Squid_ The Definitive Guide - Duane Wessels [193]
Related
read_timeout, connect_timeout
Name
persistent_request_timeout
Synopsis
This timeout is similar to request_timeout, except that it applies only to idle, persistent connections.
Syntax
persistent_request_timeout time-specification
Default
persistent_request_timeout 1 minute
Example
persistent_request_timeout 30 seconds
Related
request_timeout
Name
client_lifetime
Synopsis
This timeout specifies the maximum amount of time for a client connection. In most cases, client connections should never last longer than a few hours. Long-lived client connections may be the result of a network outage, user-agent bugs, or mischievous activity.
Syntax
client_lifetime time-specification
Default
client_lifetime 1 day
Example
client_lifetime 3 hours
Related
read_timeout
Name
half_closed_clients
Synopsis
TCP allows applications to close connections in one direction. That is, a client may close its connection for writing but keep it open for reading. These half-closed connections are confusing because Squid can't easily tell the difference between a client that intentionally closed half the connection and a client that simply aborted the entire connection. The only way Squid knows for sure is when its attempt to write some data returns an error. Most user-agents don't use the TCP half-close, but some may.
When the half_closed_clients directive is enabled (the default), Squid keeps these connections open until a write error (or some other error) occurs. When disabled, Squid fully closes the connection. Thus, if you disable this directive and have clients that use the TCP half-close, they can't receive any data from Squid.
Syntax
half_closed_clients on|off
Default
half_closed_clients on
Example
half_closed_clients off
Related
client_lifetime, read_timeout
Name
pconn_timeout
Synopsis
This timeout applies to idle server persistent connections (i.e., connections between Squid and origin servers or neighbors). If the idle connection isn't reused within this amount of time, Squid closes it to conserve resources.
Syntax
pconn_timeout time-specification
Default
pconn_timeout 2 minutes
Example
pconn_timeout 45 seconds
Related
persistent_request_timeout, connect_timeout, read_timeout
Name
ident_timeout
Synopsis
This timeout applies to ident (RFC 1413) requests made to client hosts. Squid makes ident lookups for one of two reasons: to satisfy an ACL check or for logging in access.log. In the ACL case, Squid blocks the request until the ident lookup returns, or this timeout occurs. When only logging, Squid doesn't block on the ident lookup.
Syntax
ident_timeout time-specification
Default
ident_timeout 10 seconds
Example
ident_timeout 1 minute
Related
ident_lookup_access, acl ident
Name
shutdown_lifetime
Synopsis
When you shut down the Squid process, some user requests will still be active. This directive specifies how long to wait until all client requests are complete. Squid finally exits when all client connections have been closed or when this timeout occurs.
Syntax
shutdown_lifetime time-specification
Default
shutdown_lifetime 30 seconds
Example
shutdown_lifetime 60 seconds
Name
acl
Synopsis
The acl directive defines an access control element, such as a client IP address, origin server hostname, or server port number. The syntax depends on the particular ACL type you wish to define. See Section 6.1 for the full-blown explanation.
Syntax
acl name
type
data...
Default
No default
Example
acl MyClients src 172.16.1.0/24
Related
http_access, icp_access, miss_access, no_cache, redirector_access, http_reply_access, ident_lookup_access, always_direct, never_direct, snmp_access, broken_posts
Name
http_access
Synopsis
The http_access directive is one of the most important aspects of your configuration. It determines whether or not Squid allows or denies a client's request. If you don't get your access-control rules just right, savvy Internet users can abuse your