Squid_ The Definitive Guide - Duane Wessels [137]
ntlmauthenticator: NTLM User Authenticator Stats
This page is available only with the ./configure —enable-auth=ntlm option and when you define a NTLM authenticator with then auth_param ntlm program directive. The format of this page is similar to Dnsserver Statistics, described earlier, with a few additions.
The table of helper processes includes an extra column: # Deferred Requests. NTLM requires "stateful" helpers because the helper processes themselves generate the challenges. Squid receives a challenge from a helper, sends that challenge to a user, and receives a response. Squid must send the user's challenge response back to the same helper for validation. For this protocol to work, Squid must defer some messages to be sent to a helper until the helper is ready to accept them.
These helpers also have two new flags: R (reserved or deferred) and P (placeholder). The R flag is set when the helper has at least one deferred request waiting. The P flag is set when Squid is waiting for the NTLM helper to generate a new challenge token.
external_acl: External ACL Stats
This page displays helper statistics for your external ACLs. If you don't have any external_acl_type lines in squid.conf, this page will be empty. Otherwise, Squid displays the statistics for each external ACL. The format is the same as for the Dnsserver Statistics.
http_headers: HTTP Header Statistics
This page displays a number of tables containing statistics about HTTP headers. It contains up to four sections: HTCP reply stats (if HTCP is enabled), HTTP request stats, HTTP reply stats, and a final section called HTTP Fields Stats. The HTCP reply statistics refer to HTCP replies received by your cache. The HTTP request section refers to HTTP requests either sent or received by your cache. Similarly, the HTTP reply section refers to replies either sent or received by Squid.
The first three sections have the same format. Each section contains three tables: Field type distribution, Cache-control directives distribution, and Number of fields per header distribution.
The Field type distribution table shows the number of times that each header value occurs and the percentage of cases in which it occurs. For example, in Table 14-2 you can see that the Accept header occurs in 98% of HTTP requests.
Table 14-2. Sample Field type distribution values for HTTP requests
ID
Name
Count
#/header
0
Accept
1416268
0.98
1
Accept-Charset
322077
0.22
2
Accept-Encoding
709715
0.49
3
Accept-Language
1334736
0.92
...
...
...
...
Unfortunately, these (and the following) statistics are tricky because they don't correspond one-to-one for client requests. For example, Squid may report 1,416,268 Accept headers in requests but only 800,542 client requests. This happens because Squid creates more than one HTTP header data structure for each request. In the case of HTTP replies, it seems that Squid may create up to four separate header structures, depending on the circumstances.
The Cache-Control directives distribution is similar, but applies only to the values of the Cache-Control header. Table 14-3 shows some of the possible field values.
Table 14-3. Sample Cache-Control directives distribution values for HTTP requests
ID
Name
Count
#/cc_field
0
public
6866
0.02
1
private
69783
0.24
2
no-cache
78252
0.27
3
no-store
9878
0.03
4
no-transform
168
0.00
5
must-revalidate
10983
0.04
6
proxy-revalidate
2480
0.01
7
max-age
165034
0.56
8
s-maxage
4995
0.02
9
max-stale
0
0.00
10
only-if-cached
0
0.00
11
Other
9149
0.03
The Number of fields per header distribution table shows how many headers occur in each request or reply. Usually, you should see something like a normal distribution with a peak around 10-13 headers per request or response.