL login field
-
- acl urlgroup group1 ...
- # match against the urlgroup as indicated by redirectors
- </verb>
<tag>short_icon_urls</tag>
<p>New default:
<verb>
<sS Upstream object size
</verb>
- <p>Removed format tags:
- <verb>
- >st Request size including HTTP headers, not yet ported to Squid-3.
-
- st Request+Reply size including HTTP headers, not yet ported to Squid-3.
- </verb>
-
<tag>reply_body_max_size</tag>
<p>Syntax changed:
<verb>
<p>allow/deny no longer used.
<tag>url_rewrite_program</tag>
- <p>No urlgroup support in either requests or responese
+ <p>No urlgroup support in either requests or response
+
+ <tag>auth_param</tag>
+ <p>fake_auth helper for NTLM now accepts the '-S' parameter to strip NTLM domain off the username string.
+ This is useful for class 4 Delay Pools in Squid 3.x
+
+ <tag>half_closed_clients</tag>
+ <p>New default value of OFF
+
+</descrip>
+
+<sect1>Removed tags<label id="removedtags">
+<p>
+<descrip>
+ <tag>header_access</tag>
+ <p>This has been replaced by request_header_access and reply_header_access
+
+ <tag>httpd_accel_no_pmtu_disc</tag>
+ <p>Replaced by disable-pmtu-discovery http_port option
+
+ <tag>wais_relay_*</tag>
+ <p>equivalent to cache_peer + cache_peer_access.
+
+</descrip>
+
+
+<sect>Changes to ./configure Options since Squid-2.6
+<p>There have been some changes to Squid's build configuration since Squid-2.6.
+
+<p>This section gives an account of those changes in three categories:
+
+<itemize>
+ <item><ref id="newoptions" name="New options">
+ <item><ref id="modifiedoptions" name="Changes to existing options">
+ <item><ref id="removedoptions" name="Removed options">
+</itemize>
+<p>
+
+
+<sect1>New options<label id="newoptions">
+
+<p>
+<descrip>
+ <tag>--enable-shared[=PKGS]</tag>
+ <p>Build shared libraries. The default is to build without.</p>
+
+ <tag>--enable-static[=PKGS]</tag>
+ <p>Build static libraries. The default is on.</p>
+
+ <tag>--enable-fast-install[=PKGS]</tag>
+ <verb>Optimize for fast installation
+ default: yes</verb>
+
+ <tag>--disable-libtool-lock</tag>
+ <p>Avoid locking (might break parallel builds)</p>
+
+ <tag>--disable-optimizations</tag>
+ <p>Don't compile Squid with compiler optimizations enabled.
+ Optimization is good for production builds, but not
+ good for debugging. During development, use
+ --disable-optimizations to reduce compilation times
+ and allow easier debugging. This option implicitly
+ also enables --disable-inline</p>
+
+ <tag>--disable-inline</tag>
+ <p>Don't compile trivial methods as inline. Squid
+ is coded with much of the code able to be inlined.
+ Inlining is good for production builds, but not
+ good for development. During development, use
+ --disable-inline to reduce compilation times and
+ allow incremental builds to be quick. For
+ production builds, or load tests, use
+ --enable-inline to have squid make all trivial
+ methods inlinable by the compiler.</p>
+
+ <tag>--enable-debug-cbdata</tag>
+ <p>Provide some debug information in cbdata</p>
+
+ <tag>--enable-disk-io=\"list of modules\"</tag>
+ <p>Build support for the list of disk I/O modules.
+ The default is only to build the "Blocking" module.
+ See src/DiskIO for a list of available modules, or
+ Programmers Guide for details on how to build your
+ custom disk module.</p>
+
+ <tag>--enable-esi</tag>
+ <p>Enable ESI for accelerators. Requires libexpat.
+ Enabling ESI will cause squid to follow the Edge
+ Acceleration Specification (www.esi.org). This
+ causes squid to IGNORE client Cache-Control headers.</p>
+ <p><em>DO NOT</em> use this in a squid configured as a web
+ proxy, ONLY use it in a squid configured for
+ webserver acceleration.</p>
+
+ <tag>--enable-icap-client</tag>
+ <p>Enable the ICAP client.</p>
+
+ <tag>--disable-snmp</tag>
+ <p>Disable SNMP monitoring support which is now built by default.</p>
+
+ <tag>--disable-htcp</tag>
+ <p>Disable HTCP protocol support which is now built by default.</p>
+
+ <tag>--enable-kqueue</tag>
+ <p>Enable kqueue() support. Marked as experimental in 3.0.</p>
+
+ <tag>--enable-ipfw-transparent</tag>
+ <p>Enable Transparent Proxy support for systems
+ using FreeBSD IPFW style redirection.</p>
+
+ <tag>--disable-mempools</tag>
+ <p>Disable memPools. Note that this option now simply sets the
+ default behaviour. Specific classes can override this at runtime, and
+ only lib/MemPool.c needs to be altered to change the squid-wide
+ default for all classes.</p>
+
+ <tag>--enable-cpu-profiling</tag>
+ <p>This option allows you to see which internal functions
+ in Squid are consuming how much CPU. Compiles in probes
+ that measure time spent in probed functions. Needs
+ source modifications to add new probes. This is meant
+ for developers to assist in performance optimisations
+ of Squid internal functions.</p>
+ <p>If you are not developer and not interested in the stats
+ you shouldn't enable this, as overhead added, although
+ small, is still overhead. See lib/Profiler.c for more.</p>
+
+ <tag>--with-gnu-ld</tag>
+ <p>Assume the C compiler uses GNU ld. The default is to auto-detect.</p>
+
+ <tag>--with-pic</tag>
+ <p>Try to use only PIC/non-PIC objects. The default is to use both.</p>
+
+ <tag>--with-tags[=TAGS]</tag>
+ <p>Include additional configurations. The default is automatic.</p>
+
+ <tag>--with-default-user=USER</tag>
+ <p>Sets the default System User account for squid permissions.
+ The default is 'nobody' as in other releases of squid.</p>
+
+ <tag>--with-cppunit-basedir=[PATH]</tag>
+ <p>Path where the cppunit headers and libraries are found
+ for unit testing. The default is automatic detection.</p>
+ <p>NOTE: Since 3.0-PRE6 and 2.6STABLE14 squid no longer comes
+ bundled with CPPUnit. Compile-time validation will be disabled
+ if it is not installed on your system.</p>
+
</descrip>
+</p>
+
+<sect1>Changes to existing options<label id="modifiedoptions">
+
+<p>
+<descrip>
+ <tag>--enable-carp</tag>
+ <p>CARP support is now built by default.
+ --disable-carp can be used to build without it.</p>
+
+ <tag>--enable-htcp</tag>
+ <p>HTCP protocol support is now built by default.
+ Use --disable-htcp to build without it.</p>
+
+ <tag>--enable-snmp</tag>
+ <p>SNMP monitoring is now build by default.
+ Use --disable-snmp to build without it.</p>
+
+ <tag>--enable-heap-replacement</tag>
+ <p>Please use --enable-removal-policies directive instead.</p>
+
+ <tag>--with-maxfd=N</tag>
+ <p>Replaced by --with-filedescriptors=N</p>
+ <p>Override maximum number of filedescriptors. Useful
+ if you build as another user who is not privileged
+ to use the number of filedescriptors you want the
+ resulting binary to support</p>
+
+ <tag>--enable-select</tag>
+ <p>Deprecated.
+ Automatic checks will enable best I/O loop method available.</p>
+ <tag>--enable-epoll</tag>
+ <p>Deprecated.
+ Automatic checks will enable best I/O loop method available.</p>
+ <tag>--enable-poll</tag>
+ <p>Deprecated.
+ Automatic checks will enable best I/O loop method available.</p>
+ <tag>--enable-kqueue</tag>
+ <p>kqueue support is marked Experimental in Squid 3.0. Known to have some issues under load.</p>
-<sect2>Removed tags<label id="removedtags">
+</descrip>
+</p>
+
+
+<sect1>Removed options<label id="removedoptions">
+
+<p>The following configure options have been removed.
+
+<descrip>
+ <tag>--enable-dlmalloc</tag>
+ <p>Most OS:es have good malloc implementations these days, and the version we used to ship with Squid was very very old..</p>
+ <tag>--enable-mempool-debug</tag>
+ <p>Debug option, not needed and therefore removed.</p>
+ <tag>--enable-forward-log</tag>
+ <p>Rarely used extra log file. Removed.</p>
+ <tag>--enable-multicast-miss</tag>
+ <p>Rarely used feature, and multicast ICP acheives almost the same result. Removed.</p>
+ <tag>--enable-coss-aio-ops</tag>
+ <p>Specific to the COSS implementation in Squid-2</p>
+ <tag>--enable-large-cache-files</tag>
+ <p>Now enabled by default. Configure option was redundant and therefore removed.
+ <tag>--enable-truncate</tag>
+ <p>Known to cause race conditions where cache objects may get corrupted, and this for at most a marginal performance improvement. Removed.</p>
+
+</descrip>
+
+
+<sect>Regressions since Squid-2.7
+
+<p>Some squid.conf and ./configure options which were available in Squid-2.7 are not yet available in Squid-3.0
+
+<p>If you need something to do then porting one of these from Squid-2 to Squid-3 is most welcome.
+
+<sect1>Missing squid.conf options available in Squid-2.7
<p>
<descrip>
+ <tag>acl</tag>
+ <p><em>urllogin</em> option not yet ported from 2.6
+ <p><em>urlgroup</em> option not yet ported from 2.6
+
+ <tag>acl_uses_indirect_client</tag>
+ <p>Not yet ported from 2.6
+
+ <tag>auth_param digest</tag>
+ <p><em>concurrency</em> option not yet ported from Squid-2
+
+ <tag>authenticate_ip_shortcircuit_access</tag>
+ <p>Not yet ported from 2.7
+
+ <tag>authenticate_ip_shortcircuit_ttl</tag>
+ <p>Not yet ported from 2.7
+
<tag>broken_vary_encoding</tag>
- <p>Not yet ported to Squid-3.
+ <p>Not yet ported from 2.6
+
+ <tag>cache_dir</tag>
+ <p><em>min-size</em> option not yet ported from Squid-2
+ <p><em>COSS</em> storage type is lacking stability fixes from 2.6
+ <p>COSS <em>overwrite-percent=</em> option not yet ported from 2.6
+ <p>COSS <em>max-stripe-waste=</em> option not yet ported from 2.6
+ <p>COSS <em>membufs=</em> option not yet ported from 2.6
+ <p>COSS <em>maxfullbufs=</em> option not yet ported from 2.6
+
+ <tag>cache_peer</tag>
+ <p><em>multicast-siblings</em> not yet ported from 2.7
+ <p><em>idle=</em> not yet ported from 2.7
+ <p><em>http11</em> not yet ported from 2.7
+ <p><em>connection-auth=</em> not yet ported from 2.6
+ <p><em>monitorinterval=</em> not yet ported from 2.6
+ <p><em>monitorsize=</em> not yet ported from 2.6
+ <p><em>monitortimeout=</em> not yet ported from 2.6
+ <p><em>monitorurl=</em> not yet ported from 2.6
+
<tag>cache_vary</tag>
- <p>Not yet ported to Squid-3.
+ <p>Not yet ported from 2.6
+
<tag>collapsed_forwarding</tag>
- <p>Not yet ported to Squid-3.
- <tag>follow_x_forwarded_for</tag>
- <p>Not yet ported to Squid-3.
- <tag>*_uses_indirect_client</tag>
- <p>Not yet ported to Squid-3.
+ <p>Not yet ported from 2.6
+
+ <tag>delay_pool_uses_indirect_client</tag>
+ <p>Not yet ported from 2.6
+
<tag>error_map</tag>
- <p>Not yet ported to Squid-3.
- <tag>header_access</tag>
- <p>This has been replaced by request_header_access and reply_header_access
+ <p>Not yet ported from 2.6
+
+ <tag>external_acl_type</tag>
+ <p><em>%ACL</em> format tag not yet ported from 2.6
+ <p><em>%DATA</em> format tag not yet ported from 2.6
+
+ <tag>external_refresh_check</tag>
+ <p>Not yet ported from 2.7
+
+ <tag>follow_x_forwarded_for</tag>
+ <p>Not yet ported from 2.6
+
<tag>http_access2</tag>
- <p>Not yet ported to Squid-3.
- <tag>httpd_accel_no_pmtu_disc</tag>
- <p>Replaced by disable-pmtu-discovery http_port option
- <tag>location_rewrite_*</tag>
- <p>Not yet ported to Squid-3.
+ <p>Not yet ported from 2.6
+
+ <tag>http_port</tag>
+ <p><em>act-as-origin</em> not yet ported from 2.7
+ <p><em>allow-direct</em> not yet ported from 2.7
+ <p><em>http11</em> not yet ported from 2.7
+ <p><em>urlgroup=</em> not yet ported from 2.6
+ <p><em>no-connection-auth</em> not yet ported from 2.6
+
+ <tag>ignore_expect_100</tag>
+ <p>Not yet ported from 2.7
+
+ <tag>ignore_ims_on_miss</tag>
+ <p>Not yet ported from 2.7
+
+ <tag>location_rewrite_access</tag>
+ <p>Not yet ported from 2.6
+
+ <tag>location_rewrite_children</tag>
+ <p>Not yet ported from 2.6
+
+ <tag>location_rewrite_concurrency</tag>
+ <p>Not yet ported from 2.6
+
+ <tag>location_rewrite_program</tag>
+ <p>Not yet ported from 2.6
+
+ <tag>log_uses_indirect_client</tag>
+ <p>Not yet ported from 2.6
+
+ <tag>logfile_daemon</tag>
+ <p>Not yet ported from 2.7
+
+ <tag>logformat</tag>
+ <p><em>%oa</em> tag not yet ported from 2.7
+ <p><em>%sn</em> tag not yet ported from 2.7
+
+ <tag>max_filedescriptors</tag>
+ <p>Not yet ported from 2.7
+
+ <tag>max_stale</tag>
+ <p>Not yet ported from 2.7
+
+ <tag>refresh_pattern</tag>
+ <p><em>stale-while-revalidate=</em> not yet ported from 2.7
+ <p><em>ignore-stale-while-revalidate=</em> not yet ported from 2.7
+ <p><em>max-stale=</em> not yet ported from 2.7
+ <p><em>negative-ttl=</em> not yet ported from 2.7
+
<tag>refresh_stale_hit</tag>
- <p>Not yet ported to Squid-3.
- <tag>umask</tag>
- <p>Not yet ported to Squid-3.
- <tag>wais_relay_*</tag>
- <p>equivalent to cache_peer + cache_peer_access.
+ <p>Not yet ported from 2.7
+
+ <tag>server_http11</tag>
+ <p>Not yet ported from 2.7
+
+ <tag>storeurl_access</tag>
+ <p>Not yet ported from 2.7
+
+ <tag>storeurl_rewrite_children</tag>
+ <p>Not yet ported from 2.7
+
+ <tag>storeurl_rewrite_concurrency</tag>
+ <p>Not yet ported from 2.7
+
+ <tag>storeurl_rewrite_program</tag>
+ <p>Not yet ported from 2.7
+
+ <tag>update_headers</tag>
+ <p>Not yet ported from 2.7
+
+ <tag>upgrade_http0.9</tag>
+ <p>Not yet ported from 2.7
+
+ <tag>zero_buffers</tag>
+ <p>Not yet ported from 2.7
+
</descrip>
+<sect1>Missing ./configure options available in Squid-2.7
+<p>
+<descrip>
+ <tag>--enable-devpoll</tag>
+ <p>Support for Solaris /dev/poll</p>
-</article>
+ <tag>--enable-select-simple</tag>
+ <p>Basic POSIX select() loop without any binary fd_set optimizations.</p>
+
+ <tag>--enable-follow-x-forwarded-for</tag>
+ <p>Support following the X-Forwarded-For HTTP header for determining the
+ client IP address</p>
+ <tag>--without-system-md5</tag>
+
+</descrip>
+
+<sect>Copyright
+<p>
+Copyright (C) 1996-2017 The Squid Software Foundation and contributors
+<p>
+Squid software is distributed under GPLv2+ license and includes
+contributions from numerous individuals and organizations.
+Please see the COPYING and CONTRIBUTORS files for details.
+
+</article>
projects / thirdparty / squid.git / blobdiff