サクサク読めて、アプリ限定の機能も多数!
トップへ戻る
TGS2024
wiki.squid-cache.org
🔗 Feature: SslBump Peek and Splice Goal: Make bumping decisions after the origin server name is known, especially when transparently intercepting TLS/SSL. Avoid bumping non-TLS traffic. Status: completed. Version: 3.5 Developer: AlexRousskov and Christos Tsantilas 🔗 Motivation “Peek and Splice” is a collection of new SslBump actions and related features introduced in Squid-3.5. Older Squids used
🔗 Feature: HTTPS (HTTP Secure or HTTP over TLS) Version: 2.5 More: RFC 2817, 2818, Features/SHTTP When a client comes across an https:// URL, it can do one of three things: open an TLS connection directly to the origin server, or open a tunnel through a proxy to the origin server using the CONNECT request method, OR open an TLS connection to a secure proxy. Squid interaction with these traffic ty
🔗 Feature: Rock Store Goal: Disk cache performance within 80% of modern hardware limits. Status: completed. Version: 3.2 Developer: AlexRousskov More: unofficial v3.1 implementation and future large responses support. 🔗 Scope Large, busy sites need a disk storage scheme that approaches hardware limits on modern systems with 8+GB of RAM, 4+ CPU cores, and 4+ dedicated, 75+GB 10+K RPM disks. Rock
🔗 Access Controls in Squid 🔗 The Basics: How the parts fit together Squid’s access control scheme is relatively comprehensive and difficult for some people to understand. There are two different components: ACL elements, and access lists. An access list consists of an allow or deny action followed by a number of ACL elements. When loading the configuration file Squid processes all the acl lines
🔗 Feature: Squid-in-the-middle SSL Bump Goal: Enable ICAP inspection of SSL traffic. Version: 3.1 to 3.4. Developer: AlexRousskov, Christos Tsantilas More: See also dynamic SSL certificate generation and origin server certificate mimicking features. 🔗 Details This feature was replaced in Squid-3.5 by peek-n-splice This feature was replaced in Squid-3.3 by server-first Squid-in-the-middle decrypt
🔗 Reverse Proxy with Multiple Backend Web Servers 🔗 Sending different requests to different backend web servers To control which web servers (cache_peer) gets which requests the cache_peer_access directives is used. These directives limit which requests may be sent to a given peer. For example the websites are hosted like this on two servers: www.example.com hosted on server1 example.com hosted
This configuration MUST appear at the top of squid.conf above any other forward-proxy configuration (http_access etc). Otherwise the standard proxy access rules block some people viewing the accelerated site. If you are using Squid-3.1 or older has an accelerator for a domain based virtual host system then you need to additionally specify the vhost option to http_port http_port 80 accel defaultsit
🔗 Catalog of configuration examples these examples are provided in the hope that they will be helpful, there is no warranty that they are up to date or that they will work in any specific use case Caching Adobe Products and Updates Linux traffic Interception at source using DNAT Configuring a Basic Reverse Proxy (Website Accelerator) Blocking Content Based on MIME Types Blocking TLD by Squid Bypa
🔗 Squid Log Files The logs are a valuable source of information about Squid workloads and performance. The logs record not only access information, but also system configuration errors and resource consumption (e.g. memory, disk space). There are several log file maintained by Squid. Some have to be explicitly activated during compile time, others can safely be deactivated during run-time. There
🔗 Squid Web Cache documentation This wiki is dedicated to hosting Squid Web Cache documentation, including the FAQ, KnowledgeBase articles, ConfigExamples, and the development RoadMap 🔗 Starting points Why Squid ? FAQ Development Road Map Configuration examples, or tips on how to address specific scenarios A detailed description of many squid Features, including specific documentation about them
🔗 Configuring Squid 🔗 Before you start configuring by Gregori Parker The best all around advice I can give on Squid is to start simple! Once everything works the way you expect, then start tweaking your way into complexity with a means to track the (in)effectiveness of each change you make (and a known good configuration that you can always go back to when you inevitably fubar the thing!). 🔗 Ho
🔗 Operating Squid 🔗 How do I see system level Squid statistics? The Squid distribution includes a CGI utility called cachemgr.cgi which can be used to view squid statistics with a web browser. See CacheManager for more information on its usage and installation. 🔗 How can I make Squid NOT cache some servers or URLs? You can use the cache option to specify uncachable requests and any exceptions t
🔗 Squid Web Cache FAQ 🔗 Introduction What is Squid? 🔗 Installation and Use Binary Packages for Squid Compiling Squid Configuring Squid Configuring web browsers to use squid How big of a system do I need to run Squid? Installing Squid common security pitfalls 🔗 Modes of operation Explicit Proxy (or Forward Proxy) is the basic mode, upon which everything else is built. Offline or aggressive mode
🔗 Caching YouTube Content squid-users mailing list. This page is ongoing development. Not least because it must keep up with youtube.com alterations. If you start to experience problems with any of these configs please first check back here for updated config. Google/YouTube changed their system to be more secure and due to this the article in it’s current state is not applicable. You will need t
🔗 Reverse Proxy 🔗 What is a Reverse Proxy? 🔗 What is the Reverse Proxy Mode? 🔗 What is the httpd-accelerator mode? (in Squid v2) 🔗 What is the Accelerator (accel) mode? (in Squid v3-v6) The terms Accelerator Proxy, httpd-accelerator, and Reverse Proxy were all used in the past to describe what the HTTP Standard now officially defines as a Gateway Proxy. To the FAQ Index Navigation: Site Searc
🔗 Squid’s Inner Workings 🔗 What are cachable objects? An Internet Object is a file, document or response to a query for an Internet service such as FTP, HTTP, or gopher. A client requests an Internet object from a caching proxy; if the object is not already cached, the proxy server fetches the object (either from the host specified in the URL or from a parent or sibling cache) and delivers it to
MoinMoin PoweredDesign by FrancescoChemolli (credits) Hosting donated by MessageNetContents are © their respective authors, licensed under the Creative Commons Attribution Sharealike 2.5 License Squid Wiki This wiki is dedicated to hosting Squid Web Cache documentation, including the FAQ, KnowledgeBase articles, ConfigExamples, and the development RoadMap. Anyone is invited to contribute to this w
What is COSS? COSS is a Cyclic Object storage system originally designed by Eric Stern. COSS works with a single file, and each stripe is a fixed size an in a fixed position in the file. The stripe size is a compile-time option. As objects are written to a COSS stripe, their place is pre-reserved and data is copied into a memory copy of the stripe. Because of this, the object size must be known be
このページを最初にブックマークしてみませんか?
『Squid Web Cache documentation』の新着エントリーを見る
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く