Now takes a list of options in addition to the port address, specifying the purpose of this http_port. Default is plain Internet proxy as usual.
Now implemented by the "transparent" http_port option
Now implemented by other options and the http_port accel option. See individual directives below.
Replaced by defaultsite http_port option and cache_peer originserver option.
No longer needed. Server port defined by the cache_peer port.
Replaced by vhost http_port option
Many new options. Reconstructs URLs as https:// by default.
Many new options to support origin servers and SSL encryption
New directive for hardware assisted SSL encryption
New directives defining how to gateway http->https
New helper directive to query an external program for SSL key encryption password (if any)
Renamed to cache to better reflect the functionaliy. no_cache still accepted.
New name for the old no_cache directive.
New directive to disable caching of Vary:ing responses
New directive to work around known broken compression modules which hasn't understood the meaning of the ETag HTTP header in relation to Accept-Encoding.
New directive for defining custom log formats
Renamed to access_log
Select what requests to log where any by what format. Support for multiple log files and multiple log formats.
New option to disable the hostname validity/sanity checks usually performed by Squid, replacing the similar build time configure option in 2.5.
New option to allow _ in hostnames, replacing the similar build time configure option in 2.5 and earlier.
Allow for domain searches. Now possible even when using the internal DNS client
Renamed to url_rewrite_* to better reflect the functionality of this helper (rewriting requested URLs)
Activates a new and more efficient helper protocol. Requires changes in the helper.
New helper hook for rewriting Location headers
New option to allow the use of blank passwords.
New option enabling a multiplexed helper protocol allowing the same helper to process multiple concurrent requests in an efficient manner. Requires support from the helper. (2.6.STABLE2 and later)
No longer supported
Directive no longer supported. Use of NTLM negotiate packet is always on.
New option to fine-tune the use of HTTP keep-alive in combination with NTLM
New Negotiate authentication scheme, the "next generation" scheme in the family of Microsoft authentication.
Many new format options %SRCPORT, %MYADDR, %MYPORT, %PATH, %USER_CERT, %ACL, %DATA and a few variants. Helper protocol defaults to the simpler "3.0" protocol, and there is support for a highly efficient protocol via the concurrency= option if supported by the helper.
Several new HTTP override/ignore options
New directive to set the response buffer size.
New directive to enable an alternative optimized forwarding path when there is very many concurrent requests for the same URL.
New directive similar to collapsed_forwarding and activates an alternative optimized request processing when there is very many concurrent requests for the same recently expired URL.
New acl class
New acl class matching the user SSL certificate (https_port)
New acl class matching the CA of the user SSL certificate (https_port)
New acl matching usernames returned by external acl
New option to enable parsing of X-Forwarded-For headers allowing access controls to be based on the real client IP even if behind secondary proxies
New http_access type directive but evaluated after url rewrites
Access control on HTCP requests
New directive to limit what gets logged.
Enable hiding of the Squid version
New directive to specify the minimum umask Squid should run under
New directive to allow dynamic rewrites of error pages
New directive to disable the use of the Via directive
WCCP2 protocol support
tune the magic 60 seconds limit of what is considered cachable when the object doesn't have any cache validators. (2.6.STABLE2)
make Squid delay registering with a WCCP router until store rebuild have finished. Default on. (2.6.STABLE2)
Cache server load weigth in the cluster. (2.6.STABLE4)
Control if Squid should check the sanity of host names before trying to look them up in DNS
Control if _ is to be considered a valid character in hostnames or not
Option removed. CARP now uses the weight parameter instead.
There is a few known issues in this version of Squid which we hope to correct in a later release
In addition there is a set of limitations in this version of Squid which we hope to correct later
Ipfilter 4.x compile problem on HP Tru64
checking if IP-Filter header files are installed... no WARNING: Cannot find necessary IP-Filter header files Transparent Proxy support WILL NOT be enabledTo fix the problem first check if the ip_fil.h, ip_compat.h, ip_nat.h and ipl.h files are present in /usr/include/netinet and copy them from ipfilter source tree if needed. Don't forget to fix files permission and ownership after the copy.
env ac_cv_header_netinet_ip_compat_h=yes ./configure --enable-ipf-transparent
This Squid version can run on Windows as a system service using the Cygwin emulation environment,
or can be compiled in Windows native mode using the MinGW + MSYS development environment. Windows NT 4 SP4 and later are supported.
On Windows 2000 and later the service is configured to use the Windows Service Recovery option
restarting automatically after 60 seconds.
Some new command line options was added for the Windows service support:
The service installation is made with -i command line switch, it's possible to use -f switch at the same time for specify a different config-file settings for the Squid Service that will be stored on the Windows Registry.
A new -n switch specify the Windows Service Name, so multiple Squid instance are allowed. "Squid" is the default when the switch is not used.
So, to install the service, the syntax is:
squid -i [-f file] [-n name]
Service uninstallation is made with -r command line switch with the appropriate -n switch.
The -k switch family must be used with the appropriate -f and -n switches, so the syntax is:
squid -k command [-f file] -n service-namewhere service-name is the name specified with -n options at service install time.
To use the Squid original command line, the new -O switch must be used ONCE, the syntax is:
squid -O cmdline [-n service-name]If multiple service command line options must be specified, use quote. The -n switch is needed only when a non default service name is in use.
Don't use the "Start parameters" in the Windows 2000/XP/2003 Service applet: they are specific to Windows services functionality and Squid is not designed for understand they.
In the following example the command line of the "squidsvc" Squid service is set to "-D -u 3130":
squid -O "-D -u 3130" -n squidsvc
The process status helper functions make it easier for you to obtain information about processes and device drivers running on Microsoft� Windows NT�/Windows� 2000. These functions are available in PSAPI.DLL, which is distributed in the Microsoft� Platform Software Development Kit (SDK). The same information is generally available through the performance data in the registry, but it is more difficult to get to it. PSAPI.DLL is freely redistributable.
PSAPI.DLL is available only on Windows NT, 2000, XP and 2003. The implementation in Squid is aware of this, and try to use it only on the right platform.
On Windows NT PSAPI.DLL can be found as component of many applications, if you need it, you can find it on Windows NT Resource KIT. If you have problem, it can be downloaded from here: http://download.microsoft.com/download/platformsdk/Redist/4.0.1371.1/NT4/EN-US/psinst.EXE
On Windows 2000 and later it is available installing the Windows Support Tools, located on the Support\Tools folder of the installation Windows CD-ROM.
On Windows platforms, if no value is specified in the dns_nameservers option on squid.conf or in the /etc/resolv.conf file, the list of DNS name servers are taken from the Windows registry, both static and dynamic DHCP configurations are supported.
acl blocklist url_regex -i "c:/squid/etc/blocked1.txt"
redirect_program c:/perl/bin/perl.exe c:/squid/libexec/redir.pl redirect_program c:/winnt/system32/cmd.exe /C c:/squid/libexec/redir.cmd
A reasonably recent release of
Cygwin or
MinGW is needed.
The usage of the Cygwin environment is very similar to other Unix/Linux environments, and -devel version of libraries must be installed.
For the MinGW environment, the packages MSYS, MinGW and msysDTK must be installed. Some additional libraries and tools must be downloaded separately:
OpenSSL:
Shining Light Productions Win32 OpenSSL
libcrypt:
MinGW packages repository
db-1.85:
TinyCOBOL download area
uudecode:
Native Win32 ports of some GNU utilities
When running configure, --disable-wccp and --disable-wccpv2 options should always specified to avoid compile errors.
On Windows, cache manager (cachemgr.cgi) can be used with Microsoft IIS or Apache.
Some specific configuration could be needed:
ScriptAlias /squid/cgi-bin/ "c:/squid/libexec/" <Location /squid/cgi-bin/cachemgr.cgi> PassEnv TMP TEMP Order allow,deny Allow from workstation.example.com </Location>