Squid_ The Definitive Guide - Duane Wessels [195]
Default
No default
Example
acl SomeUsers src 10.0.0.0/24
acl OtherUsers src 10.0.1.0/24
tcp_outgoing_address 172.16.0.1 SomeUsers
tcp_outgoing_address 192.168.0.1 OtherUsers
tcp_outgoing_address 172.16.5.1
Related
udp_incoming_address, udp_outgoing_address
Name
reply_body_max_size
Synopsis
This directive allows you to limit the size of HTTP reply bodies based on ACL elements. When a request matches one of the reply_body_max_size rules, Squid places a limit on the size of the HTTP response. A value of 0 indicates no limit. Squid checks the reply size first when all HTTP headers have been received. If the headers contain a Content-Length value that exceeds the specified limit, the user receives a message that states "the request or reply is too large." If the content length is unavailable, Squid continues checking the limit as data comes in from the server. If the reply size exceeds the limit, Squid closes the client's connection, which causes the client to receive a partial reply.
Downstream caches often can't detect partial replies. Because the headers lack a content length value, the downstream cache (or user-agent) doesn't know that additional data is missing. Thus, you shouldn't use reply_body_max_size if you have child or sibling caches.
The code that checks the reply_body_max_size list ignores deny rules. In other words, it is pointless to include deny rules in this list.
Make sure that the maximum reply size is large enough for a Squid error message (typically 1K-2K bytes). An error message that is larger than the maximum reply body size causes Squid to crash.
Syntax
reply_body_max_size bytes allow [!]ACLname ...
Default
reply_body_max_size 0 allow all
Example
acl WorkingHours time 08:00-17:00
reply_body_max_size 10485760 allow WorkingHours
Related
maximum_object_size, request_body_max_size, request_header_max_size
Name
cache_mgr
Synopsis
This email address is printed in error messages generated by Squid. Set this as an address to which your users should send support messages and problem reports. This address also receives a notification message if Squid dies unexpectedly.
Syntax
cache_mgr email@address
Default
cache-mgr webmaster
Example
cache_mgr support@example.com
Name
cache_effective_user
Synopsis
In the interest of security, Squid doesn't allow itself to run as root. If you start the process as root, Squid changes its effective userid to a nonprivileged user. This user ID must have write permission to the cache directories and log file directory.
You need to set this directive only if you're starting Squid as root. If you start Squid as a non-root user, this directive is ignored.
Syntax
cache_effective_user username
Default
cache_effective_user nobody
Example
cache_effective_user squid
Related
cache_effective_group
Name
cache_effective_group
Synopsis
If you start Squid as root, it changes the process' user ID to the username specified by cache_effective_user. By default, Squid sets the process' group ID to the group associated with the cache_effective_user. You can set the cache_effective_group directive if you want Squid to use some other group ID.
You only need to set this directive if you're starting Squid as root. If you start Squid as a non-root user, this directive is ignored.
Syntax
cache_effective_group groupname
Default
No default
Example
cache_effective_group squid
Related
cache_effective_user
Name
visible_hostname
Synopsis
Use this directive when Squid can't determine the fully qualified domain name on its own or if you want to present a special, external name to the world. Squid uses this name in error messages, FTP directory listings, X-Cache header values, cache announcements, and for internal URLs.
Squid also puts the visible hostname into HTTP Via headers, unless you also define the unique_hostname directive. Note that you must use unique_hostname if you have a cluster of caches that have the same visible hostname.
Syntax
visible_hostname