squid 2.6出來了,有人研究么?
老的配置文件在新版運行會報錯
好像增加一些新功能
《解決方案》
嗯,我用了,感覺還不錯。
《解決方案》
原帖由 happygrid 於 2006-7-5 14:52 發表
老的配置文件在新版運行會報錯
好像增加一些新功能
應該先去看 ChangeLog
《解決方案》
http_port
Now takes a list of options in addition to the port address, specifying the purpose of this http_port. Default is plain Internet proxy as usual.
httpd_accel_* for transparent proxy
Now implemented by the "transparent" http_port option
httpd_accel_host
Replaced by defaultsite http_port option and cache_peer originserver option.
httpd_accel_port
No longer needed. Server port defined by the cache_peer port.
httpd_accel_uses_host_header
Replaced by vhost http_port option
https_port
Many new options. Reconstructs URLs as https:// by default.
cache_peer
Many new options to support origin servers and SSL encryption
ssl_engine
New directive for hardware assisted SSL encryption
sslproxy_*
New directives defining how to gateway http->https
sslpassword_program
New helper directive to query an external program for SSL key encryption password (if any)
no_cache
Renamed to cache to better reflect the functionaliy. no_cache still accepted.
cache
New name for the old no_cache directive.
cache_vary
New directive to disable caching of Vary:ing responses
broken_vary_encoding
New directive to work around known broken compression modules which hasn't understood the meaning of the ETag HTTP header in relation to Accept-Encoding.
logformat
New directive for defining custom log formats
cache_access_log
Renamed to access_log
access_log
Select what requests to log where any by what format. Support for multiple log files and multiple log formats.
check_hostnames
New option to disable the hostname validity/sanity checks usually performed by Squid, replacing the similar build time configure option in 2.5.
allow_underscore
New option to allow _ in hostnames, replacing the similar build time configure option in 2.5 and earlier.
dns_defnames
Allow for domain searches. Now possible even when using the internal DNS client
redirect_*
Renamed to url_rewrite_* to better reflect the functionality of this helper (rewriting requested URLs)
url_rewrite_concurrency
Activates a new and more efficient helper protocol. Requires changes in the helper.
location_rewrite_*
New helper hook for rewriting Location headers
auth_param basic blankpassword
New option to allow the use of blank passwords.
auth_param ntlm max_challenge_reuse / max_challenge_lifetime
No longer supported
auth_param ntlm use_ntlm_negotiate
Directive no longer supported. Use of NTLM negotiate packet is always on.
auth_param ntlm keep_alive
New option to fine-tune the use of HTTP keep-alive in combination with NTLM
auth_param negotiate
New Negotiate authentication scheme, the "next generation" scheme in the family of Microsoft authentication.
external_acl_type
Many new format options %SRCPORT, %MYADDR, %MYPORT, %PATH, %USER_CERT, %ACL, %DATA and a few variants. Helper protocol defaults to the simpler "3.0" protocol, and there is support for a highly efficient protocol via the concurrency= option if supported by the helper.
refresh_pattern
Several new HTTP override/ignore options
read_ahead_gap
New directive to set the response buffer size.
collapsed_forwarding
New directive to enable an alternative optimized forwarding path when there is very many concurrent requests for the same URL.
refresh_stale_hit
New directive similar to collapsed_forwarding and activates an alternative optimized request processing when there is very many concurrent requests for the same recently expired URL.
acl urlgroup
New acl class
acl user_cert
New acl class matching the user SSL certificate (https_port)
acl ca_cert
New acl class matching the CA of the user SSL certificate (https_port)
acl ext_user / ext_user_regex
New acl matching usernames returned by external acl
follow_x_forwarded_for
New option to enable parsing of X-Forwarded-For headers allowing access controls to be based on the real client IP even if behind secondary proxies
http_access2
New http_access type directive but evaluated after url rewrites
htcp_access, htcp_clr_access
Access control on HTCP requests
log_access
New directive to limit what gets logged.
httpd_suppress_version_string
Enable hiding of the Squid version
umask
New directive to specify the minimum umask Squid should run under
error_map
New directive to allow dynamic rewrites of error pages
via
New directive to disable the use of the Via directive
wccp2_*
WCCP2 protocol support
《解決方案》
有什麼不一樣的地方嗎?
高手能否指點一下?
《解決方案》
今天裝了一個,現在配透明代理好簡單,就一句話搞定。
http_port 3128 transparent
《解決方案》
請大蝦賜教
我用squid2.6做反向代理cache和URL rewrite一切正常,但cache.log常有
parseHttpRequest: NF getsockopt(SO_ORIGINAL_DST) failed: (92) Protocol not available
這個錯誤提示,載入ip_conntrack這個內核模塊就沒有錯誤提示了
但有個問題, 模塊ip_conntrack似乎會降低內核的網路吞吐速度?:oops::em02:
不載入這個模塊,反向代理一樣可用, 到底有沒有必要載入呢?
[ 本帖最後由 tclwp 於 2006-7-21 00:01 編輯 ]
《解決方案》
透明代理就這麼簡單嗎?為什麼我的就不行?
還請高人仔細講一下怎麼用2.6實現透明正向代理。。。
《解決方案》
剛剛使用squid,功能好強大呀!感覺很好,但是看文檔很鬧心!啥時候出了所有新軟體都有中文說明!!??
《解決方案》
類似問題,困擾好幾天了,鬱悶ing,望高手幫忙解決。
2007/06/01 15:17:04| WARNING! Your cache is running out of filedescriptors
2007/06/01 15:17:18| parseHttpRequest: NF getsockopt(SO_ORIGINAL_DST) failed: (92) Protocol not available
2007/06/01 15:17:20| WARNING! Your cache is running out of filedescriptors
2007/06/01 15:17:36| WARNING! Your cache is running out of filedescriptors
2007/06/01 15:17:52| WARNING! Your cache is running out of filedescriptors
2007/06/01 15:18:08| WARNING! Your cache is running out of filedescriptors
squid的log一直提示這些錯誤,在網上找了好多資料,都沒有找到解決方法,還請高手幫忙解決。急啊!!!!
已經更改了ulimit 了,下面是ulimit信息
#ulimit -a
core file size (blocks, -c) 0
data seg size (kbytes, -d) unlimited
max nice (-e) 0
file size (blocks, -f) unlimited
pending signals (-i) unlimited
max locked memory (kbytes, -l) unlimited
max memory size (kbytes, -m) unlimited
open files (-n) 10240
pipe size (512 bytes, -p) 8
POSIX message queues (bytes, -q) unlimited
max rt priority (-r) 0
stack size (kbytes, -s) 8192
cpu time (seconds, -t) unlimited
max user processes (-u) unlimited
virtual memory (kbytes, -v) unlimited
file locks (-x) unlimited
操作系統是debian的,squid的版本是2.6