Squid Proxy Server 3.1 Beginner's Guide -- Table of Contents -- Squid Proxy Server 3.1 Beginner's Guide -- Credits -- About the Author -- About the Reviewers -- www.PacktPub.com -- Support files, eBooks, discount offers, and more -- Why Subscribe? -- Free Access for Packt account holders -- Preface -- What this book covers -- What you need for this book -- Who this book is for -- Conventions -- Time for action - heading -- What just happened? -- Pop quiz -- Have a go hero - heading -- Reader feedback -- Customer support -- Errata -- Piracy -- Questions -- 1. Getting Started with Squid -- Proxy server -- Reverse proxy -- Getting Squid -- Time for action - identifying the right version -- What just happened? -- Methods of obtaining Squid -- Using source archives -- Time for action - downloading Squid -- What just happened? -- Obtaining the latest source code from Bazaar VCS -- Time for action - using Bazaar to obtain source code -- What just happened? -- Have a go hero - fetching the source code -- Using binary packages -- Installing Squid -- Installing Squid from source code -- Compiling Squid -- Why compile? -- Uncompressing the source archive -- Configure or system check -- --prefix -- --enable-gnuregex -- --disable-inline -- --disable-optimizations -- --enable-storeio -- --enable-removal-policies -- --enable-icmp -- --enable-delay-pools -- --enable-esi -- --enable-useragent-log -- --enable-referer-log -- --disable-wccp -- --disable-wccpv2 -- --disable-snmp -- --enable-cachemgr-hostname -- --enable-arp-acl -- --disable-htcp -- --enable-ssl -- --enable-cache-digests -- --enable-default-err-language -- --enable-err-languages -- --disable-http-violations -- --enable-ipfw-transparent -- --enable-ipf-transparent -- --enable-pf-transparent -- --enable-linux-netfliter -- --enable-follow-x-forwarded-for -- --disable-ident-lookups.

disable-internal-dns -- --enable-default-hostsfile -- --enable-auth -- Old Syntax -- New Syntax -- --enable-auth-basic -- --enable-auth-ntlm -- --enable-auth-negotiate -- --enable-auth-digest -- --enable-ntlm-fail-open -- --enable-external-acl-helpers -- --disable-translation -- --disable-auto-locale -- --disable-unlinkd -- --with-default-user -- --with-logdir -- --with-pidfile -- --with-aufs-threads -- --without-pthreads -- --with-openssl -- --with-large-files -- --with-filedescriptors -- Have a go hero - file descriptors -- Time for action - running the configure command -- What just happened? -- Have a go hero - debugging configure errors -- Time for action - compiling the source -- What just happened? -- Time for action - installing Squid -- What just happened? -- Time for action - exploring Squid files -- bin -- bin/squidclient -- etc -- etc/squid.conf -- etc/squid.conf.default -- etc/squid.conf.documented -- libexec -- libexec/cachemgr.cgi -- sbin -- sbin/squid -- share -- share/errors -- share/icons -- share/man -- var -- var/cache -- var/logs -- What just happened? -- Installing Squid from binary packages -- Fedora, CentOS or Red Hat -- Debian or Ubuntu -- FreeBSD -- OpenBSD or NetBSD -- Dragonfly BSD -- Gentoo -- Arch Linux -- Pop quiz -- Summary -- 2. Configuring Squid -- Quick start -- Syntax of the configuration file -- Types of directives -- Single valued directives -- Boolean-valued or toggle directives -- Multi-valued directives -- Directives with time as a value -- Directives with file or memory size as values -- Have a go hero - categorize the directives -- HTTP port -- Time for action - setting the HTTP port -- What just happened? -- Access control lists -- Time for action - constructing simple ACLs -- What just happened? -- Have a go hero - understanding the pre-defined ACLs -- Controlling access to the proxy server.

HTTP access control -- Time for action - combining ACLs and HTTP access -- What just happened? -- HTTP reply access -- ICP access -- HTCP access -- HTCP CLR access -- Miss access -- Ident lookup access -- Cache peers or neighbors -- Declaring cache peers -- Time for action - adding a cache peer -- What just happened? -- Quickly restricting access to domains using peers -- Advanced control on access using peers -- Caching web documents -- Using main memory (RAM) for caching -- In-transit objects or current requests -- Hot or popular objects -- Negatively cached objects -- Specifying cache space in RAM -- Time for action - specifying space for memory caching -- What just happened? -- Have a go hero - calculating cache_mem for your machine -- Maximum object size in memory -- Memory cache mode -- Using hard disks for caching -- Specifying the storage space -- Storage types -- Choosing a directory name or location -- Time for action - creating a cache directory -- What just happened? -- Declaring the size of the cache -- Configuring the number of sub directories -- Read-only cache -- Time for action - adding a cache directory -- What just happened? -- Cache directory selection -- Cache object size limits -- Setting limits on object replacement -- Cache replacement policies -- Least recently used (LRU) -- Greedy dual size frequency (GDSF) -- Least frequently used with dynamic aging (LFUDA) -- Tuning Squid for enhanced caching -- Selective caching -- Time for action - preventing the caching of local content -- What just happened? -- Refresh patterns for cached objects -- Time for action - calculating the freshness of cached objects -- What just happened? -- Options for refresh pattern -- override-expire -- override-lastmod -- reload-into-ims -- ignore-reload -- ignore-no-cache -- ignore-no-store -- ignore-must-revalidate -- ignore-private -- ignore-auth.

refresh-ims -- Have a go hero - forcing the Google homepage to be cached for longer -- Aborting the partial retrievals -- Caching the failed requests -- Playing around with HTTP headers -- Controlling HTTP headers in requests -- Controlling HTTP headers in responses -- Replacing the contents of HTTP headers -- DNS server configuration -- Specifying the DNS program path -- Controlling the number of DNS client processes -- Setting the DNS name servers -- Time for action - adding DNS name servers -- What just happened? -- Setting the hosts file -- Default domain name for requests -- Timeout for DNS queries -- Caching the DNS responses -- Setting the size of the DNS cache -- Logging -- Log formats -- Log file rotation or log file backups -- Log access -- Buffered logs -- Strip query terms -- URL rewriters and redirectors -- Other configuration directives -- Setting the effective user for running Squid -- Configuring hostnames for the proxy server -- Hostname visible to everyone -- Unique hostname for the server -- Controlling the request forwarding -- Always direct -- Never direct -- Hierarchy stoplist -- Broken posts -- TCP outgoing address -- PID filename -- Client netmask -- Pop quiz -- Summary -- 3. Running Squid -- Command line options -- Getting a list of available options -- Time for action - listing the options -- What just happened? -- Getting information about our Squid installation -- Time for action - finding out the Squid version -- What just happened? -- Creating cache or swap directories -- Time for action - creating cache directories -- What just happened? -- Have a go hero - adding cache directories -- Using a different configuration file -- Getting verbose output -- Time for action - debugging output in the console -- What just happened? -- Full debugging output on the terminal -- Running as a normal process.

Parsing the Squid configuration file for errors or warnings -- Time for action - testing our configuration file -- What just happened? -- Sending various signals to a running Squid process -- Reloading a new configuration file in a running process -- Shutting down the Squid process -- Interrupting or killing a running Squid process -- Checking the status of a running Squid process -- Have a go hero - check the return value -- Sending a running process in to debug mode -- Rotating the log files -- Forcing the storage metadata to rebuild -- Double checking swap during rebuild -- Automatically starting Squid at system startup -- Adding Squid command to /etc/rc.local file -- Adding init script -- Time for action - adding the init script -- What just happened? -- Pop quiz -- Summary -- 4. Getting Started with Squid's Powerful ACLs and Access Rules -- Access control lists -- Fast and slow ACL types -- Source and destination IP address -- Time for action - constructing ACL lists using IP addresses -- What just happened? -- Time for action - using a range of IP addresses to build ACL lists -- What just happened? -- Have a go hero - make a list of the client IP addresses in your network -- Identifying local IP addresses -- Client MAC addresses -- Source and destination domain names -- Time for action - constructing ACL lists using domain names -- What just happened? -- Have a go hero - make a list of domains hosted in your local network -- Regular expressions for domain names -- Destination port -- Time for action - building ACL lists using destination ports -- What just happened? -- Local port name -- HTTP methods -- Identifying requests using the request protocol -- Time for action - using a request protocol to construct access rules -- What just happened? -- Time-based ACLs -- URL and URL path-based identification.

Have a go hero - ACL list for audio content.