Squid_ The Definitive Guide - Duane Wessels [20]
--disable-hostname-checks
By default, Squid requires that URL hostnames conform to the somewhat archaic specifications in RFC 1034:
The labels must follow the rules for ARPANET host names. They must start with a letter, end with a letter or digit, and have as interior characters only letters, digits, and hyphen.
Here, "letter" means the ASCII characters A through Z. Since internationalized domain names are becoming increasingly popular, you may want to use this option to remove the restriction.
--enable-underscores
This option controls Squid's behavior regarding underscore characters in hostnames. General consensus is that hostnames must not include underscore characters, although some people disagree. Squid, by default, generates an error message for requests that have an underscore in a URL hostname. You can use this option to make Squid treat them as valid. However, your DNS resolver may also enforce the no-underscore requirement and fail to resolve such hostnames.
--enable-auth[=LIST]
This option controls which HTTP authentication schemes to support in the Squid binary. You can select any combination of the following schemes: basic, digest, and ntlm. If you omit the option, Squid supports only basic authentication. If you give the —enable-auth option without any arguments, the build process adds support for all schemes. Otherwise, you can give a comma-separated list of schemes to support:
% ./configure --enable-auth=digest,ntlm
I talk more about authentication in Chapters 6 and 12.
--enable-auth-helpers=LIST
This old option is now deprecated, but still remains for backward compatibility. You should use —enable-basic-auth-helpers= LIST instead.
--enable-basic-auth-helpers=LIST
With this option, you can build one or more of the HTTP Basic authentication helper programs found in helpers/basic_auth. See Section 12.2 for their names and descriptions.
--enable-ntlm-auth-helpers=LIST
With this option, you can build one or more of the HTTP NTLM authentication helper programs found in helpers/ntlm_auth. See Section 12.4 for their names and descriptions.
--enable-ntlm-fail-open
When you enable this option, Squid's NTLM authentication module defaults to allow access in the event of an error or problem.
--enable-digest-auth-modules=LIST
With this option, you can build one or more of the HTTP Digest authentication helper programs found in helpers/digest_auth. See Section 12.3 for their names and descriptions.
--enable-external-acl-helpers=LIST
With this option, you can build one or more of the external ACL helper programs that I discuss in Section 12.5. For example:
% ./configure --enable-external-acl-helpers=ip_user,ldap_group
--disable-unlinkd
Unlinkd is another one of Squid's external helper processes. Its sole job is to execute the unlink( ) (or truncate( )) system call on cache files. Squid realizes a significant performance gain by implementing file deletion in an external process. Use this option to disable the external unlink daemon feature.
--enable-stacktrace
Some operating systems support automatic generation of stack trace data in the event of a program crash. When you enable this feature and Squid crashes, the stack trace information is written to the cache.log file. This information is often helpful to developers in tracking down programming bugs.
--enable-x-accelerator-vary
This advanced feature may be used when Squid is configured as a surrogate. It instructs Squid to look for X-Accelerator-Vary headers in responses from backend origin servers. See Section 15.5.
Running configure
Now we're ready to run the ./configure script. Go to the top-level source