<!doctype linuxdoc system>
<article>
-<title>Squid 3.1.16 release notes</title>
+<title>Squid 3.1.17 release notes</title>
<author>Squid Developers</author>
<abstract>
<sect>Notice
<p>
-The Squid Team are pleased to announce the release of Squid-3.1.16
+The Squid Team are pleased to announce the release of Squid-3.1.17
This new release is available for download from <url url="http://www.squid-cache.org/Versions/v3/3.1/"> or the <url url="http://www.squid-cache.org/Mirrors/http-mirrors.html" name="mirrors">.
supported, there will be no need to buffer a chunked request.
</verb>
+ <tag>client_request_buffer_max_size</tag>
+ <p>New directive added with squid-3.1.10 to set limits on the amount of buffer space allocated
+ for receiving upload and request data from clients.
+
<tag>delay_pool_uses_indirect_client</tag>
<p>Whether to use any result found by follow_x_forwarded_for in delay_pool assignment.
Default: ON
direct client address in delay pools.
</verb>
- <tag>client_request_buffer_max_size</tag>
- <p>New directive added with squid-3.1.10 to set limits on the amount of buffer space allocated
- for receiving upload and request data from clients.
-
<tag>dns_v4_fallback</tag>
<p>New option to prevent Squid from always looking up IPv4 regardless of whether IPv6 addresses are found.
Squid will follow a policy of prefering IPv6 links, keeping the IPv4 only as a safety net behind IPv6.
<p>Controls how many different forward paths Squid will try
before giving up. Default: 10
- <tag>reply_header_replace</tag>
- <p>This option allows you to change the contents of reply headers.
- <verb>
- In Squid 2 header_replace (now deprecated) worked for both requests
- and replies, while in Squid 3 it only did respect request headers.
- This option brings back the functionality to replace the contents of
- reply headers. Consult the documentation for usage details.
- </verb>
-
- <tag>request_header_replace</tag>
- <p>This option allows you to change the contents of request headers.
- <verb>
- To be consistent with the naming changes of header_access in Squid 3
- (header_access has been split into two options request_header_access
- and reply_header_access), header_replace (now deprecated) is being
- replaced by request_header_replace.
- </verb>
-
<tag>icap_log</tag>
<p>New option to write ICAP log files record ICAP transaction summaries, one line per
transaction. Similar to access.log.
default is off when --enable-icmp is compiled in.
</verb>
+ <tag>qos_flows local-hit= sibling-hit= parent-hit=</tag>
+ <verb>
+ Allows you to select a TOS/DSCP value to mark outgoing
+ connections with, based on where the reply was sourced.
+
+ TOS values really only have local significance - so you should
+ know what you're specifying. For more information, see RFC2474,
+ RFC2475, and RFC3260.
+
+ The TOS/DSCP byte must be exactly that - octet value 0x00-0xFF.
+ Note that in practice often only values up to 0x3F are usable
+ as the two highest bits have been redefined for use by ECN
+ (RFC3168).
+
+ This setting is configured by setting the source TOS values:
+
+ local-hit=0xFF Value to mark local cache hits.
+
+ sibling-hit=0xFF Value to mark hits from sibling peers.
+
+ parent-hit=0xFF Value to mark hits from parent peers.
+
+
+ NOTE: 'miss' preserve feature is only possible on Linux at this time.
+
+ For the following to work correctly, you will need to patch your
+ linux kernel with the TOS preserving ZPH patch.
+ The kernel patch can be downloaded from http://zph.bratcheda.org
+
+ disable-preserve-miss
+ If set, any HTTP response towards clients will
+ have the TOS value of the response comming from the
+ remote server masked with the value of miss-mask.
+ miss-mask=0xFF
+ Allows you to mask certain bits in the TOS received from the
+ remote server, before copying the value to the TOS sent
+ towards clients.
+ Default: 0xFF (TOS from server is not changed).
+ </verb>
+
+ <tag>reply_header_replace</tag>
+ <p>This option allows you to change the contents of reply headers.
+ <verb>
+ In Squid 2 header_replace (now deprecated) worked for both requests
+ and replies, while in Squid 3 it only did respect request headers.
+ This option brings back the functionality to replace the contents of
+ reply headers. Consult the documentation for usage details.
+ </verb>
+
+ <tag>request_header_replace</tag>
+ <p>This option allows you to change the contents of request headers.
+ <verb>
+ To be consistent with the naming changes of header_access in Squid 3
+ (header_access has been split into two options request_header_access
+ and reply_header_access), header_replace (now deprecated) is being
+ replaced by request_header_replace.
+ </verb>
+
<tag>ssl_bump</tag>
<p>New Access control for which CONNECT requests to an http_port
marked with an ssl-bump flag are actually "bumped". Please
the connection may be insecure.
</verb>
- <tag>qos_flows local-hit= sibling-hit= parent-hit=</tag>
- <verb>
- Allows you to select a TOS/DSCP value to mark outgoing
- connections with, based on where the reply was sourced.
-
- TOS values really only have local significance - so you should
- know what you're specifying. For more information, see RFC2474,
- RFC2475, and RFC3260.
-
- The TOS/DSCP byte must be exactly that - octet value 0x00-0xFF.
- Note that in practice often only values up to 0x3F are usable
- as the two highest bits have been redefined for use by ECN
- (RFC3168).
-
- This setting is configured by setting the source TOS values:
-
- local-hit=0xFF Value to mark local cache hits.
-
- sibling-hit=0xFF Value to mark hits from sibling peers.
-
- parent-hit=0xFF Value to mark hits from parent peers.
-
-
- NOTE: 'miss' preserve feature is only possible on Linux at this time.
-
- For the following to work correctly, you will need to patch your
- linux kernel with the TOS preserving ZPH patch.
- The kernel patch can be downloaded from http://zph.bratcheda.org
-
- disable-preserve-miss
- If set, any HTTP response towards clients will
- have the TOS value of the response comming from the
- remote server masked with the value of miss-mask.
- miss-mask=0xFF
- Allows you to mask certain bits in the TOS received from the
- remote server, before copying the value to the TOS sent
- towards clients.
- Default: 0xFF (TOS from server is not changed).
- </verb>
-
</descrip>
<tag>cache_store_log</tag>
<p>Default changed to OFF. Matching long-standing developer recommendations.
+ <tag>debug_options rotate=</tag>
+ <p>New parameter rotate=N to control number of cache.log rotations independent of other logs.
+
+ <tag>deny_info</tag>
+ <p>Support 307 status for redirecting CONNECT tunnels with HTTPS traffic.
+
<tag>error_directory</tag>
<p>Now an optional entry in squid.conf. If present it will force all visitors to receive the error pages
contained in the directory it points at. If absent, error page localization will be given a chance.
on error pages if used.
</verb>
- <tag>debug_options rotate=</tag>
- <p>New parameter rotate=N to control number of cache.log rotations independent of other logs.
-
- <tag>deny_info</tag>
- <p>Support 307 status for redirecting CONNECT tunnels with HTTPS traffic.
-
<tag>external_acl_type</tag>
<p>New options 'ipv4' and 'ipv6' are added to set the IPv4/v6 protocol between Squid and its helpers.
Please be aware of some limits to these options. These options only affet the transport protocol used
%<{Hdr:;member} HTTP reply header list member using ; as
list separator. ; can be any non-alphanumeric
character.
+ %% The percent symbol
</verb>
<tag>forwarded_for</tag>
<p>The else part is optional. The keywords <em>if</em>, <em>else</em> and <em>endif</em>
must be typed on their own lines, as if they were regular configuration directives.
+ <tag>logfile_daemon</tag>
+ <p>Ported from 2.7. Specify the file I/O daemon helper to run for logging.
+
<tag>max_stale</tag>
<p>Places an upper limit on how stale content Squid will serve from the cache if cache validation fails
network Only objects fetched from network is kept in memory
</verb>
- <tag>logfile_daemon</tag>
- <p>Ported from 2.7. Specify the file I/O daemon helper to run for logging.
-
<tag>server_idle_pconn_timeout</tag>
<p>Renamed from <em>pconn_timeout</em>.
<tag>tcp_outgoing_tos</tag>
<p>This parameter is now compatible with persistent server connections.
- <tag>windows_ipaddrchangemonitor</tag>
- <p>Now only available to be set in Windows builds.
-
<tag>url_rewrite_children</tag>
<p>New options <em>startup=N</em>, <em>idle=N</em>, <em>concurrency=N</em>
<itemize>
<item>concurrency=N was previously called url_rewrite_concurrency as a distinct directive.
</itemize>
+ <tag>windows_ipaddrchangemonitor</tag>
+ <p>Now only available to be set in Windows builds.
+
</descrip>
<p>
<descrip>
<tag>--enable-auth</tag>
- <p>No longer takes a list of arguments. This option now is restricted to building with or without for authentication.
+ <p>No longer takes a list of arguments. This option now is restricted to building Squid with or without authentication support.
<p>The new <em>--enable-auth-X</em>/<em>--disable-auth-X</em> parameters determine which authentication protocols and helpers are built.
</descrip>
COMMENT_START
WELCOME TO @SQUID@
----------------------------
-
- This is the default Squid configuration file. You may wish
- to look at the Squid home page (http://www.squid-cache.org/)
- for the FAQ and other documentation.
-
- The default Squid config file shows what the defaults for
- various options happen to be. If you don't need to change the
- default, you shouldn't uncomment the line. Doing so may cause
- run-time problems. In some cases "none" refers to no default
- setting at all, while in other cases it refers to a valid
- option - the comments for that keyword indicate if this is the
- case.
+
+ This is the documentation for the Squid configuration file.
+ This documentation can also be found online at:
+ http://www.squid-cache.org/Doc/config/
+
+ You may wish to look at the Squid home page and wiki for the
+ FAQ and other documentation:
+ http://www.squid-cache.org/
+ http://wiki.squid-cache.org/SquidFaq
+ http://wiki.squid-cache.org/ConfigExamples
+
+ This documentation shows what the defaults for various directives
+ happen to be. If you don't need to change the default, you should
+ leave the line out of your squid.conf in most cases.
+
+ In some cases "none" refers to no default setting at all,
+ while in other cases it refers to the value of the option
+ - the comments for that keyword indicate if this is the case.
COMMENT_END
COMMENT_START
Configuration options can be included using the "include" directive.
- Include takes a list of files to include. Quoting and wildcards is
+ Include takes a list of files to include. Quoting and wildcards are
supported.
For example,
must be typed on their own lines, as if they were regular
configuration directives.
+ NOTE: An else-if condition is not supported.
+
These individual conditions types are supported:
true
SECURITY WARNING: Usage of this option is dangerous
and should not be used trivially. Correct configuration
- of folow_x_forewarded_for with a limited set of trusted
+ of follow_x_forewarded_for with a limited set of trusted
sources is required to prevent abuse of your proxy.
DOC_END
cache_peer parent.foo.net parent 3128 3130 default
cache_peer sib1.foo.net sibling 3128 3130 proxy-only
cache_peer sib2.foo.net sibling 3128 3130 proxy-only
- cache_peer example.com parent 80 0 no-query default
+ cache_peer example.com parent 80 0 default
cache_peer cdn.example.com sibling 3128 0
type: either 'parent', 'sibling', or 'multicast'.
multicast-siblings
To be used only for cache peers of type "multicast".
ALL members of this multicast group have "sibling"
- relationship with it, not "parent". This is to a mulicast
+ relationship with it, not "parent". This is to a multicast
group when the requested object would be fetched only from
a "parent" cache, anyway. It's useful, e.g., when
configuring a pool of redundant Squid proxies, being
udp To send each log line as text data to a UDP receiver.
Place: The destination host name or IP and port.
- Place Format: \\host:port
+ Place Format: //host:port
tcp To send each log line as text data to a TCP receiver.
Place: The destination host name or IP and port.
- Place Format: \\host:port
+ Place Format: //host:port
Default:
access_log daemon:@DEFAULT_ACCESS_LOG@ squid
projects / thirdparty / squid.git / commitdiff
