Re: Q: Using Squid on a firewall-Host?

From: Oskar Pearson <>
Date: Tue, 17 Dec 1996 13:24:01 +0200 (GMT)


> > > Is it sensible to use squid on a
> > > firewall machine as a proxy? Can I use squid to forward http and ftp
> > > requests both ways through the firewall it is running on?
> >
> > Wow. Thats an _awfully_ large application to be running on a
> > firewall.

> good point. I have been trying to get http-gw running, but I had the
> same problem I asked about on the squid mailing list. Should I go back
> and try fix the problem with the Tis-toolkit, and forget about Squid for
> a firewall-proxy-software?
> What you are saying is: DO NOT RUN SQUID ON A FIREWALL!
> Do I understand this correctly?

As far as I am aware:
http-gw is started from the equivilent of inetd.conf, which means that
if you have 100 clients all websurfing, you will probably end up with
about 400 http-gw's running at once. This is likely to put you in swap,
and increase your load just a tad.

Squid on the other hand would accept all incoming connections itself,
perform non-blocking IO and probably only increase your load a little.
With the right setup it might even cache too :)

Take your pick?

I know some of our clients sometimes have a load average of about 50
on their machines, but they don't want to upgrade the firewalls...


'experience made art, but inexperience luck.'
Received on Tue Dec 17 1996 - 03:51:36 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:33:54 MST