A User's Guide

Oskar Pearson

Qualica Technologies (Pty) Ltd, South Africa.

All trademarks used in this document are owned by their respective companies. This document makes no ownership claim of any trademark(s). If you wish to have your trademark removed from this document, please contact the copyright holder. No disrespect is meant by any use of other companies trademarks in this document.

Note: This document is not (yet) to be mirrored; copying for personal or company-wide use or printing is perfectly acceptable. Once the document is in a stable state, the document will be released under the GNU Free Documentation License. (http://www.gnu.org/copyleft/fdl.html), and mirroring will be allowed.

There are many mirrors of the old Squid User's Guide out there, which will all now have effectively useless mirrors; don't mirror this documentation at your site unless you are willing to keep it up to date!

This document will shortly be released under the GNU Free Documentation License.

Table of Contents
1. Overall Layout (for writers)
2. Terminology and Technology
What Squid is
Why Cache?
What Squid is not
Supported Protocols
Supported Client Protocols
Inter Cache and Management Protocols
Inter-Cache Communication Protocols
Firewall Terminology
The Two Types of Firewall
Firewalled Segments
Hand Offs
3. Installing Squid
Hardware Requirements
Gathering statistics
Hard Disks
RAM requirements
CPU Power
Choosing an Operating System
Basic System Setup
Default Squid directory structure
User and Group IDs
Getting Squid
Getting the Squid source code
Getting Binary Versions of Squid
Compiling Squid
Compilation Tools
Unpacking the Source Archive
Compilation options
Running configure
Compiling the Squid Source
Installing the Squid binary
4. Squid Configuration Basics
Version Control Systems
The Configuration File
Setting Squid's HTTP Port
Using Port 80
Email for the Cache Administrator
Effective User and Group ID
FTP login information
Access Control Lists and Access Control Operators
Simple Access Control
Ensuring Direct Access to Internal Machines
Communicating with other proxy servers
Your ISP's cache
Firewall Interactions
5. Starting Squid
Before Running Squid
Subdirectory Permissions
Running Squid
Testing Squid
Testing a Cache or Proxy Server with Client
6. Browser Configuration
Basic Configuration
Advanced Configuration
Basic Configuration
Host name
Browser-cache Interaction
Testing the Cache
Cache Auto-config
Web server config changes for autoconfig files
Autoconfig Script Coding
Cache Array Routing Protocol
cgi generated autoconfig files
Future directions
Ready to Go
7. Access Control and Access Control Operators
Uses of ACLs
Access Classes and Operators
Acl lines
A unique name
Decision String
Types of acl
Acl-operator lines
The other Acl-operators
SNMP Configuration
Querying the Squid SNMP server on port 3401
Running multiple SNMP servers on a cache machine
Delay Classes
Slowing down access to specific URLs
The Second Pool Class
The Second Pool Class
The Third Pool Class
Using Delay Pools in Real Life
8. Cache Hierarchies
Why Peer
Peer Configuration
The cache_peer Option
Peer Selection
Selecting by Destination Domain
Selecting with Acls
Other Peering Options
Multicast Cache Communication
Getting your machine ready for Multicast
Querying a Multicast Cache
Accepting Multicast Queries: The mcast_groups option
Other Multicast Cache Options
Cache Digests
Cache Hierarchy Structures
Two Peering Caches
Load Balancing Servers
The Cache Array Routing Protocol (CARP)
9. Accelerator Mode
When to use Accelerator Mode
Acceleration of a slow server
Replacing a combination cache/web server with Squid
Transparent Caching
Accelerator Configuration Options
The httpd_accel_host option
The httpd_accel_port option
The httpd_accel_with_proxy option
The httpd_accel_uses_host_header option
Related Configuration Options
The redirect_rewrites_host_header option
Refresh patterns
Access Control
Example Configurations
Replacing a Combination Web/Cache server
Accelerating Requests to a Slow Server
10. Transparent Caching
The Problem with Transparency
The Transparent Caching Process
Some Routing Basics
Packet Flow with Transparent Caches
Network Layout
Filtering Traffic
Unix machines
Routers (not done)
Layer-Four Switches (not done)
Kernel Redirection (not done)
Squid Settings (not done)
11. Not Yet Done: Squid Config files and options