<BODY>
<H1>Squid 3.0.PRE7 release notes</H1>
-<H2>Squid Developers</H2>$Id: release-3.0.html,v 1.8 2007/09/03 03:11:44 hno Exp $
+<H2>Squid Developers</H2>$Id: release-3.0.html,v 1.9 2007/09/03 05:33:26 amosjeffries Exp $
<HR>
<EM>This document contains the release notes for version 3.0 of Squid.
Squid is a WWW Cache application developed by the National Laboratory
<P>The TCP_REFRESH_HIT and TCP_REFRESH_MISS log types have been replaced because they were misleading (all refreshes need to query the origin server, so they could never be hits). The following log types have been introduced to replace them:</P>
<P>
<DL>
-<DT><B>TCP_REFRESH_UNMODIFIED</B><DD><P>The requested object was cached but STALE. The IMS query for the object resulted in "304 not modified".</P>
-<DT><B>TCP_REFRESH_MODIFIED</B><DD><P>The requested object was cached but STALE. The IMS query returned the new content.
-</P>
+<DT><B>TCP_REFRESH_UNMODIFIED</B><DD>
+<P>The requested object was cached but STALE. The IMS query for the object resulted in "304 not modified".</P>
+<DT><B>TCP_REFRESH_MODIFIED</B><DD>
+<P>The requested object was cached but STALE. The IMS query returned the new content.</P>
</DL>
</P>
<P>See
<P>
<DL>
-<DT><B>minimum_icp_query_timeout (msec)</B><DD><P>
+<DT><B>minimum_icp_query_timeout (msec)</B><DD>
+<P>
<PRE>
Default: 5
</PRE>
</P>
-<DT><B>background_ping_rate</B><DD><P>
+<DT><B>background_ping_rate</B><DD>
+<P>
<PRE>
Default: 10 seconds
</PRE>
</P>
-<DT><B>httpd_accel_surrogate_id</B><DD><P>
+<DT><B>httpd_accel_surrogate_id</B><DD>
+<P>
<PRE>
Default: unset
</PRE>
</P>
-<DT><B>http_accel_surrogate_remote on|off</B><DD><P>
+<DT><B>http_accel_surrogate_remote on|off</B><DD>
+<P>
<PRE>
Default: off
</PRE>
</P>
-<DT><B>esi_parser libxml2|expat|custom</B><DD><P>
+<DT><B>esi_parser libxml2|expat|custom</B><DD>
+<P>
<PRE>
Default: custom
</PRE>
</P>
-<DT><B>email_err_data on|off</B><DD><P>
+<DT><B>email_err_data on|off</B><DD>
+<P>
<PRE>
Default: on
</PRE>
</P>
-<DT><B>refresh_all_ims on|off</B><DD><P>
+<DT><B>refresh_all_ims on|off</B><DD>
+<P>
<PRE>
Default: off
</PRE>
</P>
-<DT><B>request_header_access</B><DD><P>Replaces the header_access directive of Squid-2.6 and earlier, but applies to requests only.</P>
-<DT><B>reply_header_access</B><DD><P>Replaces the header_access directive of Squid-2.6 and earlier, but applies to replies only.</P>
+<DT><B>request_header_access</B><DD>
+<P>Replaces the header_access directive of Squid-2.6 and earlier, but applies to requests only.</P>
+<DT><B>reply_header_access</B><DD>
+<P>Replaces the header_access directive of Squid-2.6 and earlier, but applies to replies only.</P>
-<DT><B>icap_enable on|off</B><DD><P>
+<DT><B>icap_enable on|off</B><DD>
+<P>
<PRE>
Default: off
</PRE>
</P>
-<DT><B>icap_preview_enable on|off</B><DD><P>
+<DT><B>icap_preview_enable on|off</B><DD>
+<P>
<PRE>
Default: off
</PRE>
</P>
-<DT><B>icap_preview_size</B><DD><P>
+<DT><B>icap_preview_size</B><DD>
+<P>
<PRE>
Default: -1
</PRE>
</P>
-<DT><B>icap_default_options_ttl (seconds)</B><DD><P>
+<DT><B>icap_default_options_ttl (seconds)</B><DD>
+<P>
<PRE>
Default: 60
</PRE>
</P>
-<DT><B>icap_persistent_connections on|off</B><DD><P>
+<DT><B>icap_persistent_connections on|off</B><DD>
+<P>
<PRE>
Default: on
</PRE>
</P>
-<DT><B>icap_send_client_ip on|off</B><DD><P>
+<DT><B>icap_send_client_ip on|off</B><DD>
+<P>
<PRE>
Default: off
</PRE>
</P>
-<DT><B>icap_send_client_username on|off</B><DD><P>
+<DT><B>icap_send_client_username on|off</B><DD>
+<P>
<PRE>
Default: off
</PRE>
</P>
-<DT><B>icap_service</B><DD><P>
+<DT><B>icap_service</B><DD>
+<P>
<PRE>
Default: none
</PRE>
</P>
-<DT><B>icap_class</B><DD><P>
+<DT><B>icap_class</B><DD>
+<P>
<PRE>
Default: none
</PRE>
</P>
-<DT><B>icap_access</B><DD><P>
+<DT><B>icap_access</B><DD>
+<P>
<PRE>
Default: none
</PRE>
</P>
-<DT><B>accept_filter</B><DD><P>
+<DT><B>accept_filter</B><DD>
+<P>
<PRE>
The name of an accept(2) filter to install on Squid's
listen socket(s). This feature is perhaps specific to
<P>
<DL>
-<DT><B>http_port</B><DD><P>New options:
+<DT><B>http_port</B><DD>
+<P>New options:
<PRE>
disable-pmtu-discovery=
Control Path-MTU discovery usage:
</PRE>
</P>
-<DT><B> https_port</B><DD><P>Removed options:
+<DT><B> https_port</B><DD>
+<P>Removed options:
<PRE>
urlgroup=, not yet ported to Squid-3.
</PRE>
</P>
-<DT><B>cache_peer</B><DD><P>New options:
+<DT><B>cache_peer</B><DD>
+<P>New options:
<PRE>
basetime=n
</PRE>
</P>
-<DT><B>cache_dir</B><DD><P>Common options
+<DT><B>cache_dir</B><DD>
+<P>Common options
<PRE>
no-store, replaces the older read-only option
</PRE>
</P>
-<DT><B>auth_param</B><DD><P>Removed Basic auth option
+<DT><B>auth_param</B><DD>
+<P>Removed Basic auth option
<PRE>
blankpasswor, not yet ported to squid-3.
auth_param basic concurrency 0
</PRE>
</P>
-<DT><B>external_acl_type</B><DD><P>New format specifications:
+<DT><B>external_acl_type</B><DD>
+<P>New format specifications:
<PRE>
%URI Requested URI
</PRE>
</P>
-<DT><B>refresh_pattern</B><DD><P>New options:
+<DT><B>refresh_pattern</B><DD>
+<P>New options:
<PRE>
ignore-no-store
refresh-ims
</PRE>
</P>
-<DT><B>acl</B><DD><P>New types:
+<DT><B>acl</B><DD>
+<P>New types:
<PRE>
acl aclname http_status 200 301 500- 400-403 ... # status code in reply
</PRE>
</P>
-<DT><B>short_icon_urls</B><DD><P>New default:
+<DT><B>short_icon_urls</B><DD>
+<P>New default:
<PRE>
Default: on
(Old default: off)
</PRE>
</P>
-<DT><B>delay_class</B><DD><P>New delay classes:
+<DT><B>delay_class</B><DD>
+<P>New delay classes:
<PRE>
class 4 Everything in a class 3 delay pool, with an
additional limit on a per user basis. This
</PRE>
</P>
-<DT><B>htcp_port</B><DD><P>New default to require the feature to be enabled in squid.conf:
+<DT><B>htcp_port</B><DD>
+<P>New default to require the feature to be enabled in squid.conf:
<PRE>
Default: 0 (disabled)
(Old default: 4827)
</PRE>
</P>
-<DT><B>icp_port</B><DD><P>New default to require the feature to be enabled in squid.conf:
+<DT><B>icp_port</B><DD>
+<P>New default to require the feature to be enabled in squid.conf:
<PRE>
Default: 0 (disabled)
(Old default: 3130)
</PRE>
</P>
-<DT><B>snmp_port</B><DD><P>New default to require the feature to be enabled in squid.conf:
+<DT><B>snmp_port</B><DD>
+<P>New default to require the feature to be enabled in squid.conf:
<PRE>
Default: 0 (disabled)
(Old default: 3401)
</PRE>
</P>
-<DT><B>logformat</B><DD><P>New format tags:
+<DT><B>logformat</B><DD>
+<P>New format tags:
<PRE>
rp Request URL-Path excluding hostname
</PRE>
</P>
-<DT><B>reply_body_max_size</B><DD><P>Syntax changed:
+<DT><B>reply_body_max_size</B><DD>
+<P>Syntax changed:
<PRE>
reply_body_max_size size [acl acl...]
</P>
<P>allow/deny no longer used.</P>
-<DT><B>url_rewrite_program</B><DD><P>No urlgroup support in either requests or responese</P>
+<DT><B>url_rewrite_program</B><DD>
+<P>No urlgroup support in either requests or responese</P>
</DL>
</P>
<P>
<DL>
-<DT><B>broken_vary_encoding</B><DD><P>Not yet ported to Squid-3.</P>
-<DT><B>cache_vary</B><DD><P>Not yet ported to Squid-3.</P>
-<DT><B>collapsed_forwarding</B><DD><P>Not yet ported to Squid-3.</P>
-<DT><B>follow_x_forwarded_for</B><DD><P>Not yet ported to Squid-3.</P>
-<DT><B>*_uses_indirect_client</B><DD><P>Not yet ported to Squid-3.</P>
-<DT><B>error_map</B><DD><P>Not yet ported to Squid-3.</P>
-<DT><B>header_access</B><DD><P>This has been replaced by request_header_access and reply_header_access</P>
-<DT><B>http_access2</B><DD><P>Not yet ported to Squid-3.</P>
-<DT><B>httpd_accel_no_pmtu_disc</B><DD><P>Replaced by disable-pmtu-discovery http_port option</P>
-<DT><B>location_rewrite_*</B><DD><P>Not yet ported to Squid-3.</P>
-<DT><B>refresh_stale_hit</B><DD><P>Not yet ported to Squid-3.</P>
-<DT><B>umask</B><DD><P>Not yet ported to Squid-3.</P>
-<DT><B>wais_relay_*</B><DD><P>equivalent to cache_peer + cache_peer_access.</P>
+<DT><B>broken_vary_encoding</B><DD>
+<P>Not yet ported to Squid-3.</P>
+<DT><B>cache_vary</B><DD>
+<P>Not yet ported to Squid-3.</P>
+<DT><B>collapsed_forwarding</B><DD>
+<P>Not yet ported to Squid-3.</P>
+<DT><B>follow_x_forwarded_for</B><DD>
+<P>Not yet ported to Squid-3.</P>
+<DT><B>*_uses_indirect_client</B><DD>
+<P>Not yet ported to Squid-3.</P>
+<DT><B>error_map</B><DD>
+<P>Not yet ported to Squid-3.</P>
+<DT><B>header_access</B><DD>
+<P>This has been replaced by request_header_access and reply_header_access</P>
+<DT><B>http_access2</B><DD>
+<P>Not yet ported to Squid-3.</P>
+<DT><B>httpd_accel_no_pmtu_disc</B><DD>
+<P>Replaced by disable-pmtu-discovery http_port option</P>
+<DT><B>location_rewrite_*</B><DD>
+<P>Not yet ported to Squid-3.</P>
+<DT><B>refresh_stale_hit</B><DD>
+<P>Not yet ported to Squid-3.</P>
+<DT><B>umask</B><DD>
+<P>Not yet ported to Squid-3.</P>
+<DT><B>wais_relay_*</B><DD>
+<P>equivalent to cache_peer + cache_peer_access.</P>
+</DL>
+</P>
+
+
+<H2><A NAME="ss4.5">4.5 Changes to ./configure Options</A>
+</H2>
+
+<P>There have been some changes to Squid's build configuration since Squid-2.6.</P>
+<P>This section gives an account of those changes in three categories:</P>
+<P>
+<UL>
+<LI>
+<A HREF="#newoptions">New options</A></LI>
+<LI>
+<A HREF="#modifiedoptions">Changes to existing options</A></LI>
+<LI>
+<A HREF="#removedoptions">Removed options</A></LI>
+</UL>
+</P>
+
+
+
+<H3><A NAME="newoptions"></A> New options</H3>
+
+<P>
+<DL>
+<DT><B>--enable-shared[=PKGS]</B><DD>
+<P>Build shared libraries. The default is to build without.</P>
+
+<DT><B>--enable-static[=PKGS]</B><DD>
+<P>Build static libraries. The default is on.</P>
+
+<DT><B>--enable-fast-install[=PKGS]</B><DD>
+<P>
+<PRE>
+Optimize for fast installation
+ default: yes
+</PRE>
+</P>
+
+<DT><B>--disable-libtool-lock</B><DD>
+<P>Avoid locking (might break parallel builds)</P>
+
+<DT><B>--disable-optimizations</B><DD>
+<P>Don't compile Squid with compiler optimizations enabled.
+Optimization is good for production builds, but not
+good for debugging. During development, use
+--disable-optimizations to reduce compilation times
+and allow easier debugging. This option implicitly
+also enables --disable-inline</P>
+
+<DT><B>--disable-inline</B><DD>
+<P>Don't compile trivial methods as inline. Squid
+is coded with much of the code able to be inlined.
+Inlining is good for production builds, but not
+good for development. During development, use
+--disable-inline to reduce compilation times and
+allow incremental builds to be quick. For
+production builds, or load tests, use
+--enable-inline to have squid make all trivial
+methods inlinable by the compiler.</P>
+
+<DT><B>--enable-debug-cbdata</B><DD>
+<P>Provide some debug information in cbdata</P>
+
+<DT><B>--enable-disk-io=\"list of modules\"</B><DD>
+<P>Build support for the list of disk I/O modules.
+The default is only to build the "Blocking" module.
+See src/DiskIO for a list of available modules, or
+Programmers Guide for details on how to build your
+custom disk module.</P>
+
+<DT><B>--enable-esi</B><DD>
+<P>Enable ESI for accelerators. Requires libexpat.
+Enabling ESI will cause squid to follow the Edge
+Acceleration Specification (www.esi.org). This
+causes squid to IGNORE client Cache-Control headers.</P>
+<P><EM>DO NOT</EM> use this in a squid configured as a web
+proxy, ONLY use it in a squid configured for
+webserver acceleration.</P>
+
+<DT><B>--enable-icap-client</B><DD>
+<P>Enable the ICAP client.</P>
+
+<DT><B>--disable-snmp</B><DD>
+<P>Disable SNMP monitoring support which is now built by default.</P>
+
+<DT><B>--disable-htcp</B><DD>
+<P>Disable HTCP protocol support which is now built by default.</P>
+
+<DT><B>--enable-kqueue</B><DD>
+<P>Enable kqueue() support. Marked as experimental in 3.0.</P>
+
+<DT><B>--enable-ipfw-transparent</B><DD>
+<P>Enable Transparent Proxy support for systems
+using FreeBSD IPFW style redirection.</P>
+
+<DT><B>--disable-mempools</B><DD>
+<P>Disable memPools. Note that this option now simply sets the
+default behaviour. Specific classes can override this at runtime, and
+only lib/MemPool.c needs to be altered to change the squid-wide
+default for all classes.</P>
+
+<DT><B>--enable-cpu-profiling</B><DD>
+<P>This option allows you to see which internal functions
+in Squid are consuming how much CPU. Compiles in probes
+that measure time spent in probed functions. Needs
+source modifications to add new probes. This is meant
+for developers to assist in performance optimisations
+of Squid internal functions.</P>
+<P>If you are not developer and not interested in the stats
+you shouldn't enable this, as overhead added, although
+small, is still overhead. See lib/Profiler.c for more.</P>
+
+<DT><B>--with-gnu-ld</B><DD>
+<P>Assume the C compiler uses GNU ld. The default is to auto-detect.</P>
+
+<DT><B>--with-pic</B><DD>
+<P>Try to use only PIC/non-PIC objects. The default is to use both.</P>
+
+<DT><B>--with-tags[=TAGS]</B><DD>
+<P>Include additional configurations. The default is automatic.</P>
+
+<DT><B>--with-default-user=USER</B><DD>
+<P>Sets the default System User account for squid permissions.
+The default is 'nobody' as in other releases of squid.</P>
+
+<DT><B>--with-cppunit-basedir=[PATH]</B><DD>
+<P>Path where the cppunit headers and libraries are found
+for unit testing. The default is automatic detection.</P>
+<P>NOTE: Since 3.0-PRE6 and 2.6STABLE14 squid no longer comes
+bundled with CPPUnit. Compile-time validation will be disabled
+if it is not installed on your system.</P>
+
</DL>
</P>
+<H3><A NAME="modifiedoptions"></A> Changes to existing options</H3>
+
+<P>
+<DL>
+<DT><B>--enable-carp</B><DD>
+<P>CARP support is now built by default.
+--disable-carp can be used to buidl without it.</P>
+
+<DT><B>--enable-htcp</B><DD>
+<P>HTCP protocol support is now built by default.
+Use --disable-htcp to build without it.</P>
+
+<DT><B>--enable-snmp</B><DD>
+<P>SNMP monitoring is now build by default.
+Use --disable-snmp to build without it.</P>
+
+<DT><B>--with-valgrind-debug</B><DD>
+<P>Name changed to --with-valgrind</P>
+
+<DT><B>--enable-heap-replacement</B><DD>
+<P>Please use --enable-removal-policies directive instead.</P>
+
+<DT><B>--with-maxfd=N</B><DD>
+<P>Replaced by --with-filedescriptors=N</P>
+<P>Override maximum number of filedescriptors. Useful
+if you build as another user who is not privileged
+to use the number of filedescriptors you want the
+resulting binary to support</P>
+
+<DT><B>--enable-select</B><DD>
+<P>Deprecated.
+Automatic checks will enable best I/O loop method available.</P>
+<DT><B>--enable-select-simple</B><DD>
+<P>Deprecated.
+Automatic checks will enable best I/O loop method available.</P>
+<DT><B>--enable-epoll</B><DD>
+<P>Deprecated.
+Automatic checks will enable best I/O loop method available.</P>
+
+<DT><B>--enable-poll</B><DD>
+<P>Deprecated.
+Automatic checks will enable best I/O loop method available.</P>
+
+<DT><B>--enable-kqueue</B><DD>
+<P>Deprecated.
+Automatic checks will enable best I/O loop method available.</P>
+
+<DT><B>--enable-kqueue</B><DD>
+<P>kqueue support is marked Experimental in Squid 3.0
+Automatic configuration checks may enable if it is found as the best method on your OS.</P>
+
+<DT><B>--with-large-files</B><DD>
+<P>Marked as Still Experimental in Squid 3.0</P>
+
+</DL>
+</P>
+<H3><A NAME="removedoptions"></A> Removed options</H3>
+
+<P>
+<DL>
+<P>
+<UL>
+<LI>--enable-dlmalloc</LI>
+<LI>--enable-mempool-debug</LI>
+<LI>--enable-forward-log</LI>
+<LI>--enable-multicast-miss</LI>
+<LI>--enable-coss-aio-ops</LI>
+<LI>--enable-devpoll</LI>
+<LI>--enable-large-cache-files (now built-in)</LI>
+<LI>--enable-truncate</LI>
+<LI>--enable-follow-x-forwarded-for</LI>
+</UL>
+</P>
+
+</DL>
+</P>
</BODY>
</HTML>
-<!doctype linuxdoc system>
-<article>
-<title>Squid 3.0.PRE7 release notes</title>
-<author>Squid Developers</author>
-<date>$Id: release-3.0.sgml,v 1.25 2007/09/03 03:11:44 hno Exp $</date>
-
-<abstract>
-This document contains the release notes for version 3.0 of Squid.
-Squid is a WWW Cache application developed by the National Laboratory
-for Applied Network Research and members of the Web Caching community.
-</abstract>
-
-<toc>
-
-<sect>Notice
-<p>
-The Squid Team are pleased to announce the release of Squid-3.0.PRE7 for pre-release testing.
-
-This new release is available for download from <url url="http://www.squid-cache.org/Versions/v3/3.0/"> or the <url url="http://www.squid-cache.org/Mirrors/http-mirrors.html" name="mirrors">.
-
-A large number of the show-stopper bugs have been fixed along with general improvements to the ICAP support.
-While this release is not deemed ready for production use, we believe it is ready for wider testing by the community.
-
-We welcome feedback and bug reports. If you find a bug, please see <url url="http://wiki.squid-cache.org/SquidFaq/TroubleShooting#head-7067fc0034ce967e67911becaabb8c95a34d576d"> for how to submit a report with a stack trace.
-
-<sect>Known issues
-<p>
-Although this release is deemed good enough for testing in many setups, please note the existence of <url url="http://www.squid-cache.org/bugs/buglist.cgi?query_format=advanced&short_desc_type=allwordssubstr&short_desc=&target_milestone=3.0&long_desc_type=allwordssubstr&long_desc=&bug_file_loc_type=allwordssubstr&bug_file_loc=&status_whiteboard_type=allwordssubstr&status_whiteboard=&bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&emailtype1=substring&email1=&emailtype2=substring&email2=&bugidtype=include&bug_id=&votes=&chfieldfrom=&chfieldto=Now&chfieldvalue=&cmdtype=doit&order=bugs.bug_severity&field0-0-0=noop&type0-0-0=noop&value0-0-0=" name="open bugs against Squid-3.0">.
-
-<sect>Changes since earlier PRE releases of Squid-3.0
-<p>
-The 3.0 change history can be <url url="http://www.squid-cache.org/Versions/v3/3.0/changesets/" name="viewed here">.
-
-<sect>Changes since Squid-2.6
-
-<sect1>Major new features
-<p>
-Squid 3.0 represents a major rewrite of Squid and has a number of new features.
-
-The most important of these are:
-
-<itemize>
- <item>Edge Side Includes (ESI) implementation (www.esi.org)
- <item>ICAP implementation (www.i-cap.org)
- <item>Internal client streams concept enabling the implementations of ESI and ICAP.
- <item>Code converted to C++, with significant internal restructuring and rewrites.
-</itemize>
-
-Most user-facing changes are reflected in squid.conf (see below).
-
-<sect2>Internet Content Adaptation Protocol (ICAP)
-
-<p>TO BE WRITTEN
-
-<p>More information about ICAP can be found from the ICAP-forum website <url url="http://www.icap-forum.org">
-
-<sect2>Edge Side Includes (ESI)
-
-<p>ESI is an open specification of an markup language enabling reverse proxies
-to perform some simple XML based processing, offloading the final page assembly from the webserver and similar tasks.
-
-<p>More information about ESI can be found from the ESI website <url url="http://www.esi.org">
-
-<sect1>2.6 features not found in Squid-3.0
-<p>
-Some of the features found in Squid-2.6 is not available in Squid-3.
-Some has been dropped as they are not needed. Some has not yet been forward-ported to Squid-3 and may appear in a later release.
-
-<itemize>
- <item>refresh_stale_hit option. Not yet ported.
- <item>ability to follow X-Forwarded-For. Not yet ported.
- <item>Full caching of Vary/ETag using If-None-Match. Only basic Vary cache supported. Not yet ported.
- <item>Mapping of server error messages. Not yet ported.
- <item>http_access2 access directive. Not yet ported.
- <item>Location header rewrites. Not yet ported.
- <item>umask directive. Not yet ported.
- <item>wais_relay. Feature dropped as it's equivalent to cache_peer + cache_peer_access.
- <item>urlgroup. Not yet ported.
- <item>collapsed forwarding. Not yet ported.
-</itemize>
-
-<sect1>Logging changes
-<sect2>access.log
-<p>The TCP_REFRESH_HIT and TCP_REFRESH_MISS log types have been replaced because they were misleading (all refreshes need to query the origin server, so they could never be hits). The following log types have been introduced to replace them:
-
-<descrip>
- <tag>TCP_REFRESH_UNMODIFIED</tag>
- <p>The requested object was cached but STALE. The IMS query for the object resulted in "304 not modified".
- <tag>TCP_REFRESH_MODIFIED</tag>
+<!doctype linuxdoc system>\r
+<article>\r
+<title>Squid 3.0.PRE7 release notes</title>\r
+<author>Squid Developers</author>\r
+<date>$Id: release-3.0.sgml,v 1.26 2007/09/03 05:33:26 amosjeffries Exp $</date>\r
+\r
+<abstract>\r
+This document contains the release notes for version 3.0 of Squid.\r
+Squid is a WWW Cache application developed by the National Laboratory\r
+for Applied Network Research and members of the Web Caching community.\r
+</abstract>\r
+\r
+<toc>\r
+\r
+<sect>Notice\r
+<p>\r
+The Squid Team are pleased to announce the release of Squid-3.0.PRE7 for pre-release testing.\r
+\r
+This new release is available for download from <url url="http://www.squid-cache.org/Versions/v3/3.0/"> or the <url url="http://www.squid-cache.org/Mirrors/http-mirrors.html" name="mirrors">.\r
+\r
+A large number of the show-stopper bugs have been fixed along with general improvements to the ICAP support.\r
+While this release is not deemed ready for production use, we believe it is ready for wider testing by the community.\r
+\r
+We welcome feedback and bug reports. If you find a bug, please see <url url="http://wiki.squid-cache.org/SquidFaq/TroubleShooting#head-7067fc0034ce967e67911becaabb8c95a34d576d"> for how to submit a report with a stack trace.\r
+\r
+<sect>Known issues\r
+<p>\r
+Although this release is deemed good enough for testing in many setups, please note the existence of <url url="http://www.squid-cache.org/bugs/buglist.cgi?query_format=advanced&short_desc_type=allwordssubstr&short_desc=&target_milestone=3.0&long_desc_type=allwordssubstr&long_desc=&bug_file_loc_type=allwordssubstr&bug_file_loc=&status_whiteboard_type=allwordssubstr&status_whiteboard=&bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&emailtype1=substring&email1=&emailtype2=substring&email2=&bugidtype=include&bug_id=&votes=&chfieldfrom=&chfieldto=Now&chfieldvalue=&cmdtype=doit&order=bugs.bug_severity&field0-0-0=noop&type0-0-0=noop&value0-0-0=" name="open bugs against Squid-3.0">.\r
+\r
+<sect>Changes since earlier PRE releases of Squid-3.0\r
+<p>\r
+The 3.0 change history can be <url url="http://www.squid-cache.org/Versions/v3/3.0/changesets/" name="viewed here">.\r
+\r
+<sect>Changes since Squid-2.6\r
+\r
+<sect1>Major new features\r
+<p>\r
+Squid 3.0 represents a major rewrite of Squid and has a number of new features.\r
+\r
+The most important of these are:\r
+\r
+<itemize>\r
+ <item>Edge Side Includes (ESI) implementation (www.esi.org)\r
+ <item>ICAP implementation (www.i-cap.org)\r
+ <item>Internal client streams concept enabling the implementations of ESI and ICAP.\r
+ <item>Code converted to C++, with significant internal restructuring and rewrites.\r
+</itemize>\r
+\r
+Most user-facing changes are reflected in squid.conf (see below).\r
+\r
+<sect2>Internet Content Adaptation Protocol (ICAP)\r
+\r
+<p>TO BE WRITTEN\r
+\r
+<p>More information about ICAP can be found from the ICAP-forum website <url url="http://www.icap-forum.org">\r
+\r
+<sect2>Edge Side Includes (ESI)\r
+\r
+<p>ESI is an open specification of an markup language enabling reverse proxies\r
+to perform some simple XML based processing, offloading the final page assembly from the webserver and similar tasks.\r
+\r
+<p>More information about ESI can be found from the ESI website <url url="http://www.esi.org">\r
+\r
+<sect1>2.6 features not found in Squid-3.0\r
+<p>\r
+Some of the features found in Squid-2.6 is not available in Squid-3.\r
+Some has been dropped as they are not needed. Some has not yet been forward-ported to Squid-3 and may appear in a later release.\r
+\r
+<itemize>\r
+ <item>refresh_stale_hit option. Not yet ported.\r
+ <item>ability to follow X-Forwarded-For. Not yet ported.\r
+ <item>Full caching of Vary/ETag using If-None-Match. Only basic Vary cache supported. Not yet ported.\r
+ <item>Mapping of server error messages. Not yet ported.\r
+ <item>http_access2 access directive. Not yet ported.\r
+ <item>Location header rewrites. Not yet ported.\r
+ <item>umask directive. Not yet ported.\r
+ <item>wais_relay. Feature dropped as it's equivalent to cache_peer + cache_peer_access.\r
+ <item>urlgroup. Not yet ported.\r
+ <item>collapsed forwarding. Not yet ported.\r
+</itemize>\r
+\r
+<sect1>Logging changes\r
+<sect2>access.log\r
+<p>The TCP_REFRESH_HIT and TCP_REFRESH_MISS log types have been replaced because they were misleading (all refreshes need to query the origin server, so they could never be hits). The following log types have been introduced to replace them:\r
+\r
+<descrip>\r
+ <tag>TCP_REFRESH_UNMODIFIED</tag>\r
+ <p>The requested object was cached but STALE. The IMS query for the object resulted in "304 not modified".\r
+ <tag>TCP_REFRESH_MODIFIED</tag>\r
<p>The requested object was cached but STALE. The IMS query returned the new content.\r
-</descrip>
-<p>See <url url="http://www.squid-cache.org/Doc/FAQ/FAQ-6.html#ss6.7"> for a definition of all log types.
-
-
-
-
-<sect1>Changes to squid.conf
-<p>
-There have been many changes to Squid's configuration file since Squid-2.6.
-
-This section gives a thorough account of those changes in three categories:
-
-<itemize>
- <item><ref id="newtags" name="New tags">
- <item><ref id="modifiedtags" name="Changes to existing tags">
- <item><ref id="removedtags" name="Removed tags">
-</itemize>
-
-<p>
-
-
-
-<sect2>New tags<label id="newtags">
-
-<p>
-<descrip>
- <tag>minimum_icp_query_timeout (msec)</tag>
- <verb>
-Default: 5
-
-Normally the ICP query timeout is determined dynamically. But
-sometimes it can lead to very small timeouts, even lower than
-the normal latency variance on your link due to traffic.
-Use this option to put an lower limit on the dynamic timeout
-value. Do NOT use this option to always use a fixed (instead
-of a dynamic) timeout value. To set a fixed timeout see the
-'icp_query_timeout' directive.
- </verb>
- <tag>background_ping_rate</tag>
- <verb>
-Default: 10 seconds
-
-Controls how often the ICP pings are sent to siblings that
-have background-ping set.
- </verb>
-
- <tag>httpd_accel_surrogate_id</tag>
- <verb>
-Default: unset
-
-Surrogates (http://www.esi.org/architecture_spec_1.0.html)
-need an identification token to allow control targeting. Because
-a farm of surrogates may all perform the same tasks, they may share
-an identification token.
- </verb>
-
- <tag>http_accel_surrogate_remote on|off</tag>
- <verb>
-Default: off
-
-Remote surrogates (such as those in a CDN) honour Surrogate-Control: no-store-remote.
-Set this to on to have squid behave as a remote surrogate.
- </verb>
-
- <tag>esi_parser libxml2|expat|custom</tag>
- <verb>
-Default: custom
-
-ESI markup is not strictly XML compatible. The custom ESI parser
-will give higher performance, but cannot handle non ASCII character
-encodings.
- </verb>
-
- <tag>email_err_data on|off</tag>
- <verb>
-Default: on
-
-If enabled, information about the occurred error will be
-included in the mailto links of the ERR pages (if %W is set)
-so that the email body contains the data.
-Syntax is <A HREF="mailto:%w%W">%w</A>
- </verb>
-
- <tag>refresh_all_ims on|off</tag>
- <verb>
-Default: off
-
-When you enable this option, squid will always check
-the origin server for an update when a client sends an
-If-Modified-Since request. Many browsers use IMS
-requests when the user requests a reload, and this
-ensures those clients receive the latest version.
-
-By default (off), squid may return a Not Modified response
-based on the age of the cached version.
- </verb>
- <tag>request_header_access</tag>
- <p>Replaces the header_access directive of Squid-2.6 and earlier, but applies to requests only.
- <tag>reply_header_access</tag>
- <p>Replaces the header_access directive of Squid-2.6 and earlier, but applies to replies only.
-
- <tag>icap_enable on|off</tag>
- <verb>
-Default: off
-
-If you want to enable the ICAP module support, set this to on.
- </verb>
- <tag>icap_preview_enable on|off</tag>
- <verb>
-Default: off
-
-Set this to 'on' if you want to enable the ICAP preview
-feature in Squid.
- </verb>
- <tag>icap_preview_size</tag>
- <verb>
-Default: -1
-
-The default size of preview data to be sent to the ICAP server.
--1 means no preview. This value might be overwritten on a per server
-basis by OPTIONS requests.
- </verb>
- <tag>icap_default_options_ttl (seconds)</tag>
- <verb>
-Default: 60
-
-The default TTL value for ICAP OPTIONS responses that don't have
-an Options-TTL header.
- </verb>
- <tag>icap_persistent_connections on|off</tag>
- <verb>
-Default: on
-
-Whether or not Squid should use persistent connections to
-an ICAP server.
- </verb>
- <tag>icap_send_client_ip on|off</tag>
- <verb>
-Default: off
-
-This adds the header "X-Client-IP" to ICAP requests.
- </verb>
- <tag>icap_send_client_username on|off</tag>
- <verb>
-Default: off
-
-This adds the header "X-Client-Username" to ICAP requests
-if proxy access is authentified.
- </verb>
- <tag>icap_service</tag>
- <verb>
-Default: none
-
-Defines a single ICAP service
-
-icap_service servicename vectoring_point bypass service_url
-
-vectoring_point = reqmod_precache|reqmod_postcache|respmod_precache|respmod_postcache
-This specifies at which point of request processing the ICAP
-service should be plugged in.
-bypass = 1|0
-If set to 1 and the ICAP server cannot be reached, the request will go
-through without being processed by an ICAP server
-service_url = icap://servername:port/service
-
-Note: reqmod_precache and respmod_postcache is not yet implemented
-
-Example:
-icap_service service_1 reqmod_precache 0 icap://icap1.mydomain.net:1344/reqmod
-icap_service service_2 respmod_precache 0 icap://icap2.mydomain.net:1344/respmod
- </verb>
- <tag>icap_class</tag>
- <verb>
-Default: none
-
-Defines an ICAP service chain. If there are multiple services per
-vectoring point, they are processed in the specified order.
-
-icap_class classname servicename...
-
-Example:
-icap_class class_1 service_1 service_2
-icap class class_2 service_1 service_3
- </verb>
- <tag>icap_access</tag>
- <verb>
-Default: none
-
-Redirects a request through an ICAP service class, depending
-on given acls
-
-icap_access classname allow|deny [!]aclname...
-
-The icap_access statements are processed in the order they appear in
-this configuration file. If an access list matches, the processing stops.
-For an "allow" rule, the specified class is used for the request. A "deny"
-rule simply stops processing without using the class. You can also use the
-special classname "None".
-
-For backward compatibility, it is also possible to use services
-directly here.
-
-Example:
-icap_access class_1 allow all
- </verb>
-
- <tag>accept_filter</tag>
- <verb>
-The name of an accept(2) filter to install on Squid's
-listen socket(s). This feature is perhaps specific to
-FreeBSD and requires support in the kernel.
-
-The 'httpready' filter delays delivering new connections
-to Squid until a full HTTP request has been received.
-See the accf_http(9) man page.
- </verb>
-</descrip>
-
-
-<sect2>Changes to existing tags<label id="modifiedtags">
-<p>
-<descrip>
- <tag>http_port</tag>
- <p>New options:
- <verb>
- disable-pmtu-discovery=
- Control Path-MTU discovery usage:
- off lets OS decide on what to do (default).
- transparent disable PMTU discovery when transparent support is enabled.
- always disable always PMTU discovery.
-
- In many setups of transparently intercepting proxies Path-MTU
- discovery can not work on traffic towards the clients. This is
- the case when the intercepting device does not fully track
- connections and fails to forward ICMP must fragment messages
- to the cache server. If you have such setup and experience that
- certain clients sporadically hang or never complete requests set
- disable-pmtu-discovery option to 'transparent'.
- </verb>
- <p>Removed options:
- <verb>
- urlgroup=, not yet ported to Squid-3.
-
- no-connection-auth, not yet ported to Squid-3.
- </verb>
- <tag> https_port</tag>
- <p>Removed options:
- <verb>
- urlgroup=, not yet ported to Squid-3.
- </verb>
- <tag>cache_peer</tag>
- <p>New options:
- <verb>
- basetime=n
-
- background-ping
-
- weighted-round-robin
-
- use 'basetime=n' to specify a base amount to
- be subtracted from round trip times of parents.
- It is subtracted before division by weight in calculating
- which parent to fectch from. If the rtt is less than the
- base time the rtt is set to a minimal value.
-
- use 'background-ping' to only send ICP queries to this
- neighbor infrequently. This is used to keep the neighbor
- round trip time updated and is usually used in
- conjunction with weighted-round-robin.
-
- use 'weighted-round-robin' to define a set of parents
- which should be used in a round-robin fashion with the
- frequency of each parent being based on the round trip
- time. Closer parents are used more often.
- Usually used for background-ping parents.
-
- </verb>
- <p>Removed options:
- <verb>
- userhash, not yet ported to Squid-3
-
- sourcehash, not yet ported to Squid-2
-
- monitorurl, monitorsize etc, not yet ported to Squid-3
-
- connection-auth=, not yet ported to Squid-3
- </verb>
- <tag>cache_dir</tag>
- <p>Common options
- <verb>
- no-store, replaces the older read-only option
-
- min-size, not yet portedto Squid-3
- </verb>
- <p>COSS file system:
- <verb>
- The coss file store is experimental, and still lacks much
- of the functionality found in 2.6.
-
- overwrite-percent=n, not yet ported to Squid-3.
-
- max-stripe-waste=n, not yet ported to Squid-3.
-
- membufs=n, not yet ported to Squid-3.
-
- maxfullbufs=n, not yet ported to Squid-3.
- </verb>
- <tag>auth_param</tag>
- <p>Removed Basic auth option
- <verb>
- blankpasswor, not yet ported to squid-3.
- auth_param basic concurrency 0
- </verb>
- <p>Removed digest options:
- <verb>
- concurrency, not yet ported to Squid-3.
- </verb>
-
- <tag>external_acl_type</tag>
- <p>New format specifications:
- <verb>
- %URI Requested URI
-
- %PATH Requested URL path
- </verb>
- <P>Removed format specifications:
- <verb>
- %ACL, not yet ported to Squid-3
-
- %DATA, not yet ported to Squid-3
- </verb>
- <p>New result keywords:
- <verb>
- tag= Apply a tag to a request (for both ERR and OK results)
- Only sets a tag, does not alter existing tags.
- </verb>
-
- <tag>refresh_pattern</tag>
- <p>New options:
- <verb>
- ignore-no-store
- refresh-ims
-
- ignore-no-store ignores any ``Cache-control: no-store''
- headers received from a server. Doing this VIOLATES
- the HTTP standard. Enabling this feature could make you
- liable for problems which it causes.
-
- refresh-ims causes squid to contact the origin server
- when a client issues an If-Modified-Since request. This
- ensures that the client will receive an updated version
- if one is available.
- </verb>
- <tag>acl</tag>
- <p>New types:
- <verb>
- acl aclname http_status 200 301 500- 400-403 ... # status code in reply
-
- </verb>
- <p>Removed types:
- <verb>
- acl aclname urllogin [-i] [^a-zA-Z0-9] ... # regex matching on URL login field
-
- acl urlgroup group1 ...
- # match against the urlgroup as indicated by redirectors
-
- </verb>
- <tag>short_icon_urls</tag>
- <p>New default:
- <verb>
- Default: on
- (Old default: off)
- </verb>
- <tag>delay_class</tag>
- <p>New delay classes:
- <verb>
- class 4 Everything in a class 3 delay pool, with an
- additional limit on a per user basis. This
- only takes effect if the username is established
- in advance - by forcing authentication in your
- http_access rules.
-
- class 5 Requests are grouped according their tag (see
- external_acl's tag= reply).
- </verb>
-
- <tag>htcp_port</tag>
- <p>New default to require the feature to be enabled in squid.conf:
- <verb>
- Default: 0 (disabled)
- (Old default: 4827)
- </verb>
-
- <tag>icp_port</tag>
- <p>New default to require the feature to be enabled in squid.conf:
- <verb>
- Default: 0 (disabled)
- (Old default: 3130)
- </verb>
-
- <tag>snmp_port</tag>
- <p>New default to require the feature to be enabled in squid.conf:
- <verb>
- Default: 0 (disabled)
- (Old default: 3401)
- </verb>
-
- <tag>logformat</tag>
- <p>New format tags:
- <verb>
- rp Request URL-Path excluding hostname
-
- et Tag returned by external acl
-
- <sH Reply high offset sent
-
- <sS Upstream object size
- </verb>
-
- <p>Removed format tags:
- <verb>
- >st Request size including HTTP headers, not yet ported to Squid-3.
-
- st Request+Reply size including HTTP headers, not yet ported to Squid-3.
- </verb>
-
- <tag>reply_body_max_size</tag>
- <p>Syntax changed:
- <verb>
- reply_body_max_size size [acl acl...]
- </verb>
- <p>allow/deny no longer used.
-
- <tag>url_rewrite_program</tag>
- <p>No urlgroup support in either requests or responese
-</descrip>
-
-
-
-
-<sect2>Removed tags<label id="removedtags">
-<p>
-<descrip>
- <tag>broken_vary_encoding</tag>
- <p>Not yet ported to Squid-3.
- <tag>cache_vary</tag>
- <p>Not yet ported to Squid-3.
- <tag>collapsed_forwarding</tag>
- <p>Not yet ported to Squid-3.
- <tag>follow_x_forwarded_for</tag>
- <p>Not yet ported to Squid-3.
- <tag>*_uses_indirect_client</tag>
- <p>Not yet ported to Squid-3.
- <tag>error_map</tag>
- <p>Not yet ported to Squid-3.
- <tag>header_access</tag>
- <p>This has been replaced by request_header_access and reply_header_access
- <tag>http_access2</tag>
- <p>Not yet ported to Squid-3.
- <tag>httpd_accel_no_pmtu_disc</tag>
- <p>Replaced by disable-pmtu-discovery http_port option
- <tag>location_rewrite_*</tag>
- <p>Not yet ported to Squid-3.
- <tag>refresh_stale_hit</tag>
- <p>Not yet ported to Squid-3.
- <tag>umask</tag>
- <p>Not yet ported to Squid-3.
- <tag>wais_relay_*</tag>
- <p>equivalent to cache_peer + cache_peer_access.
-</descrip>
-
-
-</article>
-
+</descrip>\r
+<p>See <url url="http://www.squid-cache.org/Doc/FAQ/FAQ-6.html#ss6.7"> for a definition of all log types.\r
+\r
+\r
+\r
+\r
+<sect1>Changes to squid.conf\r
+<p>\r
+There have been many changes to Squid's configuration file since Squid-2.6.\r
+\r
+This section gives a thorough account of those changes in three categories:\r
+\r
+<itemize>\r
+ <item><ref id="newtags" name="New tags">\r
+ <item><ref id="modifiedtags" name="Changes to existing tags">\r
+ <item><ref id="removedtags" name="Removed tags">\r
+</itemize>\r
+\r
+<p>\r
+\r
+\r
+\r
+<sect2>New tags<label id="newtags">\r
+\r
+<p>\r
+<descrip>\r
+ <tag>minimum_icp_query_timeout (msec)</tag>\r
+ <verb>\r
+Default: 5\r
+\r
+Normally the ICP query timeout is determined dynamically. But\r
+sometimes it can lead to very small timeouts, even lower than\r
+the normal latency variance on your link due to traffic.\r
+Use this option to put an lower limit on the dynamic timeout\r
+value. Do NOT use this option to always use a fixed (instead\r
+of a dynamic) timeout value. To set a fixed timeout see the\r
+'icp_query_timeout' directive.\r
+ </verb>\r
+ <tag>background_ping_rate</tag>\r
+ <verb>\r
+Default: 10 seconds\r
+\r
+Controls how often the ICP pings are sent to siblings that\r
+have background-ping set.\r
+ </verb>\r
+\r
+ <tag>httpd_accel_surrogate_id</tag>\r
+ <verb>\r
+Default: unset\r
+\r
+Surrogates (http://www.esi.org/architecture_spec_1.0.html)\r
+need an identification token to allow control targeting. Because\r
+a farm of surrogates may all perform the same tasks, they may share\r
+an identification token.\r
+ </verb>\r
+\r
+ <tag>http_accel_surrogate_remote on|off</tag>\r
+ <verb>\r
+Default: off\r
+\r
+Remote surrogates (such as those in a CDN) honour Surrogate-Control: no-store-remote.\r
+Set this to on to have squid behave as a remote surrogate.\r
+ </verb>\r
+\r
+ <tag>esi_parser libxml2|expat|custom</tag>\r
+ <verb>\r
+Default: custom\r
+\r
+ESI markup is not strictly XML compatible. The custom ESI parser\r
+will give higher performance, but cannot handle non ASCII character\r
+encodings.\r
+ </verb>\r
+\r
+ <tag>email_err_data on|off</tag>\r
+ <verb>\r
+Default: on\r
+\r
+If enabled, information about the occurred error will be\r
+included in the mailto links of the ERR pages (if %W is set)\r
+so that the email body contains the data.\r
+Syntax is <A HREF="mailto:%w%W">%w</A>\r
+ </verb>\r
+\r
+ <tag>refresh_all_ims on|off</tag>\r
+ <verb>\r
+Default: off\r
+\r
+When you enable this option, squid will always check\r
+the origin server for an update when a client sends an\r
+If-Modified-Since request. Many browsers use IMS\r
+requests when the user requests a reload, and this\r
+ensures those clients receive the latest version.\r
+\r
+By default (off), squid may return a Not Modified response\r
+based on the age of the cached version.\r
+ </verb>\r
+ <tag>request_header_access</tag>\r
+ <p>Replaces the header_access directive of Squid-2.6 and earlier, but applies to requests only.\r
+ <tag>reply_header_access</tag>\r
+ <p>Replaces the header_access directive of Squid-2.6 and earlier, but applies to replies only.\r
+\r
+ <tag>icap_enable on|off</tag>\r
+ <verb>\r
+Default: off\r
+\r
+If you want to enable the ICAP module support, set this to on.\r
+ </verb>\r
+ <tag>icap_preview_enable on|off</tag>\r
+ <verb>\r
+Default: off\r
+\r
+Set this to 'on' if you want to enable the ICAP preview\r
+feature in Squid.\r
+ </verb>\r
+ <tag>icap_preview_size</tag>\r
+ <verb>\r
+Default: -1\r
+\r
+The default size of preview data to be sent to the ICAP server.\r
+-1 means no preview. This value might be overwritten on a per server\r
+basis by OPTIONS requests.\r
+ </verb>\r
+ <tag>icap_default_options_ttl (seconds)</tag>\r
+ <verb>\r
+Default: 60\r
+\r
+The default TTL value for ICAP OPTIONS responses that don't have\r
+an Options-TTL header.\r
+ </verb>\r
+ <tag>icap_persistent_connections on|off</tag>\r
+ <verb>\r
+Default: on\r
+\r
+Whether or not Squid should use persistent connections to\r
+an ICAP server.\r
+ </verb>\r
+ <tag>icap_send_client_ip on|off</tag>\r
+ <verb>\r
+Default: off\r
+\r
+This adds the header "X-Client-IP" to ICAP requests.\r
+ </verb>\r
+ <tag>icap_send_client_username on|off</tag>\r
+ <verb>\r
+Default: off\r
+\r
+This adds the header "X-Client-Username" to ICAP requests\r
+if proxy access is authentified.\r
+ </verb>\r
+ <tag>icap_service</tag>\r
+ <verb>\r
+Default: none\r
+\r
+Defines a single ICAP service\r
+\r
+icap_service servicename vectoring_point bypass service_url\r
+\r
+vectoring_point = reqmod_precache|reqmod_postcache|respmod_precache|respmod_postcache\r
+This specifies at which point of request processing the ICAP\r
+service should be plugged in.\r
+bypass = 1|0\r
+If set to 1 and the ICAP server cannot be reached, the request will go\r
+through without being processed by an ICAP server\r
+service_url = icap://servername:port/service\r
+\r
+Note: reqmod_precache and respmod_postcache is not yet implemented\r
+\r
+Example:\r
+icap_service service_1 reqmod_precache 0 icap://icap1.mydomain.net:1344/reqmod\r
+icap_service service_2 respmod_precache 0 icap://icap2.mydomain.net:1344/respmod\r
+ </verb>\r
+ <tag>icap_class</tag>\r
+ <verb>\r
+Default: none\r
+\r
+Defines an ICAP service chain. If there are multiple services per\r
+vectoring point, they are processed in the specified order.\r
+\r
+icap_class classname servicename...\r
+\r
+Example:\r
+icap_class class_1 service_1 service_2\r
+icap class class_2 service_1 service_3\r
+ </verb>\r
+ <tag>icap_access</tag>\r
+ <verb>\r
+Default: none\r
+\r
+Redirects a request through an ICAP service class, depending\r
+on given acls\r
+\r
+icap_access classname allow|deny [!]aclname...\r
+\r
+The icap_access statements are processed in the order they appear in\r
+this configuration file. If an access list matches, the processing stops.\r
+For an "allow" rule, the specified class is used for the request. A "deny"\r
+rule simply stops processing without using the class. You can also use the\r
+special classname "None".\r
+\r
+For backward compatibility, it is also possible to use services\r
+directly here.\r
+\r
+Example:\r
+icap_access class_1 allow all\r
+ </verb>\r
+\r
+ <tag>accept_filter</tag>\r
+ <verb>\r
+The name of an accept(2) filter to install on Squid's\r
+listen socket(s). This feature is perhaps specific to\r
+FreeBSD and requires support in the kernel.\r
+\r
+The 'httpready' filter delays delivering new connections\r
+to Squid until a full HTTP request has been received.\r
+See the accf_http(9) man page.\r
+ </verb>\r
+</descrip>\r
+\r
+\r
+<sect2>Changes to existing tags<label id="modifiedtags">\r
+<p>\r
+<descrip>\r
+ <tag>http_port</tag>\r
+ <p>New options:\r
+ <verb>\r
+ disable-pmtu-discovery=\r
+ Control Path-MTU discovery usage:\r
+ off lets OS decide on what to do (default).\r
+ transparent disable PMTU discovery when transparent support is enabled.\r
+ always disable always PMTU discovery.\r
+\r
+ In many setups of transparently intercepting proxies Path-MTU\r
+ discovery can not work on traffic towards the clients. This is\r
+ the case when the intercepting device does not fully track\r
+ connections and fails to forward ICMP must fragment messages\r
+ to the cache server. If you have such setup and experience that\r
+ certain clients sporadically hang or never complete requests set\r
+ disable-pmtu-discovery option to 'transparent'.\r
+ </verb>\r
+ <p>Removed options:\r
+ <verb>\r
+ urlgroup=, not yet ported to Squid-3.\r
+ \r
+ no-connection-auth, not yet ported to Squid-3.\r
+ </verb> \r
+ <tag> https_port</tag>\r
+ <p>Removed options:\r
+ <verb>\r
+ urlgroup=, not yet ported to Squid-3.\r
+ </verb>\r
+ <tag>cache_peer</tag>\r
+ <p>New options:\r
+ <verb>\r
+ basetime=n\r
+\r
+ background-ping\r
+\r
+ weighted-round-robin\r
+\r
+ use 'basetime=n' to specify a base amount to\r
+ be subtracted from round trip times of parents.\r
+ It is subtracted before division by weight in calculating\r
+ which parent to fectch from. If the rtt is less than the\r
+ base time the rtt is set to a minimal value.\r
+\r
+ use 'background-ping' to only send ICP queries to this\r
+ neighbor infrequently. This is used to keep the neighbor\r
+ round trip time updated and is usually used in\r
+ conjunction with weighted-round-robin.\r
+\r
+ use 'weighted-round-robin' to define a set of parents\r
+ which should be used in a round-robin fashion with the\r
+ frequency of each parent being based on the round trip\r
+ time. Closer parents are used more often.\r
+ Usually used for background-ping parents.\r
+\r
+ </verb>\r
+ <p>Removed options:\r
+ <verb>\r
+ userhash, not yet ported to Squid-3\r
+\r
+ sourcehash, not yet ported to Squid-2\r
+\r
+ monitorurl, monitorsize etc, not yet ported to Squid-3\r
+\r
+ connection-auth=, not yet ported to Squid-3\r
+ </verb>\r
+ <tag>cache_dir</tag>\r
+ <p>Common options\r
+ <verb>\r
+ no-store, replaces the older read-only option\r
+\r
+ min-size, not yet portedto Squid-3\r
+ </verb>\r
+ <p>COSS file system:\r
+ <verb>\r
+ The coss file store is experimental, and still lacks much\r
+ of the functionality found in 2.6.\r
+\r
+ overwrite-percent=n, not yet ported to Squid-3.\r
+\r
+ max-stripe-waste=n, not yet ported to Squid-3.\r
+\r
+ membufs=n, not yet ported to Squid-3.\r
+\r
+ maxfullbufs=n, not yet ported to Squid-3.\r
+ </verb>\r
+ <tag>auth_param</tag>\r
+ <p>Removed Basic auth option\r
+ <verb>\r
+ blankpasswor, not yet ported to squid-3.\r
+ auth_param basic concurrency 0\r
+ </verb>\r
+ <p>Removed digest options:\r
+ <verb>\r
+ concurrency, not yet ported to Squid-3.\r
+ </verb>\r
+\r
+ <tag>external_acl_type</tag>\r
+ <p>New format specifications:\r
+ <verb>\r
+ %URI Requested URI\r
+\r
+ %PATH Requested URL path\r
+ </verb>\r
+ <P>Removed format specifications:\r
+ <verb>\r
+ %ACL, not yet ported to Squid-3\r
+\r
+ %DATA, not yet ported to Squid-3\r
+ </verb>\r
+ <p>New result keywords:\r
+ <verb>\r
+ tag= Apply a tag to a request (for both ERR and OK results)\r
+ Only sets a tag, does not alter existing tags.\r
+ </verb>\r
+\r
+ <tag>refresh_pattern</tag>\r
+ <p>New options:\r
+ <verb>\r
+ ignore-no-store\r
+ refresh-ims\r
+\r
+ ignore-no-store ignores any ``Cache-control: no-store''\r
+ headers received from a server. Doing this VIOLATES\r
+ the HTTP standard. Enabling this feature could make you\r
+ liable for problems which it causes.\r
+\r
+ refresh-ims causes squid to contact the origin server\r
+ when a client issues an If-Modified-Since request. This\r
+ ensures that the client will receive an updated version\r
+ if one is available.\r
+ </verb>\r
+ <tag>acl</tag>\r
+ <p>New types:\r
+ <verb>\r
+ acl aclname http_status 200 301 500- 400-403 ... # status code in reply\r
+\r
+ </verb>\r
+ <p>Removed types:\r
+ <verb>\r
+ acl aclname urllogin [-i] [^a-zA-Z0-9] ... # regex matching on URL login field\r
+\r
+ acl urlgroup group1 ...\r
+ # match against the urlgroup as indicated by redirectors\r
+\r
+ </verb>\r
+ <tag>short_icon_urls</tag>\r
+ <p>New default:\r
+ <verb>\r
+ Default: on\r
+ (Old default: off)\r
+ </verb>\r
+ <tag>delay_class</tag>\r
+ <p>New delay classes:\r
+ <verb>\r
+ class 4 Everything in a class 3 delay pool, with an\r
+ additional limit on a per user basis. This\r
+ only takes effect if the username is established\r
+ in advance - by forcing authentication in your\r
+ http_access rules.\r
+\r
+ class 5 Requests are grouped according their tag (see\r
+ external_acl's tag= reply).\r
+ </verb>\r
+\r
+ <tag>htcp_port</tag>\r
+ <p>New default to require the feature to be enabled in squid.conf:\r
+ <verb>\r
+ Default: 0 (disabled)\r
+ (Old default: 4827)\r
+ </verb>\r
+\r
+ <tag>icp_port</tag>\r
+ <p>New default to require the feature to be enabled in squid.conf:\r
+ <verb>\r
+ Default: 0 (disabled)\r
+ (Old default: 3130)\r
+ </verb>\r
+\r
+ <tag>snmp_port</tag>\r
+ <p>New default to require the feature to be enabled in squid.conf:\r
+ <verb>\r
+ Default: 0 (disabled)\r
+ (Old default: 3401)\r
+ </verb>\r
+\r
+ <tag>logformat</tag>\r
+ <p>New format tags:\r
+ <verb>\r
+ rp Request URL-Path excluding hostname\r
+\r
+ et Tag returned by external acl\r
+\r
+ <sH Reply high offset sent\r
+\r
+ <sS Upstream object size\r
+ </verb>\r
+\r
+ <p>Removed format tags:\r
+ <verb>\r
+ >st Request size including HTTP headers, not yet ported to Squid-3.\r
+\r
+ st Request+Reply size including HTTP headers, not yet ported to Squid-3.\r
+ </verb>\r
+\r
+ <tag>reply_body_max_size</tag>\r
+ <p>Syntax changed:\r
+ <verb>\r
+ reply_body_max_size size [acl acl...]\r
+ </verb>\r
+ <p>allow/deny no longer used.\r
+\r
+ <tag>url_rewrite_program</tag>\r
+ <p>No urlgroup support in either requests or responese\r
+</descrip>\r
+\r
+\r
+\r
+\r
+<sect2>Removed tags<label id="removedtags">\r
+<p>\r
+<descrip>\r
+ <tag>broken_vary_encoding</tag>\r
+ <p>Not yet ported to Squid-3.\r
+ <tag>cache_vary</tag>\r
+ <p>Not yet ported to Squid-3.\r
+ <tag>collapsed_forwarding</tag>\r
+ <p>Not yet ported to Squid-3.\r
+ <tag>follow_x_forwarded_for</tag>\r
+ <p>Not yet ported to Squid-3.\r
+ <tag>*_uses_indirect_client</tag>\r
+ <p>Not yet ported to Squid-3.\r
+ <tag>error_map</tag>\r
+ <p>Not yet ported to Squid-3.\r
+ <tag>header_access</tag>\r
+ <p>This has been replaced by request_header_access and reply_header_access\r
+ <tag>http_access2</tag>\r
+ <p>Not yet ported to Squid-3.\r
+ <tag>httpd_accel_no_pmtu_disc</tag>\r
+ <p>Replaced by disable-pmtu-discovery http_port option\r
+ <tag>location_rewrite_*</tag>\r
+ <p>Not yet ported to Squid-3.\r
+ <tag>refresh_stale_hit</tag>\r
+ <p>Not yet ported to Squid-3.\r
+ <tag>umask</tag>\r
+ <p>Not yet ported to Squid-3.\r
+ <tag>wais_relay_*</tag>\r
+ <p>equivalent to cache_peer + cache_peer_access.\r
+</descrip>\r
+\r
+\r
+<sect1>Changes to ./configure Options\r
+<p>\r
+There have been some changes to Squid's build configuration since Squid-2.6.\r
+\r
+This section gives an account of those changes in three categories:\r
+\r
+<itemize>\r
+ <item><ref id="newoptions" name="New options">\r
+ <item><ref id="modifiedoptions" name="Changes to existing options">\r
+ <item><ref id="removedoptions" name="Removed options">\r
+</itemize>\r
+<p>\r
+\r
+\r
+<sect2>New options<label id="newoptions">\r
+\r
+<p>\r
+<descrip>\r
+ <tag>--enable-shared[=PKGS]</tag>\r
+ <p>Build shared libraries. The default is to build without.</p>\r
+\r
+ <tag>--enable-static[=PKGS]</tag>\r
+ <p>Build static libraries. The default is on.</p>\r
+\r
+ <tag>--enable-fast-install[=PKGS]</tag>\r
+ <verb>Optimize for fast installation\r
+ default: yes</verb>\r
+\r
+ <tag>--disable-libtool-lock</tag>\r
+ <p>Avoid locking (might break parallel builds)</p>\r
+\r
+ <tag>--disable-optimizations</tag>\r
+ <p>Don't compile Squid with compiler optimizations enabled.\r
+ Optimization is good for production builds, but not\r
+ good for debugging. During development, use\r
+ --disable-optimizations to reduce compilation times\r
+ and allow easier debugging. This option implicitly\r
+ also enables --disable-inline</p>\r
+\r
+ <tag>--disable-inline</tag>\r
+ <p>Don't compile trivial methods as inline. Squid\r
+ is coded with much of the code able to be inlined.\r
+ Inlining is good for production builds, but not\r
+ good for development. During development, use\r
+ --disable-inline to reduce compilation times and\r
+ allow incremental builds to be quick. For\r
+ production builds, or load tests, use\r
+ --enable-inline to have squid make all trivial\r
+ methods inlinable by the compiler.</p>\r
+\r
+ <tag>--enable-debug-cbdata</tag>\r
+ <p>Provide some debug information in cbdata</p>\r
+\r
+ <tag>--enable-disk-io=\"list of modules\"</tag>\r
+ <p>Build support for the list of disk I/O modules.\r
+ The default is only to build the "Blocking" module.\r
+ See src/DiskIO for a list of available modules, or\r
+ Programmers Guide for details on how to build your\r
+ custom disk module.</p>\r
+\r
+ <tag>--enable-esi</tag>\r
+ <p>Enable ESI for accelerators. Requires libexpat.\r
+ Enabling ESI will cause squid to follow the Edge\r
+ Acceleration Specification (www.esi.org). This\r
+ causes squid to IGNORE client Cache-Control headers.</p>\r
+ <p><em>DO NOT</em> use this in a squid configured as a web\r
+ proxy, ONLY use it in a squid configured for\r
+ webserver acceleration.</p>\r
+\r
+ <tag>--enable-icap-client</tag>\r
+ <p>Enable the ICAP client.</p>\r
+\r
+ <tag>--disable-snmp</tag>\r
+ <p>Disable SNMP monitoring support which is now built by default.</p>\r
+\r
+ <tag>--disable-htcp</tag>\r
+ <p>Disable HTCP protocol support which is now built by default.</p>\r
+\r
+ <tag>--enable-kqueue</tag>\r
+ <p>Enable kqueue() support. Marked as experimental in 3.0.</p>\r
+\r
+ <tag>--enable-ipfw-transparent</tag>\r
+ <p>Enable Transparent Proxy support for systems\r
+ using FreeBSD IPFW style redirection.</p>\r
+\r
+ <tag>--disable-mempools</tag>\r
+ <p>Disable memPools. Note that this option now simply sets the\r
+ default behaviour. Specific classes can override this at runtime, and\r
+ only lib/MemPool.c needs to be altered to change the squid-wide\r
+ default for all classes.</p>\r
+\r
+ <tag>--enable-cpu-profiling</tag>\r
+ <p>This option allows you to see which internal functions\r
+ in Squid are consuming how much CPU. Compiles in probes\r
+ that measure time spent in probed functions. Needs\r
+ source modifications to add new probes. This is meant\r
+ for developers to assist in performance optimisations\r
+ of Squid internal functions.</p>\r
+ <p>If you are not developer and not interested in the stats\r
+ you shouldn't enable this, as overhead added, although\r
+ small, is still overhead. See lib/Profiler.c for more.</p>\r
+\r
+ <tag>--with-gnu-ld</tag>\r
+ <p>Assume the C compiler uses GNU ld. The default is to auto-detect.</p>\r
+\r
+ <tag>--with-pic</tag>\r
+ <p>Try to use only PIC/non-PIC objects. The default is to use both.</p>\r
+\r
+ <tag>--with-tags[=TAGS]</tag>\r
+ <p>Include additional configurations. The default is automatic.</p>\r
+\r
+ <tag>--with-default-user=USER</tag>\r
+ <p>Sets the default System User account for squid permissions.\r
+ The default is 'nobody' as in other releases of squid.</p>\r
+\r
+ <tag>--with-cppunit-basedir=[PATH]</tag>\r
+ <p>Path where the cppunit headers and libraries are found\r
+ for unit testing. The default is automatic detection.</p>\r
+ <p>NOTE: Since 3.0-PRE6 and 2.6STABLE14 squid no longer comes\r
+ bundled with CPPUnit. Compile-time validation will be disabled\r
+ if it is not installed on your system.</p>\r
+\r
+</descrip>\r
+</p>\r
+\r
+<sect2>Changes to existing options<label id="modifiedoptions">\r
+\r
+<p>\r
+<descrip>\r
+ <tag>--enable-carp</tag>\r
+ <p>CARP support is now built by default.\r
+ --disable-carp can be used to buidl without it.</p>\r
+\r
+ <tag>--enable-htcp</tag>\r
+ <p>HTCP protocol support is now built by default.\r
+ Use --disable-htcp to build without it.</p>\r
+\r
+ <tag>--enable-snmp</tag>\r
+ <p>SNMP monitoring is now build by default.\r
+ Use --disable-snmp to build without it.</p>\r
+\r
+ <tag>--with-valgrind-debug</tag>\r
+ <p>Name changed to --with-valgrind</p>\r
+\r
+ <tag>--enable-heap-replacement</tag>\r
+ <p>Please use --enable-removal-policies directive instead.</p>\r
+\r
+ <tag>--with-maxfd=N</tag>\r
+ <p>Replaced by --with-filedescriptors=N</p>\r
+ <p>Override maximum number of filedescriptors. Useful\r
+ if you build as another user who is not privileged\r
+ to use the number of filedescriptors you want the\r
+ resulting binary to support</p>\r
+\r
+ <tag>--enable-select</tag>\r
+ <p>Deprecated.\r
+ Automatic checks will enable best I/O loop method available.</p>\r
+\r
+ <tag>--enable-select-simple</tag>\r
+ <p>Deprecated.\r
+ Automatic checks will enable best I/O loop method available.</p>\r
+\r
+ <tag>--enable-epoll</tag>\r
+ <p>Deprecated.\r
+ Automatic checks will enable best I/O loop method available.</p>\r
+\r
+ <tag>--enable-poll</tag>\r
+ <p>Deprecated.\r
+ Automatic checks will enable best I/O loop method available.</p>\r
+\r
+ <tag>--enable-kqueue</tag>\r
+ <p>Deprecated.\r
+ Automatic checks will enable best I/O loop method available.</p>\r
+\r
+ <tag>--enable-kqueue</tag>\r
+ <p>kqueue support is marked Experimental in Squid 3.0\r
+ Automatic configuration checks may enable if it is found as the best method on your OS.</p>\r
+\r
+ <tag>--with-large-files</tag>\r
+ <p>Marked as Still Experimental in Squid 3.0</p>\r
+\r
+</descrip>\r
+</p>\r
+\r
+\r
+<sect2>Removed options<label id="removedoptions">\r
+\r
+<p>\r
+<descrip>\r
+\r
+<itemize>\r
+ <item>--enable-dlmalloc\r
+ <item>--enable-mempool-debug\r
+ <item>--enable-forward-log\r
+ <item>--enable-multicast-miss\r
+ <item>--enable-coss-aio-ops\r
+ <item>--enable-devpoll\r
+ <item>--enable-large-cache-files (now built-in)\r
+ <item>--enable-truncate\r
+ <item>--enable-follow-x-forwarded-for\r
+</itemize>\r
+\r
+</descrip>\r
+</p>\r
+</sect2>\r
+\r
+</article>\r
projects / thirdparty / squid.git / commitdiff
