Sorry for the slow response.
comments within []
Regards
Henrik
On Monday 03 December 2001 21.34, Gary Shelton wrote:
> greetings:
> Here's what i've got so far - just give me a shout with your changes,
> and i'll continue to whip it into shape.
>
> gary shelton
Version 2.5 Release Notes
Changes to squid.conf
https_port
This new option specifies the socket address where squid will listen for
HTTPS client requests. This is used where squid is running in accelerator
mode and any SSL work is to be done at the acelerator level.
ssl_unclean_shutdown
This new option allows SSL to terminate without a shutdown message. This is
useful to prevent crashes from certain browsers (MSIE).
Udp_incoming_address
Udp_outgoing address
New configuration choices for these optios are the ability to specify a
password for an upstream proxy, and the ability to limit the number of
connections squid may open to a peer.
[this is malplaced.. the change relates to cache_peer]
Hosts_file
This new option specifies the local hostname-IP address association database.
Auth_param
This new optin is used to pass parameters to the various authentication
schemes.
Request_body_max_size
The default for this option has changed from 1 MB to 0 (no limit).
Acl aclname max_user_ip
This acl will limit the number of concurrent multiple IP connections
(cnnections from multiple IP addresses).
Tcp_outgoing_tos
Tcp_outgoing_ds
Tcp_outgoing_dscp
These new options allow you to select a TOS/Diffserv value to mark outgoing
connections with, based upon the username or source address making the
request.
[tcp_outgoing_address has also been extended in a similar fashion]
Header_ccess
This option replaces the old 'anonymize_headers' and the older
'http_anonymizer' options with the ability to use ACLs to fine-tune header
mangling.
Header_replace
This new option allows you to change the contents of headers denied with
header_acces. This replaced the 'fake_user_agent' option.
Vary_ignore_expire
This new option allows squid to ignore immediate expiry times on Vary objects.
Sleep_after_fork
This new option allows the main squid process to sleep a number of
microseconds after a fork) system call.
Reply_body_max_size
This option specifies the maximum size of a reply body. It can be used to
prevent users from downloading very large files, such as MP3s and movies.
http_reply_access
This option allows replies to client requests. It isa complementary option to
http_access.
[This new option allows access control based on replies to client requests...
(as above). Examples of use is to control access based on reply content type]
Changes to configure
--with-aufs-threads=N_THREADS
Use this option along with the --enable-storeio="aufs". This tunes the number
of worker threads for the aufs object store.
--with-openssl[=prefix]
Compile squidwith the OpenSSL libriares.
--enable-auth=\"list of auth scheme modules\"
Build support for the list of authentication schemes. The default is to build
support for the Basic scheme, with a list of available modules in src/auth.
The programmer's Guide secion on authentication schemes has details on ow to
build your own custom auth scheme module.
--enable-basic-auth-helpers=\"list of helpers\"
This option selects which basic auth scheme helpers to build and install. For
a list of available helpers see thesrc/auth/basic/helpers directory.
--enable-ntlm-auth-helpers=\"list of helpers\"
This options selects which ntlm auth scheme helpers to build and install. For
a list of available helpers see the src/auth/ntlm/helpers directory.
--enable-digest-auth-helprs=\"list of helpers\"
This options selects which digest scheme authentication helpers to build and
install. For a list of available helpers see the src/auth/digest/helpers
directory.
--enable-ntlm-fail-open
This option enables NTLM Fail open, where a heper that fails one of the
Authentication steps can allow squit to still authenticat the user.
--enable-x-accelerator-vary
This option enables support for the X-Accelerator-Vary http header. This can
be used to indicate variance within an accelerator setu. This is typically
used together with other code that adds custom http headers to the requests.
Received on Thu Dec 27 2001 - 09:08:01 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:14:42 MST