--- /dev/null
+NAME: http_port ascii_port
+TYPE: ushortlist
+DEFAULT: 3128
+LOC: Config.Port.http
+DOC_START
+ The port number where squid will listen for HTTP client
+ requests. Default is 3128, for httpd-accel mode use port 80.
+ May be overridden with -a on the command line.
+
+ You may specify multiple ports here, but they MUST all be on
+ a single line.
+
+http_port 3128
+DOC_END
+
+
+NAME: icp_port udp_port
+TYPE: ushort
+DEFAULT: 3130
+LOC: Config.Port.icp
+DOC_START
+ The port number where squid send and receive ICP requests to
+ and from neighbor caches. Default is 3130. To disable use
+ "0". May be overridden with -u on the command line.
+
+icp_port 3130
+DOC_END
+
+
+NAME: mcast_groups
+TYPE: wordlist
+LOC: Config.mcast_group_list
+DEFAULT: NULL
+DOC_START
+ This tag specifies a list of multicast groups which your
+ server should join to receive multicasted ICP requests.
+
+ NOTE! Be very careful what you put here! Be sure you
+ understand the difference between an ICP _query_ and an ICP
+ _reply_. This option is to be set only if you want to RECEIVE
+ multicast queries. Do NOT set this option to SEND multicast
+ ICP (use cache_host for that). ICP replies are always sent via
+ unicast, so this option does not affect whether or not you will
+ receive replies from multicast group members.
+
+ You must be very careful to NOT use a multicast address which
+ is already in use by another group of caches. NLANR has been
+ assigned a block of multicast address space for use in Web
+ Caching. Plese write to us at nlanr-cache@nlanr.net to receive
+ an address for your own use.
+
+ Usage: mcast_groups 239.128.16.128 224.0.1.20
+
+ By default, squid doesn't listen on any multicast groups.
+
+mcast_groups 239.128.16.128
+DOC_END
+
+
+NAME: tcp_incoming_address bind_address
+TYPE: address
+LOC: Config.Addrs.tcp_incoming
+DEFAULT: INADDR_ANY
+DOC_NONE
+
+NAME: tcp_outgoing_address outbound_address
+TYPE: address
+LOC: Config.Addrs.tcp_outgoing
+DEFAULT: no_addr.s_addr
+DOC_NONE
+
+NAME: udp_incoming_address
+TYPE: address
+LOC:Config.Addrs.udp_incoming
+DEFAULT: INADDR_ANY
+DOC_NONE
+
+NAME: udp_outgoing_address
+TYPE: address
+LOC: Config.Addrs.udp_outgoing
+DEFAULT: no_addr.s_addr
+DOC_START
+ Usage: tcp_incoming_address 10.20.30.40
+ udp_outgoing_address fully.qualified.domain.name
+
+ These tags have replaced 'bind_address' and 'outbound_address'
+ to provide more control for multihomed hosts.
+
+ tcp_incoming_address is used for the HTTP socket which accepts
+ connections from clients and other caches.
+ tcp_outgoing_address is used for connections made to remote
+ servers and other caches.
+ udp_incoming_address is used for the ICP socket receiving packets
+ from other caches.
+ udp_outgoing_address is used for ICP packets sent out to other
+ caches.
+
+ The defaults behaviour is to not bind to any specific address.
+
+ NOTE, udp_incoming_address and udp_outgoing_address can not have
+ the same value since they both use port 3130.
+
+tcp_incoming_address 0.0.0.0
+tcp_outgoing_address 0.0.0.0
+udp_incoming_address 0.0.0.0
+udp_outgoing_address 0.0.0.0
+DOC_END
+
+
+# OPTIONS WHICH AFFECT THE NEIGHBOR SELECTION ALGORITHM
+#-----------------------------------------------------------------------------
+
+NAME: cache_host
+TYPE: cachehost
+DOC_START
+ To specify other caches in a hierarchy, use the format:
+
+ hostname type http_port icp_port
+
+ For example,
+
+ # proxy icp
+ # hostname type port port options
+ # -------------------- -------- ----- ----- -----------
+ cache_host bigserver.usc.edu parent 3128 3130 [proxy-only]
+ cache_host littleguy1.usc.edu sibling 3128 3130 [proxy-only]
+ cache_host littleguy1.usc.edu sibling 3128 3130 [proxy-only]
+
+ type: either 'parent', 'sibling', or 'multicast'.
+
+ proxy_port: The port number where the cache listens for proxy
+ requests.
+
+ icp_port: Used for querying neighbor caches about
+ objects. To have a non-ICP neighbor
+ specify '7' for the ICP port and make sure the
+ neighbor machine has the UDP echo port
+ enabled in its /etc/inetd.conf file.
+
+ options: proxy-only
+ weight=n
+ ttl=n
+ no-query
+ default
+ round-robin
+ multicast-responder
+
+ use 'proxy-only' to specify that objects fetched
+ from this cache should not be saved locally.
+
+ use 'weight=n' to specify a weighted parent.
+ The weight must be an integer. The default weight
+ is 1, larger weights are favored more.
+
+ use 'ttl=n' to specify a IP multicast TTL to use
+ when sending an ICP request to this address.
+ Only useful when sending to a multicast group.
+ Because we don't accept ICP replies from random
+ hosts, you must configure other group members as
+ peers with the 'multicast-responder' option below.
+
+ use 'no-query' to NOT send ICP queries to this
+ neighbor.
+
+ use 'default' if this is a parent cache which can
+ be used as a "last-resort." You should probably
+ only use 'default' in situations where you cannot
+ use ICP with your parent cache(s).
+
+ use 'round-robin' to define a set of parents which
+ should be used in a round-robin fashion in the
+ absence of any ICP queries.
+
+ 'multicast-responder' indicates that the named peer
+ is a member of a multicast group. ICP queries will
+ not be sent directly to the peer, but ICP replies
+ will be accepted from it.
+
+ NOTE: non-ICP neighbors must be specified as 'parent'.
+
+cache_host hostname type 3128 3130
+DOC_END
+
+
+NAME: cache_host_domain
+TYPE: hostdomain
+DOC_START
+ Use to limit the domains for which a neighbor cache will be queried.
+ Usage:
+
+ cache_host_domain cache-host domain [domain ...]
+ cache_host_domain cache-host !domain
+
+ For example, specifying
+
+ cache_host_domain bigserver.usc.edu .edu
+
+ has the effect such that UDP query packets are sent to
+ 'bigserver' only when the requested object exists on a
+ server in the .edu domain. Prefixing the domainname
+ with '!' means that the cache will be queried for objects
+ NOT in that domain.
+
+ NOTE: * Any number of domains may be given for a cache-host,
+ either on the same or separate lines.
+ * When multiple domains are given for a particular
+ cache-host, the first matched domain is applied.
+ * Cache hosts with no domain restrictions are queried
+ for all requests.
+ * There are no defaults.
+ * There is also a 'cache_host_acl' tag in the ACL
+ section.
+DOC_END
+
+
+NAME: neighbor_type_domain
+TYPE: hostdomaintype
+DOC_START
+ usage: neighbor_type_domain parent|sibling domain domain ...
+
+ Modifying the neighbor type for specific domains is now
+ possible. You can treat some domains differently than the the
+ default neighbor type specified on the 'cache_host' line.
+ Normally it should only be necessary to list domains which
+ should be treated differently because the default neighbor type
+ applies for hostnames which do not match domains listed here.
+
+EXAMPLE:
+ cache_host parent cache.foo.org 3128 3130
+ neighbor_type_domain cache.foo.org sibling .com .net
+ neighbor_type_domain cache.foo.org sibling .au .de
+DOC_END
+
+NAME: single_parent_bypass
+COMMENT: on|off
+TYPE: onoff
+DEFAULT: 0
+LOC: Config.singleParentBypass
+DOC_START
+ This tag specifies that it is okay to bypass the hierarchy
+ "Pinging" when there is only a single parent for a given URL.
+
+ Usage: single_parent_bypass on|off
+
+ Before actually sending ICP "ping" packets to parents and
+ neighbors, we figure out which hosts would be pinged based
+ on the cache_host_domain rules, etc. Often it may be the
+ case that only a single parent cache would be pinged.
+
+ Since there is only a single parent, there is a very good
+ chance that we will end up fetching the object from that
+ parent. For this reason, it may be beneficial to avoid
+ the ping and just fetch the object anyway.
+
+ However, if we avoid the ping, we will be assuming that the
+ parent host is reachable and that the cache process is running.
+ By using the ping, we can be reasonably sure that the parent
+ host will be able to handle our request. If the ping fails then
+ it may be possible to fetch the object directly from the source.
+
+ To favor the resiliency provided by the ping algorithm,
+ single_parent_bypass is 'off' by default.
+
+single_parent_bypass off
+DOC_END
+
+
+NAME: source_ping
+COMMENT: on|off
+TYPE: onoff
+DEFAULT: 0
+LOC: Config.sourcePing
+DOC_START
+ If source_ping is enabled, then squid will include the source
+ provider site in its selection algorithm. This is accomplished
+ by sending ICP "HIT" packets to the UDP echo port of the source
+ host. Note that using source_ping may send a fair amount of UDP
+ traffic out on the Internet and may irritate paranoid network
+ administrators.
+
+ Note that source_ping is incompatible with inside_firewall.
+ For hosts beyond the firewall, source_ping packets will never
+ be sent.
+
+ By default, source_ping is off.
+
+source_ping off
+DOC_END
+
+
+NAME: neighbor_timeout neighbour_timeout
+COMMENT: (seconds)
+DEFAULT: 2
+TYPE: time_sec
+LOC: Config.neighborTimeout
+DOC_START
+ This controls how long to wait for replies from neighbor caches.
+ If none of the parent or neighbor caches reply before this many
+ seconds (due to dropped packets or slow links), then the object
+ request will be satisfied from the default source. The default
+ timeout is two seconds.
+
+neighbor_timeout 2 seconds
+DOC_END
+
+
+NAME: hierarchy_stoplist
+TYPE: wordlist
+LOC: Config.hierarchy_stoplist
+DOC_START
+ A list of words which, if found in a URL, cause the object to
+ be handled directly by this cache. In other words, use this
+ to not query neighbor caches for certain objects. You may
+ list this option multiple times.
+
+ The default is to directly fetch URLs containing 'cgi-bin' or '?'.
+
+hierarchy_stoplist cgi-bin ?
+DOC_END
+
+
+NAME: cache_stoplist
+TYPE: wordlist
+LOC: Config.cache_stoplist
+DOC_START
+ A list of words which, if found in a URL, cause the object to
+ immediately removed from the cache. In other words, use this
+ to force certain objects to never be cached. You may list this
+ option multiple times.
+
+ The default is to not cache URLs containing 'cgi-bin' or '?'.
+
+cache_stoplist cgi-bin ?
+DOC_END
+
+
+NAME: cache_stoplist_pattern
+COMMENT: # case sensitive
+TYPE: regexlist
+LOC: Config.cache_stop_relist
+DOC_NONE
+
+NAME: cache_stoplist_pattern/i
+COMMENT: # case insensitive
+TYPE: regexlist_icase
+LOC: Config.cache_stop_relist
+DOC_START
+ Just like 'cache_stoplist' but you can use regular expressions
+ instead of simple string matching. There is no default.
+
+cache_stoplist_pattern
+DOC_END
+
+
+# OPTIONS WHICH AFFECT THE CACHE SIZE
+#-----------------------------------------------------------------------------
+
+
+NAME: cache_mem
+COMMENT: (in megabytes)
+TYPE: int
+DEFAULT: 8
+LOC: Config.Mem.maxSize
+DOC_START
+ Maximum amout of VM used to store objects in memory.
+ This includes:
+ in-transit objects,
+ negative-cached objects,
+ "hot" objects
+ The value of cache_mem is an upper limit on the size of the
+ "in-memory object data" pool. This is a pool of 4k pages used
+ to hold object data.
+
+ In-transit objects have priority over the others. When
+ additional space is needed for incoming data, negative-cached
+ and hot objects will be released. In other words, the
+ negative-cached and hot objects will fill up any unused space
+ not needed for in-transit objects.
+
+ The values of cache_mem_low and cache_mem_high (below) can be
+ used to tune the use of the memory pool. When the high mark is
+ reached, in-transit and hot objects will be released to clear
+ space. When an object transfer is completed, it will remain in
+ memory only if the current memory usage is below the low water
+ mark.
+
+ The default is 8 Megabytes.
+
+cache_mem 8
+DOC_END
+
+
+NAME: cache_swap_low
+COMMENT: (percent, 0-100)
+TYPE: int
+DEFAULT: 90
+LOC: Config.Swap.lowWaterMark
+DOC_NONE
+
+NAME: cache_swap_high
+COMMENT: (percent, 0-100)
+TYPE: int
+DEFAULT: 95
+LOC: Config.Swap.highWaterMark
+DOC_START
+ The low- and high-water marks for cache LRU replacement.
+ LRU replacement begins when the high-water mark is reached
+ and ends when enough objects have been removed and the low-water
+ mark is reached. Defaults are 90% and 95%.
+
+cache_swap_low 90
+cache_swap_high 95
+DOC_END
+
+
+NAME: cache_mem_low
+COMMENT: (in percent, 0-100)
+TYPE: int
+DEFAULT: 75
+LOC: Config.Mem.lowWaterMark
+DOC_NONE
+
+NAME: cache_mem_high
+COMMENT: (in percent, 0-100)
+TYPE: int
+DEFAULT: 95
+LOC: Config.Mem.highWaterMark
+DOC_START
+ The low- and high-water mark for cache memory storage. When
+ the amount of RAM used by the hot-object RAM cache reaches this
+ point, the cache starts throwing objects out of the RAM cache
+ (but they remain on disk). Defaults are 75% and 90%.
+
+cache_mem_low 75
+cache_mem_high 90
+DOC_END
+
+
+NAME: maximum_object_size
+TYPE: int
+DEFAULT: 4096
+LOC: Config.Store.maxObjectSize
+DOC_START
+ Objects larger than this size will NOT be saved on disk. The
+ value is specified in kilobytes, and the default is 4MB.
+
+maximum_object_size 4096
+DOC_END
+
+
+NAME: ipcache_size
+COMMENT: (number of entries)
+TYPE: int
+DEFAULT: 1024
+LOC: Config.ipcache.size
+DOC_NONE
+
+NAME: ipcache_low
+COMMENT: (percent)
+TYPE: int
+DEFAULT: 90
+LOC: Config.ipcache.low
+DOC_NONE
+
+NAME: ipcache_high
+COMMENT: (percent)
+TYPE: int
+DEFAULT: 95
+LOC: Config.ipcache.high
+DOC_START
+ The size, low-, and high-water marks for the IP cache.
+
+ipcache_size 1024
+ipcache_low 90
+ipcache_high 95
+DOC_END
+
+
+# LOGFILE PATHNAMES AND CACHE DIRECTORIES
+#-----------------------------------------------------------------------------
+
+NAME: cache_dir
+TYPE: cachedir
+DOC_START
+ Directory for on-disk cache storage. The cache will change into
+ this directory when running. The default is
+ /usr/local/squid/cache.
+
+ You can specify multiple cache_dir lines to spread the
+ cache among different disk partitions.
+
+cache_dir /usr/local/squid/cache 256 16 16
+DOC_END
+
+
+NAME: cache_access_log
+TYPE: string
+DEFAULT: /usr/local/squid/logs/access.log
+LOC: Config.Log.access
+DOC_START
+ Logs the client request activity. Contains an entry for
+ every HTTP and ICP request received.
+
+cache_access_log /usr/local/squid/logs/access.log
+DOC_END
+
+
+NAME: cache_log
+TYPE: string
+DEFAULT: /usr/local/squid/logs/cache.log
+LOC: Config.Log.log
+DOC_START
+ Cache logging file. Set logging levels with "debug_options" below.
+
+cache_log /usr/local/squid/logs/cache.log
+DOC_END
+
+
+NAME: cache_store_log
+TYPE: string
+DEFAULT: /usr/local/squid/logs/store.log
+LOC: Config.Log.store
+DOC_START
+ Logs the activities of the storage manager. Shows which
+ objects are ejected from the cache, and which objects are
+ saved and for how long. To disable, enter "none".
+
+cache_store_log /usr/local/squid/logs/store.log
+DOC_END
+
+
+NAME: cache_swap_log
+TYPE: string
+LOC: Config.Log.swap
+DOC_START
+ Location for the cache "swap log." This log file holds the
+ metadata of objects saved on disk. It is used to rebuild the
+ cache during startup. Normally this file resides in the first
+ 'cache_dir' directory, but you may specify an alternate
+ pathname here. Note you must give a full filename, not just
+ a directory.
+
+cache_swap_log
+DOC_END
+
+
+NAME: emulate_httpd_log
+COMMENT: on|off
+TYPE: onoff
+DEFAULT: 0
+LOC: Config.commonLogFormat
+DOC_START
+ The Cache can emulate the log file format which many 'httpd'
+ programs use. To disable/enable this emulation, set
+ emulate_httpd_log to 'off' or 'on'. The default
+ is to use the native log format.
+
+emulate_httpd_log off
+DOC_END
+
+
+NAME: mime_table
+TYPE: pathname_check
+DEFAULT: /usr/local/squid/etc/mime.conf
+LOC: Config.mimeTablePathname
+DOC_START
+ Pathname to Squid's MIME table which has the format
+
+ regex content-type icon content-encoding transfer-mode
+
+mime_table /usr/local/squid/etc/mime.conf
+DOC_END
+
+
+NAME: log_mime_hdrs
+COMMENT: on|off
+TYPE: onoff
+LOC: Config.logMimeHdrs
+DOC_START
+ The Cache can record both the request and the response
+ MIME headers for each HTTP transaction. The headers are
+ encoded safely and will appear as two bracketed fields
+ at the end of the access log (for either the native
+ or httpd-emulated log formats). To enable this logging
+ set log_mime_hdrs to 'on'.
+
+ NOTE: support for this may require you to define
+ LOG_FULL_HEADERS before compiling.
+
+log_mime_hdrs off
+DOC_END
+
+
+NAME: useragent_log
+TYPE: string
+LOC: Config.Log.useragent
+DOC_START
+ If compiled with "-DUSE_USERAGENT_LOG=1" Squid will write
+ the User-Agent field from HTTP requests to the filename
+ specified here. By default useragent_log is disabled.
+
+useragent_log none
+DOC_END
+
+
+NAME: pid_filename
+TYPE: string
+DEFAULT: /usr/local/squid/logs/squid.pid
+LOC: Config.pidFilename
+DOC_START
+ A pathname to write the process-id to. To disable, enter "none".
+
+pid_filename /usr/local/squid/logs/squid.pid
+DOC_END
+
+
+NAME: debug_options
+TYPE: string_optional
+DEFAULT: ALL,1
+LOC: Config.debugOptions
+DOC_START
+ Logging options are set as section,level where each source file
+ is assigned a unique section. Lower levels result in less
+ output, Full debugging (level 9) can result in a very large
+ log file, so be careful. The magic word "ALL" sets debugging
+ levels for all sections. We recommend normally running with
+ "ALL,1".
+
+debug_options ALL,1
+DOC_END
+
+
+NAME: ident_lookup
+COMMENT: on|off
+TYPE: onoff
+DEFAULT: 0
+LOC: Config.identLookup
+DOC_START
+ If you wish to make an RFC931/ident lookup of the client username
+ for each connection, enable this. It is off by default.
+
+ident_lookup off
+DOC_END
+
+
+NAME: log_fqdn
+COMMENT: on|off
+TYPE: onoff
+DEFAULT: 0
+LOC: Config.Log.log_fqdn
+DOC_START
+ Turn this on if you wish to log fully qualified domain names
+ in the access.log.
+
+log_fqdn off
+DOC_END
+
+
+NAME: client_netmask
+TYPE: address
+LOC: Config.Addrs.client_netmask
+DOC_START
+ A netmask for client addresses in logfiles and cachemgr output.
+ Change this to protect the privacy of your cache clients.
+
+client_netmask 255.255.255.255
+DOC_END
+
+
+# OPTIONS FOR EXTERNAL SUPPORT PROGRAMS
+#-----------------------------------------------------------------------------
+
+# TAG: ftpget_program
+# Where to find the 'ftpget' program that retrieves FTP data (HTTP
+# and Gopher protocol support are built into the cache).
+#
+# To disable ftpget and the ability to retrieve FTP objects, set
+# this to "none". Note that ftpget is automatically disabled for
+# http_accel mode.
+#
+#ftpget_program @DEFAULT_FTPGET@
+
+# TAG: ftpget_options
+# Options for the 'ftpget' program. Please run 'ftpget' without
+# any arguments to see a list of options. The default is
+# no options. An example is
+#
+# ftpget_options -n 60 -R -W
+#
+#ftpget_options
+
+NAME: ftp_user
+TYPE: string
+DEFAULT: squid@
+LOC: Config.Ftp.anon_user
+DOC_START
+ If you want the anonymous login password to be more informative
+ (and enable the use of picky ftp servers), set this to something
+ resonable for your domain, like wwwuser@somewhere.net
+
+ The reason why this is domainless by default is that the
+ request can be made on the behalf of a user in any domain,
+ depending on how the cache is used.
+ Some ftp server also validate that the email address is valid
+ (for example perl.com).
+
+ftp_user squid@
+DOC_END
+
+
+NAME: cache_dns_program
+TYPE: pathname_check
+DEFAULT: /usr/local/squid/bin/dnsserver
+LOC: Config.Program.dnsserver
+DOC_START
+ Specify the location of the executable for dnslookup process.
+
+cache_dns_program /usr/local/squid/bin/dnsserver
+DOC_END
+
+
+NAME: dns_children
+TYPE: int
+DEFAULT: 5
+LOC: Config.dnsChildren
+DOC_START
+ The number of processes spawn to service DNS name lookups.
+ For heavily loaded caches on large servers, you should
+ probably increase this value to at least 10. The maximum
+ is 32. The default is 5.
+
+ To disable dnsservers, set this to 0. NOTE, this is very
+ strongly discouraged. If you disable dnsservers your Squid
+ process will BLOCK on DNS lookups!
+
+dns_children 5
+DOC_END
+
+
+NAME: dns_defnames
+COMMENT: on|off
+TYPE: onoff
+DEFAULT: 0
+LOC: Config.Options.res_defnames
+DOC_START
+ Normally the 'dnsserver' disables the RES_DEFNAMES resolver
+ option (see res_init(3)). This prevents caches in a hierarchy
+ from interpreting single-component hostnames locally. To allow
+ dnsserver to handle single-component names, enable this
+ option.
+
+dns_defnames off
+DOC_END
+
+
+NAME: unlinkd_program
+TYPE: pathname_check
+DEFAULT: /usr/local/squid/bin/unlinkd
+LOC: Config.Program.unlinkd
+DOC_START
+ Specify the location of the executable for file deletion process.
+
+unlinkd_program /usr/local/squid/bin/unlinkd
+DOC_END
+
+
+NAME: pinger_program
+TYPE: pathname_check
+DEFAULT: /usr/local/squid/bin/pinger
+LOC: Config.Program.pinger
+DOC_START
+ Specify the location of the executable for the pinger process.
+
+pinger_program /usr/local/squid/bin/pinger
+DOC_END
+
+
+NAME: redirect_program
+TYPE: pathname_check
+LOC: Config.Program.redirect
+DOC_START
+ Specify the location of the executable for the URL redirector.
+ Currently, you must provide your own redirector program.
+ See the Release-Notes for how to write one.
+ By default, the redirector is not used.
+
+redirect_program /bin/false
+DOC_END
+
+
+NAME: redirect_children
+TYPE: int
+DEFAULT: 5
+LOC: Config.redirectChildren
+DOC_START
+ The number of redirector processes to spawn.
+
+redirect_children 5
+DOC_END
+
+
+# OPTIONS FOR TUNING THE CACHE
+#-----------------------------------------------------------------------------
+
+NAME: wais_relay
+TYPE: waisrelay
+DOC_START
+ Relay WAIS request to host (1st arg) at port (2 arg).
+
+wais_relay localhost 8000
+DOC_END
+
+
+NAME: request_size
+TYPE: int
+DEFAULT: 100
+LOC: Config.maxRequestSize
+DOC_START
+ Maximum allowed request size in kilobytes. If people are using
+ POST to upload files, then set this to the largest acceptable
+ filesize plus a few extra kbytes.
+
+request_size 100
+DOC_END
+
+
+NAME: refresh_pattern
+COMMENT: # case sensitive
+TYPE: refreshpattern
+DOC_NONE
+
+NAME: refresh_pattern/i
+COMMENT: # case insensitive
+TYPE: refreshpattern_icase
+DOC_START
+ usage: refresh_pattern regex min percent max
+
+ min and max are specified in MINUTES.
+ percent is an integer number.
+
+ Please see the file doc/Release-Notes-1.1.txt for a full
+ description of Squid's refresh algorithm. Basically a
+ cached object is:
+
+ FRESH if age < min
+ STALE if expires < now
+ STALE if age > max
+ FRESH if lm-factor < percent
+
+ The refresh_pattern lines are checked in the order listed here.
+ The first entry which matches is used. If none of the entries
+ match, then the default will be used.
+
+Default:
+refresh_pattern . 0 20% 4320
+DOC_END
+
+
+NAME: reference_age
+TYPE: time_min
+LOC: Config.referenceAge
+DOC_START
+ As a part of normal operation, Squid performs Least Recently
+ Used removal of cached objects. The LRU age for removal is
+ computed dynamically, based on the amount of disk space in
+ use. The 'reference_age' value defines the maximum LRU age.
+ For example, setting reference_age to '1 week' will cause
+ objects to be removed if they have not been accessed for a week
+ or more. If set to zero, LRU removal is disabled, and objects
+ will be removed only when disk usage is over the high water
+ mark. The default value is one year.
+
+ Specify a number here, followed by units of time. For example:
+ 1 week
+ 3.5 days
+ 4 months
+ 2.2 hours
+
+reference_age 1 year
+DOC_END
+
+
+NAME: quick_abort
+TYPE: quickabort
+DOC_START
+ By default the cache continues to retrieve objects from
+ aborted requests. This may be undesirable on slow (e.g. SLIP)
+ links and/or very busy caches. Impatient users may tie up
+ file descriptors by repeatedly aborting and re-requesting
+ non-cachable objects.
+
+ Usage: quick_abort min-kbytes percent max-kbytes
+
+ When the user aborts a request, Squid will check the
+ quick_abort values to the amount of data transfered until
+ then.
+
+ If the transfer has less than 'min-kbytes' remaining, it
+ will finish the retrieval. Setting minlength to -1 will
+ disable the quick_abort feature.
+
+ If the transfer has more than 'max-kbytes' remaining, it
+ will abort the retrieval.
+
+ If more than 'percent' of the transfer has completed, it will
+ finish the retrieval.
+
+quick_abort -1 0 0
+DOC_END
+
+
+NAME: negative_ttl
+COMMENT: (in minutes)
+TYPE: time_sec
+LOC: Config.negativeTtl
+DOC_START
+ Time-to-Live (TTL) for failed requests. Certain types of
+ failures (such as "connection refused" and "404 Not Found") are
+ negatively-cached for a small amount of time. The default is 5
+ minutes. Note that this is different from negative caching of
+ DNS lookups.
+
+negative_ttl 5 minutes
+DOC_END
+
+
+NAME: positive_dns_ttl
+COMMENT: (in minutes)
+TYPE: time_sec
+LOC: Config.positiveDnsTtl
+DOC_START
+ Time-to-Live (TTL) for positive caching of successful DNS lookups.
+ Default is 6 hours (360 minutes). If you want to minimize the
+ use of Squid's ipcache, set this to 1, not 0.
+
+positive_dns_ttl 360 minutes
+DOC_END
+
+
+NAME: negative_dns_ttl
+COMMENT: (in minutes)
+TYPE: time_sec
+LOC: Config.negativeDnsTtl
+DOC_START
+ Time-to-Live (TTL) for negative caching of failed DNS lookups.
+
+negative_dns_ttl 5 minutes
+DOC_END
+
+
+# TIMEOUTS
+#-----------------------------------------------------------------------------
+
+NAME: connect_timeout
+COMMENT: (in seconds)
+TYPE: time_sec
+LOC: Config.Timeout.connect
+DOC_START
+ Some systems (notably Linux) can not be relied upon to properly
+ time out connect(2) requests. Therefore the squid process
+ enforces its own timeout on server connections. This parameter
+ specifies how long to wait for the connect to complete. The
+ default is two minutes (120 seconds).
+
+connect_timeout 120 seconds
+DOC_END
+
+
+NAME: read_timeout
+COMMENT: (in minutes)
+TYPE: time_sec
+LOC: Config.Timeout.read
+DOC_START
+ The read_timeout is applied on server-side connections. After
+ each successful read(), the timeout will be extended by this
+ amount. If no data is read again after this amount of time,
+ the request is aborted and logged with ERR_READ_TIMEOUT. The
+ default is 15 minutes.
+
+read_timeout 15 minutes
+DOC_END
+
+
+NAME: defer_timeout
+COMMENT: (in minutes)
+TYPE: time_sec
+LOC: Config.Timeout.defer
+DOC_START
+ If your clients are behind slow (e.g. PPP/SLIP) connections,
+ then data may come in from the server-side faster than it can
+ be written to the client-side. When the server side gets too
+ far ahead of the client-side, subsequent reads will be deferred
+ until the client catches up. This timeout determines how long
+ to wait while in "deferred read mode." The default is one
+ hour.
+
+defer_timeout 60 minutes
+DOC_END
+
+
+NAME: request_timeout
+TYPE: time_sec
+LOC: Config.Timeout.request
+DOC_START
+ How long to wait for an HTTP request after connection
+ establishment. For persistent connections, wait this long
+ after the previous request completes.
+
+defer_timeout 30 seconds
+DOC_END
+
+
+NAME: client_lifetime
+COMMENT: (in minutes)
+TYPE: time_sec
+LOC: Config.Timeout.lifetime
+DOC_START
+ The maximum amount of time that a client (browser) is allowed to
+ remain connected to the cache process. This protects the Cache
+ from having alot of sockets (and hence file descriptors) tied up
+ in a CLOSE_WAIT state from remote clients that go away without
+ properly shutting down (either because of a network failure or
+ because of a poor client implementation). The default is one
+ day, 1440 minutes.
+
+ NOTE: The default value is intended to be much larger than any
+ client would ever need to be connected to your cache. You
+ should probably change client_lifetime only as a last resort.
+ If you seem to have many client connections tying up
+ filedescriptors, we recommend first tuning the read_timeout,
+ defer_timeout, and quick_abort values.
+
+client_lifetime 1 day
+DOC_END
+
+
+NAME: shutdown_lifetime
+COMMENT: (in seconds)
+TYPE: time_sec
+LOC: Config.shutdownLifetime
+DOC_START
+ When SIGTERM or SIGHUP is received, the cache is put into
+ "shutdown pending" mode until all active sockets are closed.
+ This value is the lifetime to set for all open descriptors
+ during shutdown mode. Any active clients after this many
+ seconds will receive a 'timeout' message.
+
+shutdown_lifetime 30 seconds
+DOC_END
+
+
+# ACCESS CONTROLS
+#-----------------------------------------------------------------------------
+
+NAME: acl
+TYPE: acl
+DOC_START
+ Defining an Access List
+
+ acl aclname acltype string1 ...
+ acl aclname acltype "file" ...
+
+ when using "file", the file should contain one item per line
+
+ acltype is one of src dst srcdomain dstdomain url_pattern
+ urlpath_pattern time port proto method browser user
+
+ acl aclname src ip-address/netmask ... (clients IP address)
+ acl aclname src addr1-addr2/netmask ... (range of addresses)
+ acl aclname dst ip-address/netmask ... (URL host's IP address)
+ acl aclname srcdomain foo.com ... (taken from reverse DNS lookup)
+ acl aclname dstdomain foo.com ... (taken from the URL)
+ acl aclname time [day-abbrevs] [h1:m1-h2:m2]
+ day-abbrevs:
+ S - Sunday
+ M - Monday
+ T - Tuesday
+ W - Wednesday
+ H - Thursday
+ F - Friday
+ A - Saturday
+ h1:m1 must be less than h2:m2
+ acl aclname url_regex ^http:// ... # regex matching on whole URL
+ acl aclname urlpath_regex \.gif$ ... # regex matching on URL path only
+ acl aclname port 80 70 21 ...
+ acl aclname proto HTTP FTP ...
+ acl aclname method GET POST ...
+ acl aclname browser regexp
+ acl aclname user username ... # string match on ident output.
+ # use REQUIRED to accept any
+ # non-null ident.
+
+acl manager proto cache_object
+acl localhost src 127.0.0.1/255.255.255.255
+acl all src 0.0.0.0/0.0.0.0
+
+acl SSL_ports port 443 563
+acl Dangerous_ports port 7 9 19
+acl CONNECT method CONNECT
+DOC_END
+
+NAME: http_access
+TYPE: acl_access
+LOC: Config.accessList.HTTP
+DOC_START
+ Allowing or Denying access based on defined access lists
+
+ Access to the HTTP port:
+ http_access allow|deny [!]aclname ...
+
+ Access to the ICP port:
+ icp_access allow|deny [!]aclname ...
+
+ NOTE on default values:
+
+ If there are no "access" lines present, the default is to allow
+ the request.
+
+ If none of the "access" lines cause a match, the default is the
+ opposite of the last line in the list. If the last line was
+ deny, then the default is allow. Conversely, if the last line
+ is allow, the default will be deny. For these reasons, it is a
+ good idea to have an "deny all" or "allow all" entry at the end
+ of your access lists to avoid potential confusion.
+
+
+ Only allow access to the cache manager functions from the local host.
+http_access deny manager !localhost
+http_access deny CONNECT !SSL_ports
+http_access deny Dangerous_ports
+
+ Allow everything else
+http_access allow all
+DOC_END
+
+
+NAME: icp_access
+TYPE: acl_access
+LOC: Config.accessList.ICP
+DOC_START
+ Reply to all ICP queries we receive
+
+icp_access allow all
+DOC_END
+
+
+NAME: miss_access
+TYPE: acl_access
+LOC: Config.accessList.MISS
+DOC_START
+ Use to force your neighbors to use you as a sibling instead of
+ a parent. For example:
+
+ acl localclients src 172.16.0.0/16
+ miss_access allow localclients
+ miss_access deny !localclients
+
+ This means that only your local clients are allowed to fetch
+ MISSES and all other clients can only fetch HITS.
+
+ By default, allow all clients who passed the http_access rules
+ to fetch MISSES from us.
+
+miss_access allow all
+DOC_END
+
+
+NAME: cache_host_acl
+TYPE: hostacl
+DOC_START
+ Just like 'cache_host_domain' but provides more flexibility by
+ using ACL's.
+
+ cache_host_acl cache-host [!]aclname ...
+
+ NOTE: * Any number of ACL's may be given for a cache-host,
+ either on the same or separate lines.
+ * When multiple ACL's are given for a particular
+ cache-host, the first matched ACL is applied.
+ * Cache hosts with no domain or ACL restrictions are
+ queried for all requests.
+ * There are no defaults.
+DOC_END
+
+
+# ADMINISTRATIVE PARAMETERS
+#-----------------------------------------------------------------------------
+
+NAME: cache_mgr
+TYPE: string
+DEFAULT: webmaster
+LOC: Config.adminEmail
+DOC_START
+ Email-address of local cache manager who will receive
+ mail if the cache dies. The default is "webmaster."
+
+cache_mgr webmaster
+DOC_END
+
+
+NAME: cache_effective_user
+TYPE: effectiveuser
+DOC_START
+ If the cache is run as root, it will change its effective/real
+ UID/GID to the UID/GID specified below. The default is not to
+ change UID/GID.
+
+cache_effective_user nobody nogroup
+DOC_END
+
+
+NAME: visible_hostname
+TYPE: string
+LOC: Config.visibleHostname
+DOC_START
+ If you want to present a special hostname in error messages, etc,
+ then define this. Otherwise, the return value of gethostname()
+ will be used.
+
+visible_hostname www-cache.foo.org
+DOC_END
+
+
+# OPTIONS FOR THE CACHE REGISTRATION SERVICE
+#-----------------------------------------------------------------------------
+
+# This section contains parameters for the (optional) cache
+# announcement service. This service is provided to help
+# cache administrators locate one another in order to join or
+# create cache hierarchies.
+#
+# An 'announcement' message is sent (via UDP) to the registration
+# service by Squid. By default, the annoucement message is NOT
+# SENT unless you enable it with 'cache_announce' below.
+#
+# The announcement message includes your hostname, plus the
+# following information from this configuration file:
+#
+# http_port
+# icp_port
+# cache_mgr
+#
+# All current information is processed regularly and made
+# available on the Web at http://www.nlanr.net/Cache/Tracker/.
+
+
+NAME: cache_announce
+TYPE: cacheannounce
+DOC_START
+ This is how frequently to send cache announcements. The default
+ is `0' which disables sending the announcement messages.
+
+ To enable announcing your cache, just uncomment the line below.
+
+cache_announce 24
+DOC_END
+
+
+NAME: announce_to
+TYPE: announceto
+DOC_START
+ This is the hostname and portnumber where the registration message
+ will be sent.
+
+ Format: announce_to host[:port] [filename]
+
+ Hostname will default to 'sd.cache.nlanr.net' and port will default
+ to 3131. If the 'filename' argument is given, the contents of that
+ file will be included in the announce message.
+
+announce_to sd.cache.nlanr.net:3131
+DOC_END
+
+
+# HTTPD-ACCELERATOR OPTIONS
+#-----------------------------------------------------------------------------
+
+NAME: httpd_accel
+TYPE: httpdaccel
+DOC_START
+ If you want to run squid as an httpd accelerator, define the
+ host name and port number where the real HTTP server is.
+
+ If you want virtual host support then specify the hostname
+ as "virtual".
+
+httpd_accel real_httpd_host real_httpd_port
+DOC_END
+
+
+NAME: httpd_accel_with_proxy
+COMMENT: on|off
+TYPE: onoff
+DEFAULT: 0
+LOC: Config.Accel.withProxy
+DOC_START
+ If you want to use squid as both a local httpd accelerator
+ and as a proxy, change this to 'on'.
+
+httpd_accel_with_proxy off
+DOC_END
+
+
+NAME: httpd_accel_uses_host_header
+COMMENT: on|off
+TYPE: onoff
+LOC: opt_accel_uses_host
+DOC_START
+ HTTP/1.1 requests include a Host: header which is basically the
+ hostname from the URL. Squid can be an accelerator for
+ different HTTP servers by looking at this header. However,
+ Squid does NOT check the value of the Host header, so it opens
+ a big security hole. We recommend that this option remain
+ disabled unless you are sure of what you are doing.
+
+httpd_accel_uses_host_header off
+DOC_END
+
+
+# MISCELLANEOUS
+#-----------------------------------------------------------------------------
+
+NAME: dns_testnames
+TYPE: wordlist
+LOC: Config.dns_testname_list
+DOC_START
+ The DNS tests exit as soon as the first site is successfully looked up
+
+ If you want to disable DNS tests, do not comment out or delete this
+ list. Instead use the -D command line option
+
+dns_testnames internic.net usc.edu cs.colorado.edu mit.edu yale.edu
+DOC_END
+
+
+NAME: logfile_rotate
+TYPE: int
+DEFAULT: 10
+LOC: Config.Log.rotateNumber
+DOC_START
+ Specifies the number of logfile rotations to make upon receiving
+ a USR1 signal. The default is 10, which will rotate with
+ extensions 0 through 9. Setting logfile_rotate to 0 will
+ disable the rotation, but the logfiles are still closed and
+ re-opened. This will enable you to rename the logfiles yourself
+ just before sending a USR1 signal to the squid process.
+
+logfile_rotate 10
+DOC_END
+
+
+NAME: append_domain
+TYPE: appenddomain
+DOC_START
+ Appends local domain name to hostnames without any dots in them.
+ append_domain must begin with a period.
+
+append_domain .yourdomain.com
+DOC_END
+
+
+NAME: tcp_recv_bufsize
+TYPE: int
+DEFAULT: 0
+LOC: Config.tcpRcvBufsz
+DOC_START
+ Size of receive buffer to set for TCP sockets. Probably just
+ as easy to change your kernel's default. Set to zero to use
+ the default buffer size.
+
+tcp_recv_bufsize 0
+DOC_END
+
+
+NAME: ssl_proxy
+TYPE: proxy
+LOC: Config.sslProxy
+DOC_START
+ Specify the name of a 'cache_host' listed above, or a hostname
+ and port number where all SSL requests should be forwarded to.
+
+ Usage: ssl_proxy cache_host
+ ssl_proxy host:port
+
+ssl_proxy
+DOC_END
+
+
+NAME: passthrough_proxy
+TYPE: proxy
+LOC: Config.passProxy
+DOC_START
+ Specify the name of a 'cache_host' listed above, or a hostname
+ and port number where all non-GET (i.e. POST, PUT) requests
+ should be forwarded to.
+
+ Usage: passthrough_proxy cache_host
+ passthrough_proxy host:port
+
+passthrough_proxy
+DOC_END
+
+
+NAME: proxy_auth
+TYPE: proxyauth
+DOC_START
+ Usage: proxy_auth passwd_file [ ignore-domain ]
+
+ 'passwd_file' is an apache-style file of passwords for
+ authenticated proxy access Looks like user:password, with the
+ password being standard crypt() format. Proxy authentication
+ is disabled by default.
+
+ 'ignore-domain' is a domain name for which authorization will
+ *not* be required.
+
+ NOTE, proxy_auth support is not compiled into Squid by default.
+ To use this feature you must enable the USE_PROXY_AUTH option
+ near the top of src/Makefile.
+
+proxy_auth /dev/null
+DOC_END
+
+
+NAME: err_html_text
+TYPE: errhtml
+DOC_START
+ HTML text to include in error messages. Make this a "mailto"
+ URL to your admin address, or maybe just a link to your
+ organizations Web page.
+
+err_html_text
+DOC_END
+
+
+NAME: deny_info
+TYPE: denyinfo
+LOC: Config.denyInfoList
+DOC_START
+ Usage: deny_info URL acl
+
+ This can be used to return a HTTP redirect for requests which
+ do not pass the 'http_access' rules. A single ACL will cause
+ the http_access check to fail. If a 'deny_info' line exists
+ for that ACL then Squid returns a redirect to the given URL.
+DOC_END
+
+
+NAME: udp_hit_obj
+COMMENT: on|off
+TYPE: onoff
+LOC: opt_udp_hit_obj
+DOC_START
+ If set, Squid will request UDP_HIT_OBJ replies from its
+ neighbors. UDP_HIT_OBJ is nice because it saves bandwidth, but
+ it can cause some other problems. For one it complicates
+ calculating hit rates. Also, problems arise because the ICP
+ query does not contain any HTTP request headers which may
+ affect the reply.
+
+udp_hit_obj off
+DOC_END
+
+
+NAME: udp_hit_obj_size
+TYPE: int
+LOC: Config.udpMaxHitObjsz
+DOC_START
+ If set, Squid will limit UDP_HIT_OBJ size to be less than
+ this value. Setting this value to more than SQUID_UDP_SO_SNDBUF
+ will not work as expected. Set to zero to select the size
+ permited by the socket.
+udp_hit_obj_size 0
+DOC_END
+
+
+NAME: memory_pools
+COMMENT: on|off
+TYPE: onoff
+LOC: opt_mem_pools
+DOC_START
+ If set, Squid will keep pools of allocated (but unused) memory
+ available for future use. If memory is a premium on your
+ system, disable this.
+
+memory_pools on
+DOC_END
+
+NAME: forwarded_for
+COMMENT: on|off
+TYPE: onoff
+LOC: opt_forwarded_for
+DOC_START
+ If set, Squid will include your system's IP address or name
+ in the HTTP requests it forwards. By default it looks like
+ this:
+
+ X-Forwarded-For: 192.1.2.3
+
+ If you disable this, it will appear as
+
+ X-Forwarded-For: unknown
+
+forwarded_for on
+DOC_END
+
+NAME: log_icp_queries
+COMMENT: on|off
+TYPE: onoff
+DEFAULT: 1
+LOC: Config.Options.log_udp
+DOC_START
+ If set, ICP queries are logged to access.log. ICP logging
+ is enabled by default, so uncomment and change the line
+ below to disable it.
+
+log_icp_queries on
+DOC_END
+
+
+NAME: minimum_direct_hops
+TYPE: int
+DEFAULT: 4
+LOC: Config.minDirectHops
+DOC_START
+ If using the ICMP pinging stuff, do direct fetches for sites
+ which are no more than this many hops away.
+
+minimum_direct_hops 4
+DOC_END
+
+
+NAME: cachemgr_passwd
+TYPE: cachemgrpasswd
+DOC_START
+ Specify passwords for cachemgr operations.
+
+ Usage: cachemgr_passwd password action action ...
+
+ valid actions are:
+ shutdown *
+ info
+ stats/objects
+ stats/vm_objects
+ stats/utilization
+ stats/ipcache
+ stats/fqdncache
+ stats/dns
+ stats/redirector
+ stats/io
+ stats/reply_headers
+ stats/filedescriptors
+ stats/netdb
+ log/status *
+ log/enable *
+ log/disable *
+ log/clear *
+ log *
+ parameter
+ server_list
+ client_list
+ squid.conf *
+
+ * Indicates actions which will not be performed without a
+ valid password, others can be performed if not listed here.
+
+ To disable an action, set the password to "disable".
+ To allow performing an action without a password, set the
+ password to "none".
+
+ Use the keyword "all" to set the same password for all actions.
+
+cachemgr_passwd secret shutdown
+cachemgr_passwd lesssssssecret info stats/objects
+cachemgr_passwd disable all
+DOC_END
+
+
+# TAG: swap_level1_dirs
+# Number of first-level directories to create for storing cached
+# objects. Minimum 1, maximum 256, default 16.
+#
+#swap_level1_dirs 16
+
+# TAG: swap_level2_dirs
+# Number of sub-directories to create under each first-level
+# directory. Minimum 1, maximum 256, default 256.
+#
+#swap_level2_dirs 256
+
+NAME: store_avg_object_size
+TYPE: int
+DEFAULT: 20
+LOC: Config.Store.avgObjectSize
+DOC_START
+ Average object size, used to estimate number of objects your
+ cache can hold. See doc/Release-Notes-1.1.txt. The default is
+ 20K.
+
+store_avg_object_size 20
+DOC_END
+
+NAME: store_objects_per_bucket
+TYPE: int
+DEFAULT: 50
+LOC: Config.Store.objectsPerBucket
+DOC_START
+ Target number of objects per bucket in the store hash table.
+ Lowering this value increases the total number of buckets and
+ also the storage maintenance rate. The default is 20.
+
+store_objects_per_bucket 20
+DOC_END
+
+
+NAME: http_anonymizer
+TYPE: httpanonymizer
+LOC: Config.Options.anonymizer
+DOC_START
+ If you want to filter out certain HTTP request headers for
+ privacy reasons, enable this option. There are three
+ appropriate settings:
+ 'off' All HTTP request headers are passed.
+ 'standard' Specific headers are removed
+ 'paranoid' Only specific headers are allowed.
+ To see which headers are allowed or denied, please see the
+ http-anon.c source file.
+
+http_anonymizer off
+DOC_END
+
+
+NAME: client_db
+COMMENT: on|off
+TYPE: onoff
+DEFAULT: 1
+LOC: Config.Options.client_db
+DOC_START
+ If you want to disable collecting per-client statistics, then
+ turn off client_db here.
+
+client_db on
+DOC_END
+
+
+NAME: netdb_low
+TYPE: int
+DEFAULT: 900
+LOC: Config.Netdb.low
+DOC_NONE
+
+NAME: netdb_high
+TYPE: int
+DEFAULT: 1000
+LOC: Config.Netdb.high
+DOC_START
+ The low and high water marks for the ICMP measurement
+ database. These are counts, not percents. The defaults are
+ 900 and 1000. When the high water mark is reached, database
+ entries will be deleted until the low mark is reached.
+
+netdb_low 900
+netdb_high 1000
+DOC_END
+
+
+NAME: netdb_ping_period
+TYPE: time_sec
+LOC: Config.Netdb.period
+DOC_START
+ The minimum period for measuring a site. There will be at
+ least this much delay between successive pings to the same
+ network. The default is five minutes.
+
+netdb_ping_period 5 minutes
+DOC_END
+
+
+NAME: query_icmp
+COMMENT: on|off
+TYPE: onoff
+DEFAULT: 0
+LOC: Config.Options.query_icmp
+DOC_START
+ If you want to ask your peers to include ICMP data in their ICP
+ replies, enable this option.
+
+ If your peer has built squid with '-DUSE_ICMP=1' then that peer
+ will send ICMP pings to origin server sites of the URLs it
+ receives. If you enable this option then the ICP replies from
+ that peer will include the ICMP data (if available). Then,
+ when choosing a parent cache, Squid will choose the parent with
+ the minimal RTT to the origin server. When this happens, the
+ hierarchy field of the access.log will be
+ "CLOSEST_PARENT_MISS". This option is off by default.
+
+query_icmp off
+DOC_END
+
+NAME: clean_rate
+TYPE: time_sec
+LOC: Config.cleanRate
+DOC_START
+ XXX need docs
+DOC_END
+
+NAME: always_direct
+TYPE: acl_access
+LOC: Config.accessList.AlwaysDirect
+DOC_START
+ XXX need docs
+DOC_END
+
+NAME: never_direct
+TYPE: acl_access
+LOC: Config.accessList.NeverDirect
+DOC_START
+ XXX need docs
+DOC_END
+
+NAME: viz_hack_addr
+TYPE: vizhack
+DOC_START
+ XXX need docs
+DOC_END
+
+#NAME: proxy_auth_ignore
+#TYPE: regexplist_icase
+#LOC: Config.proxyAuth.IgnoreDomains
+#DOC_START
+# XXX need docs
+#DOC_END
+
+EOF
--- /dev/null
+/*
+ * $Id: cf_gen.cc,v 1.1 1997/06/26 22:29:30 wessels Exp $
+ *
+ * DEBUG: section 1 Startup and Main Loop
+ * AUTHOR: Max Okumoto
+ *
+ * SQUID Internet Object Cache http://squid.nlanr.net/Squid/
+ * --------------------------------------------------------
+ *
+ * Squid is the result of efforts by numerous individuals from the
+ * Internet community. Development is led by Duane Wessels of the
+ * National Laboratory for Applied Network Research and funded by
+ * the National Science Foundation.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ *
+ */
+
+/*****************************************************************************
+ * Abstract: This program parses the input file and generates code and
+ * files used to configure the variables in squid.
+ *
+ * The output files are as follows:
+ * cf_parser.c - this file contains, default_all() which
+ * initializes
+ * variables with the default values, parse_line() that
+ * parses line from squid.conf, dump_all that dumps the
+ * current the values of the variables.
+ * squid.conf - default configuration file given to the server
+ * administrator.
+ *****************************************************************************/
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <ctype.h>
+#include <assert.h>
+
+#define MAX_LINE 1024 /* longest configuration line */
+#define _PATH_PARSER "cf_parser.c"
+#define _PATH_SQUID_CONF "squid.conf"
+
+enum State {
+ sSTART,
+ s1,
+ sDOC,
+ sEXIT
+};
+
+typedef struct Line {
+ char *data;
+ struct Line *next;
+} Line;
+
+typedef struct Entry {
+ char *name;
+ char *type;
+ char *loc;
+ char *default_value;
+ char *comment;
+ Line *doc;
+ struct Entry *next;
+} Entry;
+
+
+static const char WS[] = " \t";
+static void gen_default(Entry *, FILE *);
+static void gen_parse(Entry *, FILE *);
+static void gen_dump(Entry *, FILE *);
+static void gen_conf(Entry *, FILE *);
+
+int
+main(int argc, char *argv[])
+{
+ FILE *fp;
+ char *input_filename = argv[1];
+ char *output_filename = _PATH_PARSER;
+ char *conf_filename = _PATH_SQUID_CONF;
+ int linenum = 0;
+ Entry *entries = NULL;
+ Entry *curr = NULL;
+ enum State state;
+
+ /*-------------------------------------------------------------------*
+ * Parse input file
+ *-------------------------------------------------------------------*/
+
+ /* Open input file */
+ if ((fp = fopen(input_filename, "r")) == NULL) {
+ perror(input_filename);
+ exit(1);
+ }
+ state = sSTART;
+ while (feof(fp) == 0 && state != sEXIT) {
+ char buff[MAX_LINE];
+
+ fgets(buff, MAX_LINE, fp);
+ linenum++;
+ *(strchr(buff, '\n')) = '\0';
+ switch (state) {
+ case sSTART:
+ if ((strlen(buff) == 0) || (!strncmp(buff, "#", 1))) {
+ /* ignore empty and comment lines */
+
+ } else if (!strncmp(buff, "NAME:", 5)) {
+ char *name;
+
+ if ((name = strtok(buff + 5, WS)) == NULL) {
+ printf("Error in input file\n");
+ exit(1);
+ }
+ curr = malloc(sizeof(Entry));
+ curr->name = strdup(name);
+ curr->loc = NULL;
+ curr->doc = NULL;
+ state = s1;
+
+ } else if (!strcmp(buff, "EOF")) {
+ state = sEXIT;
+
+ } else {
+ printf("Error on line %d\n", linenum);
+ exit(1);
+ }
+ break;
+
+ case s1:
+ if ((strlen(buff) == 0) || (!strncmp(buff, "#", 1))) {
+ /* ignore empty and comment lines */
+
+ } else if (!strncmp(buff, "COMMENT:", 8)) {
+ char *ptr = buff+8;
+ while(isspace(*ptr))
+ ptr++;
+ curr->comment = strdup(ptr);
+ } else if (!strncmp(buff, "DEFAULT:", 8)) {
+ char *ptr;
+
+ if ((ptr = strtok(buff + 8, WS)) == NULL) {
+ printf("Error on line %d\n", linenum);
+ exit(1);
+ }
+ curr->default_value = strdup(ptr);
+
+ } else if (!strncmp(buff, "LOC:", 4)) {
+ char *ptr;
+
+ if ((ptr = strtok(buff + 4, WS)) == NULL) {
+ printf("Error on line %d\n", linenum);
+ exit(1);
+ }
+ curr->loc = strdup(ptr);
+
+ } else if (!strncmp(buff, "TYPE:", 5)) {
+ char *ptr;
+
+ if ((ptr = strtok(buff + 5, WS)) == NULL) {
+ printf("Error on line %d\n", linenum);
+ exit(1);
+ }
+ curr->type = strdup(ptr);
+
+ } else if (!strcmp(buff, "DOC_START")) {
+ state = sDOC;
+
+ } else if (!strcmp(buff, "DOC_NONE")) {
+ /* add to list of entries */
+ curr->next = entries;
+ entries = curr;
+
+ state = sSTART;
+
+ } else {
+ printf("Error on line %d\n", linenum);
+ exit(1);
+ }
+ break;
+
+ case sDOC:
+ if (!strcmp(buff, "DOC_END")) {
+ Line *head = NULL;
+ Line *line = curr->doc;
+
+ /* reverse order of doc lines */
+ while (line != NULL) {
+ Line *tmp;
+ tmp = line->next;
+ line->next = head;
+ head = line;
+ line = tmp;
+ }
+ curr->doc = head;
+
+ /* add to list of entries */
+ curr->next = entries;
+ entries = curr;
+
+ state = sSTART;
+ } else {
+ Line *line = malloc(sizeof(Line));
+
+ line->data = strdup(buff);
+ line->next = curr->doc;
+ curr->doc = line;
+ }
+ break;
+
+ case sEXIT:
+ assert(0); /* should never get here */
+ break;
+ }
+ }
+ if (state != sEXIT) {
+ printf("Error unexpected EOF\n");
+ exit(1);
+ } else {
+ /* reverse order of entries */
+ Entry *head = NULL;
+
+ while (entries != NULL) {
+ Entry *tmp;
+
+ tmp = entries->next;
+ entries->next = head;
+ head = entries;
+ entries = tmp;
+ }
+ entries = head;
+ }
+ fclose(fp);
+
+ /*-------------------------------------------------------------------*
+ * Generate default_all()
+ * Generate parse_line()
+ * Generate dump_all()
+ * Generate example squid.conf file
+ *-------------------------------------------------------------------*/
+
+ /* Open output x.c file */
+ if ((fp = fopen(output_filename, "w")) == NULL) {
+ perror(output_filename);
+ exit(1);
+ }
+ fprintf(fp,
+ "/*\n"
+ " * Generated automatically from %s by %s\n"
+ " *\n"
+ " * Abstract: This file contains routines used to configure the\n"
+ " * variables in the squid server.\n"
+ " */\n"
+ "\n",
+ input_filename, argv[0]
+ );
+ gen_default(entries, fp);
+ gen_parse(entries, fp);
+ gen_dump(entries, fp);
+ fclose(fp);
+
+ /* Open output x.conf file */
+ if ((fp = fopen(conf_filename, "w")) == NULL) {
+ perror(conf_filename);
+ exit(1);
+ }
+ gen_conf(entries, fp);
+ fclose(fp);
+
+ return (0);
+}
+
+static void
+gen_default(Entry * head, FILE * fp)
+{
+ Entry *entry;
+ fprintf(fp,
+ "void\n"
+ "default_all(void)\n"
+ "{\n"
+ );
+ for (entry = head; entry != NULL; entry = entry->next) {
+ assert(entry->name);
+ if (entry->loc == NULL) {
+ fprintf(stderr, "NO LOCATION FOR %s\n", entry->name);
+ continue;
+ }
+ if (entry->default_value == NULL) {
+ fprintf(stderr, "NO DEFAULT FOR %s\n", entry->name);
+ continue;
+ }
+#ifdef OLD
+ if (!strcmp(entry->type, "string")) {
+ fprintf(fp, "\t%s = xstrdup(\"%s\");\n",
+ entry->loc, entry->default_value);
+ } else if (!strcmp(entry->type, "string_optional")) {
+ fprintf(fp, "\t%s = xstrdup(\"%s\");\n",
+ entry->loc, entry->default_value);
+ } else if (!strcmp(entry->type, "pathname_check")) {
+ fprintf(fp, "\t%s = xstrdup(\"%s\");\n",
+ entry->loc, entry->default_value);
+ } else {
+ fprintf(fp, "\t%s = %s;\n",
+ entry->loc, entry->default_value);
+ }
+#else
+ fprintf(fp, "\tparse_line(\"%s %s\");\n",
+ entry->name,
+ entry->default_value);
+#endif
+ }
+ fprintf(fp, "}\n\n");
+}
+
+static void
+gen_parse(Entry * head, FILE * fp)
+{
+ Entry *entry;
+
+ fprintf(fp,
+ "int\n"
+ "parse_line(char *buff)\n"
+ "{\n"
+ "\tint\tresult = 1;\n"
+ "\tchar\t*token;\n"
+ "\n"
+ "\tif ((token = strtok(buff, w_space)) == NULL) {\n"
+ "\t\t/* ignore empty lines */\n"
+ );
+
+ for (entry = head; entry != NULL; entry = entry->next) {
+ fprintf(fp,
+ "\t} else if (!strcmp(token, \"%s\")) {\n",
+ entry->name
+ );
+ if (entry->loc == NULL) {
+ fprintf(fp,
+ "\t\tparse_%s();\n",
+ entry->type
+ );
+ } else {
+ fprintf(fp,
+ "\t\tparse_%s(&%s);\n",
+ entry->type, entry->loc
+ );
+ }
+ }
+
+ fprintf(fp,
+ "\t} else {\n"
+ "\t\tresult = 0; /* failure */\n"
+ "\t}\n"
+ "\treturn(result);\n"
+ "}\n\n"
+ );
+}
+
+static void
+gen_dump(Entry * head, FILE * fp)
+{
+ Entry *entry;
+
+ fprintf(fp,
+ "void\n"
+ "dump_all(void)\n"
+ "{\n"
+ );
+
+ for (entry = head; entry != NULL; entry = entry->next) {
+ if (entry->loc == NULL) {
+ fprintf(fp, "\tprintf(\"%s = \");\n", entry->type);
+ fprintf(fp, "\tdump_%s();\n", entry->type);
+ } else {
+ fprintf(fp, "\tprintf(\"%s = \");\n", entry->loc);
+ fprintf(fp, "\tdump_%s(%s);\n", entry->type, entry->loc);
+ }
+ fprintf(fp, "\tprintf(\"\\n\");\n");
+ fprintf(fp, "\n");
+ }
+ fprintf(fp, "}\n\n");
+}
+
+static void
+gen_conf(Entry * head, FILE * fp)
+{
+ Entry *entry;
+
+ for (entry = head; entry != NULL; entry = entry->next) {
+ Line *line;
+
+ fprintf(fp, "# TAG: %s", entry->name);
+ if (entry->comment)
+ fprintf(fp, "\t%s", entry->comment);
+ fprintf(fp, "\n");
+ for (line = entry->doc; line != NULL; line = line->next) {
+ fprintf(fp, "#%s\n", line->data);
+ }
+ if (entry->doc != NULL) {
+ fprintf(fp, "\n");
+ }
+ }
+}
projects / thirdparty / squid.git / commitdiff
