2.5 Release notes - first draft

From: Gary Shelton <omega996@dont-contact.us>
Date: Mon, 3 Dec 2001 12:34:05 -0800

greetings:
Here's what i've got so far - just give me a shout with your changes,
and i'll continue to whip it into shape.

gary shelton

Version 2.5 Release Notes

Changes to squid.conf

https_port
This new option specifies the socket address where squid will listen for HTTPS client requests. This is used where squid is running in accelerator mode and any SSL work is to be done at the acelerator level.

ssl_unclean_shutdown
This new option allows SSL to terminate without a shutdown message. This is useful to prevent crashes from certain browsers (MSIE).

Udp_incoming_address
Udp_outgoing address
New configuration choices for these optios are the ability to specify a password for an upstream proxy, and the ability to limit the number of connections squid may open to a peer.

Hosts_file
This new option specifies the local hostname-IP address association database.

Auth_param
This new optin is used to pass parameters to the various authentication schemes.

Request_body_max_size
The default for this option has changed from 1 MB to 0 (no limit).

Acl aclname max_user_ip
This acl will limit the number of concurrent multiple IP connections (cnnections from multiple IP addresses).

Tcp_outgoing_tos
Tcp_outgoing_ds
Tcp_outgoing_dscp
These new options allow you to select a TOS/Diffserv value to mark outgoing connections with, based upon the username or source address making the request.

Header_ccess
This option replaces the old 'anonymize_headers' and the older 'http_anonymizer' options with the ability to use ACLs to fine-tune header mangling.

Header_replace
This new option allows you to change the contents of headers denied with header_acces. This replaced the 'fake_user_agent' option.

Vary_ignore_expire
This new option allows squid to ignore immediate expiry times on Vary objects.

Sleep_after_fork
This new option allows the main squid process to sleep a number of microseconds after a fork) system call.

Reply_body_max_size
This option specifies the maximum size of a reply body. It can be used to prevent users from downloading very large files, such as MP3s and movies.

http_reply_access
This option allows replies to client requests. It isa complementary option to http_access.
 
Changes to configure

--with-aufs-threads=N_THREADS
Use this option along with the --enable-storeio="aufs". This tunes the number of worker threads for the aufs object store.

--with-openssl[=prefix]
Compile squidwith the OpenSSL libriares.

--enable-auth=\"list of auth scheme modules\"
Build support for the list of authentication schemes. The default is to build support for the Basic scheme, with a list of available modules in src/auth. The programmer's Guide secion on authentication schemes has details on ow to build your own custom auth scheme module.

--enable-basic-auth-helpers=\"list of helpers\"
This option selects which basic auth scheme helpers to build and install. For a list of available helpers see thesrc/auth/basic/helpers directory.

--enable-ntlm-auth-helpers=\"list of helpers\"
This options selects which ntlm auth scheme helpers to build and install. For a list of available helpers see the src/auth/ntlm/helpers directory.

--enable-digest-auth-helprs=\"list of helpers\"
This options selects which digest scheme authentication helpers to build and install. For a list of available helpers see the src/auth/digest/helpers directory.

--enable-ntlm-fail-open
This option enables NTLM Fail open, where a heper that fails one of the Authentication steps can allow squit to still authenticat the user.

--enable-x-accelerator-vary
This option enables support for the X-Accelerator-Vary http header. This can be used to indicate variance within an accelerator setu. This is typically used together with other code that adds custom http headers to the requests.


_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com

Received on Mon Dec 03 2001 - 17:51:00 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:14:39 MST