Visolve

Services >> Open Source >> miscellaneous

(408) 666 4320

Squid 2.7 Configuration Manual

MISCELLANEOUS

This section covers configurations that could not be explicitly bundled in with any of the previous categories. Examples of features covered here are limiting the growth of log files, displaying customized information to clients upon error conditions or access denial, defining memory pools for Squid, network management by enabling SNMP, co-ordination with neighbor caches by enabling WCCP, directing the requests either to the origin server or to the neighbor cache, etc.

dns_testnames	logfile_rotate	append_domain	tcp_recv_bufsize	error_map
err_html_text	deny_info	memory_pools	memory_pools_limit	via
forwarded_for	log_icp_queries	icp_hit_stale	minimum_direct_hops	minimum_direct_rtt
cachemgr_passwd	store_avg_object_size	store_objects_per_bucket	client_db	netdb_low
netdb_high	netdb_ping_period	query_icmp	test_reachability	buffered_logs
reload_into_ims	always_direct	never_direct	header_access	header_replace
icon_directory	global_internal_static	short_icon_urls	error_directory	maximum_single_addr_tries
retry_on_error	snmp_port	snmp_access	snmp_incoming_address	snmp_outgoing_address
as_whois_server	wccp_router	wccp2_router	wccp_version	wccp2_rebuild_wait
wccp2_forwarding_method	wccp2_return_method	wccp2_assignment_method	wccp2_service	wccp2_service_info
wccp2_weight	wccp_address	wccp2_address	logfile_daemon	netdb_filename
update_headers	zph_mode	zph_local	zph_sibling	zph_parent
zph_option

TAG NAME	dns_testnames
Description	This points to a number of hosts that Squid can use to test if DNS service is working properly on your network
Build Option	Default
Usage	dns_testnames url
Default	dns_testnames netscape.com internic.net nlanr.net microsoft.com

Synopsis

If DNS isn't working properly, Squid will not be able to service requests, so it will refuse to start, with a brief message regarding why in the cache.log. It is recommended that you select two or more host names on the internet and one or two host names on your intranet, assuming you have one and Squid is expected to service it. By default, the dns_testnames directive checks a few well known and popular sites: netscape.com, internic.net, nlanr.net, and microsoft.com.

Arguments

url

Sites on which DNS test to be done

Example(s)
dns_testnames visolve.com

TAG NAME	logfile_rotate
Description	Used to specify the number of old rotated log files Squid will keep
Build Option	Default
Usage	logfile_rotate number
Default	logfile_rotate 10

Synopsis

The value in this tag defines number of rotated log files to be generated. This defaults to 10, which means Squid will keep 10 old log files before overwriting the oldest. Squid -k rotate is the command line usage to implement this function.

Arguments

number

Number of rotations

Example(s)
logfile_rotate 5

TAG NAME	append_domain
Description	The domain that Squid will append to requests that are not possibly fully qualified domain names (more precisely, those that have no dots in them)
Build Option	Default
Usage	append_domain domainname
Default	none

Synopsis
Using this tag, you can append the domain names to the requests that are not fully qualified domains names.
Note: append_domain must begin with a period.

Arguments

dimainname

Domain name to be appended

Example(s)
append_domain .cgi.com

TAG NAME	tcp_recv_bufsize
Description	Defines the size of the buffer used for TCP packets being received
Build Option	Default
Usage	tcp_recv_bufsize bytes
Default	tcp_recv_bufsize 0 bytes

Synopsis

When defined to a non-zero value, this determines the TCP packets receiving buffer size. By default Squid uses whatever the default buffer size for your operating system is. This is done by setting its value to zero.

Arguments

bytes

Buffer size

Example(s)
tcp_recv_bufsize 500 bytes

TAG NAME	error_map
Description	Map errors to custom messages
Build Option	Default
Usage	error_map message_url http_status...
Default	none

Synopsis
Use in accelerators to substitute the error messages returned by servers with other custom errors.

In Addition the following headers are forwarded from the client request:
User-Agent, Cookie, X-Forwarded-For, Via, Authorization,Accept, Referer

And the following headers from the server reply:
Server, Via, Location, Content-Location

The reply returned to the client will carry the original HTTP headers from the real error message, but with the reply body of the configured error message.

Arguments

message_url	The received HTTP status code (i.e. 404)
http_status	The requested URI where the error occurred

Example(s)
error_map http://visolve.com/error/404.shtml 404

TAG NAME	err_html_text
Description	Provides a means to automatically add some extra information to Squid's error pages
Build Option	Default
Usage	err_htmal_text text
Default	none

Synopsis

You can add HTML or plain text comments or links here, which will be added to the error messages displayed to clients. To include this in your error messages, you must rewrite the error template files (found in the "errors" directory). Wherever you want the err_html_text line to appear, insert a %L tag in the error template file.

Arguments

text

Message to be displayed

Example(s)
err_html_text squid@visolve.com

Consider you want to display this mail Id when access denied error occurs, then edit the corresponding file (ERR_ACCESS_DENIED in '$prefix/etc/errors' directory) with %L where this mail Id should be displayed.

TAG NAME	deny_info
Description	Used to define a customized error page for the requests which gets denied by http_access rules
Build Option	Default
Usage	deny_info err_page_name acl deny_info link acl
Default	none

Synopsis

You might have defied certain rules which filters access to certain domains. While accessing those domains, Squid normally displays a default error page. Using this tag, we can define a customized error page.

Arguments

err_page_name	Customized error page to be displayed
acl	acl for which the page to be displayed
link	Link to be displayed on deny access

Example(s)
acl test1 urlpath_regex -i .index.html
http_access deny test1
deny_info http://www.google.co.in test1
On satisfying http_access, instead of the default error page, the site google will be loaded.

TAG NAME	memory_pools
Description	This allows Squid to keep memory that it has allocated (but no longer needs), so that it will not need to reallocate memory in the future
Build Option	Default
Usage	memory_pools on\|off
Default	memory_pools on

Synopsis

Memory pools can improve performance to a small margin by allocating memory, but may need to be turned off if memory is at a premium on your system. This option defaults to on.

Arguments

on/off

Enable or disable memory pool feature

TAG NAME	memory_pools_limit
Description	The amount of memory Squid will keep allocated, assuming the Keep memory for future use option is turned on
Build Option	Default
Usage	memory_pools_limit bytes
Default	none

Synopsis

Any non-zero value to this tag will instruct Squid not to keep more than that amount allocated, and if Squid requires more memory than that to fulfill a request, it will use your system's malloc library. Squid does not pre-allocate memory, so it is safe to set this reasonably high. If your Squid runs on a dedicated host, it is probably wisest to leave it to its default of unlimited. If it must share the system with other server processes (like Apache or Sendmail) then it might be appropriate to limit it somewhat.

Arguments

bytes

Memory pool limit size

Example(s)
memory_pools_limit 50 MB

TAG NAME	via
Description	Enable/disable via header
Build Option	Default
Usage	via on\|off
Default	via on

Synopsis
If set (default), Squid will include a Via header in requests and replies as required by RFC2616.

Arguments

on/off

Enable/disable via header

TAG NAME	forwarded_for
Description	This option allows you to choose whether Squid will report the host name of the system that originally made the request to the origin server
Build Option	Default
Usage	forwarded_for on\|off
Default	forwarded_for on

Synopsis
If set, Squid will include your system's IP address or name in the HTTP requests it forwards. By default it looks like this: X-Forwarded-For: 192.1.2.3

If you disable this, it will appear as X-Forwarded-For: unknown

Arguments

on/off

Enable or disable forwarding

TAG NAME	log_icp_queries
Description	Dictates whether Squid will log ICP requests
Build Option	Default
Usage	log_icp_queries on\|off
Default	log_icp_queries on

Synopsis
When you fell if ICP loads are very high, you can disable it otherwise you can enable for logging ICP requests.

Arguments

on/off

Enable or disable logging ICP queries

TAG NAME	icp_hit_stale
Description	Enable/disable to return ICP_HIT for stale cache objects
Build Option	Default
Usage	icp_hit_stale on\|off
Default	icp_hit_stale off

Synopsis
If you want to return ICP_HIT for stale cache objects, set this option to 'on'. If you have sibling relationships with caches in other administrative domains, this should be 'off'. If you only have sibling relationships with caches under your control, then it is probably okay to set this to 'on'. If set to 'on', then your siblings should use the option "allow-miss" on their cache_peer lines for connecting to you.

Arguments

on/off

Enable or disable icp stale hit

TAG NAME	minimum_direct_hops
Description	Define minimum number of direct hops after which it directs Squid to do direct fetches
Build Option	Default
Usage	minimum_direct_hops number
Default	minimum_direct_hops 4

Synopsis

When using ICMP pinging features of Squid to determine distance to peers and origin servers, this configures when Squid should prefer going direct over a peer. This parameter plays a role in deciding latency.

Arguments

number

Number of hops

Example(s)
minimum_direct_hops 10

TAG NAME	minimum_direct_rtt
Description	Defines minimum rtt after which it directs Squid to do direct fetches
Build Option	Default
Usage	minimum_direct_rtt timeunits
Default	minimum_direct_rtt 400

Synopsis
If using the ICMP pinging stuff, do direct fetches for sites which are no more than this many rtt milliseconds away.

Arguments

timeunits

Round Trip Time

Example(s)
minimum_direct_rtt 200

TAG NAME	cachemgr_passwd
Description	Specify passwords for cachemgr operations
Build Option	Default
Usage	cachemgr_passwd password action action ...
Default	none

Synopsis
By using this we can have secured administration over the Squid.

Actions:

5min, 60min, asndb, authenticator, cbdata, client_list, comm_incoming, config *, counters, delay, digest_stats, dns, events, filedescriptors, fqdncache, histograms, http_headers, info, io, ipcache, mem, menu, netdb, non_peers, objects, offline_toggle *, pconn, peer_select, redirector, refresh, server_list, shutdown *, store_digest, storedir, utilization, via_headers, vm_objects.

* Indicates actions which will not be performed without a valid password, others can be performed if not listed here.

To disable an action, set the password to "disable". To allow performing an action without a password, set the password to "none".

Use the keyword "all" to set the same password for all actions.

Arguments

password	Password for the action
action	Action as described above

Example(s)
cachemgr_passwd secret shutdown

TAG NAME	store_avg_object_size
Description	Average object size, used to estimate number of objects your cache can hold.
Build Option	Default
Usage	store_avg_object_size size(Kbytes)
Default	store_avg_object_size 13 KB

Synopsis
To Estimate the number of objects your cache can hold: NUM_OBJ = cache_swap / store_avg_object_size where, cache_swap is the size of the cache.

Arguments

size

Size of the object

Example(s)
store_avg_object_size 100 KB

TAG NAME	store_objects_per_bucket
Description	Defines the number of objects in each store hash table
Build Option	Default
Usage	store_objects_per_bucket number
Default	store_objects_per_bucket 20

Synopsis
Target number of objects per bucket in the store hash table. Lowering this value increases the total number of buckets and also the storage maintenance rate.

Arguments

number

Number of objects

Example(s)
store_objects_per_bucket 50

TAG NAME	client_db
Description	Allows you to choose whether Squid will keep statistics regarding each individual client
Build Option	Default
Usage	client_db on\|off
Default	client_db on

Synopsis
If you want to disable collecting per-client statistics, then turn off client_db here.

Arguments

on/off

Enable or disable collecting client statistics

TAG NAME	netdb_low, netdb_high
Description	Defines low and high water marks for the ICMP measurement database
Build Option	Default
Usage	netdb_low number netdb_high number
Default	netdb_low 900 netdb_high 1000

Synopsis

These measurements are counts and not percentage. The defaults are 900 and 1000. When the high water mark is reached, database entries will be deleted until the low mark is reached.

Arguments

number

Number of entries

Example(s)
netdb_low 500
netdb_high 800

TAG NAME	netdb_ping_period
Description	Defines minimum period for measuring a site
Build Option	Default
Usage	netdb_ping_period timeunits
Default	netdb_ping_period 5 minutes

Synopsis
When this is defined, there will be at least this much delay between successive pings to the same network. The default is five minutes.

Arguments

timeunits

Time period between successive pings

Example(s)
netdb_ping_period 15 minutes

TAG NAME	query_icmp
Description	Enabling this option, makes Squid to ask your peers to include ICMP data in their ICP replies
Build Option	--enable-icmp
Usage	query_icmp on\|off
Default	query_icmp off

Synopsis

If your peer has configured Squid (during compilation) with '--enable-icmp' then that peer will send ICMP pings to origin server sites of the URLs it receives. If you enable this option then the ICP replies from that peer will include the ICMP data (if available). Then, when choosing a parent cache, Squid will choose the parent with the minimal RTT to the origin server. When this happens, the hierarchy field of the access.log will be "CLOSEST_PARENT_MISS". This option is off by default.

Arguments

on/off

Enable or disable this option

TAG NAME	test_reachability
Description	When this is 'on', ICP MISS replies will be ICP_MISS_NOFETCH instead of ICP_MISS if the target host is NOT in the ICMP database, or has a zero RTT
Build Option	Default
Usage	test_reachability on\|off
Default	test_reachability off

Synopsis
If the target host is NOT in the ICMP database, or has a zero RTT, enabling this tag, ICP MISS replies will be ICP_MISS_NOFETCH instead of ICP_MISS.

Arguments

on/off

Enable or disable

TAG NAME	buffered_logs
Description	Buffering and unbuffering can be done while writing cache.log with stdio functions using this tag
Build Option	Default
Usage	buffered_logs on\|off
Default	buffered_logs off

Synopsis
Buffering it can speed up the writing slightly. By default it will be unbuffered.

Arguments

on/off

Enable or disable buffering

TAG NAME	reload_into_ims
Description	When you enable this option, client no-cache or reload requests will be changed to If-Modified-Since requests
Build Option	Default
Usage	reload_into_ims on\|off
Default	reload_into_ims off

Synopsis
This tag is used to change clients no-cache or reload requests to IMS(if-modified sequence).

Note: Enabling this feature could make you liable for problems which it causes.

Arguments

on/off

Enable or disable

table>

TAG NAME	always_direct
Description	Here you can use ACL elements to specify requests which should ALWAYS be forwarded directly to origin servers
Build Option	Default
Usage	always_direct allow\|deny [!]aclname ...
Default	none

Synopsis

Allows you to easily pick which ACL matches will not be cached. Requests that match the selected ACLs will always be answered from the origin server. Example below explains the tag to a clear extent.

Arguments

allow/deny	Allow or deny direct access
aclname	Access list on which this should act

Example(s)
acl local-servers dstdomain my.domain.net
always_direct allow local-servers

To always forward FTP requests directly, use
acl FTP proto FTP
always_direct allow FTP

TAG NAME	never_direct
Description	With never_direct you can use ACL elements to specify requests which should NEVER be forwarded directly to origin servers
Build Option	Default
Usage	never_direct allow\|deny [!] aclname ...
Default	none

Synopsis
never_direct is the opposite of always_direct. By default all requests are not forwarded directly to the origin server.

The following example explains this tag.

Arguments

allow/deny	Deny or allow direct access
aclname	Access list on which this should act

Example(s)
To force the use of a proxy for all requests, except those in your local domain use something like
acl local-servers dstdomain .foo.net
acl all src 0.0.0.0/0.0.0.0
never_direct deny local-servers
never_direct allow all

or if Squid is inside a firewall and there is local intranet
servers inside the firewall then use something like:

acl local-intranet dstdomain .foo.net
acl local-external dstdomain external.foo.net
always_direct deny local-external
always_direct allow local-intranet
never_direct allow all

TAG NAME	header_access [previously called as anonymous_headers in 2.5 & http_anonymiser in 2.4]
Description	This creates a list of ACLs for each header, allowing you very fine-tuned header mangling
Build Option	Default
Usage	header_access allow\|deny header_name ...
Default	none

Synopsis

This option replaces the old 'anonymize_headers' and the older 'http_anonymizer' option with something that is much more configurable. This new method creates a list of ACLs for each header, allowing you very fine-tuned header mangling.

You can only specify known headers for the header name. Other headers are reclassified as 'Other'. You can also refer to all the headers with 'All'.

Arguments

allow/deny	Allow or deny access for the specified header name
header_name	Header name

Example(s)
header_access Proxy-Connection allow all

TAG NAME	header_replace
Description	This option allows you to change the contents of headers denied with header_access above
Build Option	Default
Usage	header_replace header_name message
Default	none

Synopsis

For headers denied with header_access, this tag allows to replace the content of the header using the message specified This is done by replacing them with some fixed string. This replaces the old fake_user_agent option. By default, headers are removed if denied.
Arguments

header_name	Header for which content to be changed
message	Content to be replaced with the message specified here

Example(s)
header_replace User-Agent Nutscrape/1.0 (CP/M; 8-bit)

TAG NAME	icon_directory
Description	Used to specify the path to icon deirectory
Build Option	Default
Usage	icon_directory path/directoryname
Default	icon_directory /usr/local/Squid/share/icons

Synopsis
This tag is used to indicate the icon directory.

Arguments

path/directoryname

Location path and name of the directory

Example(s)
icon_directory /usr/local/icons

TAG NAME	global_internal_static
Description	Used to control, is Squid should intercept all requests for /squid-internal-static/ no matter which host the URL is requesting (default on setting), or if nothing special should be done for such URLs (off setting).
Build Option	Default
Usage	global_internal_static on\|off
Default	global_internal_static on

Synopsis

Used to control, is Squid should intercept all requests for /squid-internal-static/ no matter which host the URL is requesting (default on setting), or if nothing special should be done for such URLs (off setting).

The purpose of this directive is to make icons etc work better in complex cache hierarchies where it may not always be possible for all corners in the cache mesh to reach the server generating a directory listing.

Arguments

on/off

Enable or Disable the globel internal static

TAG NAME	short_icon_urls
Description	Enables squid to use short URL's for Icons
Build Option	Default
Usage	short_url_icons on\|off
Default	short_icon_urls off

Synopsis
If this is enabled Squid will use short URLs for icons.

If off the URLs for icons will always be absolute URLs including the proxy name and port.
Arguments

on/off

Enable or Disable the short URL's

TAG NAME	error_directory
Description	Defines path to your own error directory
Build Option	Default
Usage	error_directory path/directoryname
Default	error_directory /usr/local/Squid/share/errors/English

Synopsis
Used to specify location and name of the error directory used.

Arguments

path/directoryname

Location path and name of the directory

Example(s)
error_directory /usr/local/error

TAG NAME	maximum_single_addr_tries
Description	This sets the maximum number of connection attempts for a host that has only one address
Build Option	Default
Usage	maximum_single_addr_tries number
Default	maximum_single_addr_tries 3

Synopsis

If the host has more number of address (for multiple-address hosts), each address is tried once. The default value is three tries, the (not recommended) maximum is 255 tries.
Note
A warning message will be generated if it is set to a value greater than ten.

Arguments

number

Number of tries

Example(s)
maximum_single_addr_tries 5

TAG NAME	retry_on_error
Description	If set to on Squid will automatically retry requests when receiving an error response.
Build Option	Default
Usage	retry_on_error on\|off
Default	retry_on_error off

Synopsis

If set to on Squid will automatically retry requests when receiving an error response. This is mainly useful if you are in a complex cache hierarchy to work around access control errors.

Arguments

on/off

Enable / Disable Retry requests

TAG NAME	snmp_port
Description	Squid serves statistics and status information via SNMP defined using this tag
Build Option	--enable-snmp
Usage	snmp_port port_number
Default	snmp_port 3401

Synopsis
By default it listens to port 3401 on the machine. If you don't wish to use SNMP, set this to "0".

Arguments

port_number

Port where Squid binds the socket

Example(s)
snmp_port 3401

TAG NAME	snmp_access
Description	Access to SNMP port is controlled using this tag
Build Option	--enable-snmp
Usage	snmp_access allow\|deny [!]aclname ...
Default	snmp_port 3401

Synopsis
All access to the agent is denied by default.

Arguments

allow/deny	Allow or deny access
aclname	Access list this should act on

Example(s)
snmp_access allow snmppublic localhost
snmp_access deny all

TAG NAME	snmp_incoming_address, snmp_outgoing_address
Description	Defines the interface for snmp incoming and outgoing requests
Build Option	--enable-snmp
Usage	snmp_incoming_address ip_address snmp_outgoing_address ip_address
Default	snmp_incoming_address 0.0.0.0 snmp_outgoing_address 255.255.255.255

Synopsis

The default snmp_incoming_address (0.0.0.0) is to listen on all available network interfaces. If snmp_outgoing_address is set to 255.255.255.255 (the default) then it will use the same socket as snmp_incoming_address. Only change this if you want to have SNMP replies sent using another address than where this Squid listens for SNMP queries.
Note: snmp_incoming_address and snmp_outgoing_address can not have the same value since they both use port 3401.

Arguments

ip_address

Incoming and outgoing interface address

Example(s)
snmp_incoming_address 172.16.1.35
snmp_outgoing_address 172.16.1.36

TAG NAME	as_whois_server
Description	This is to query AS numbers
Build Option	Default
Usage	as_whois_server server_name
Default	as_whois_server whois.ra.net

Synopsis
AS numbers are queried only when Squid starts up, not for every request.

Arguments

server_name

Server name for which AS numbers to be queried

Example(s)
as_whois_server ra.net

TAG NAME	wccp_router
Description	To define your WCCP "home'' router for Squid
Build Option	Default
Usage	wccp_router ip_address
Default	wccp_router 0.0.0.0

Synopsis
Setting the wccp_router to 0.0.0.0 (the default) disables WCCP.

Arguments

ip_address

ip address of the router

Example(s)
wccp_router 172.16.1.100

TAG NAME	wccp2_router
Description	To define your WCCP "home'' router for Squid, supports multiple WCCPv2 routers
Build Option	Default
Usage	wccp2_router ip_address
Default	wccp2_router 0.0.0.0

Synopsis
wccp2_router supports multiple WCCPv2 routers

only one of the two may be used at the same time and defines which version of WCCP to use.

Arguments

ip_address

ip address of the router

Example(s)
wccp2_router 172.16.1.100

TAG NAME	wccp_version
Description	Used to specify the version of Cisco IOS used in the Router
Build Option	Default
Usage	wccp_version version_number
Default	wccp_version 4

Synopsis
According to some users, Cisco IOS 11.2 only supports WCCP version 3. If you're using that version of IOS, change this value to 3.

Arguments

version_number

IOS version number

Example(s)
wccp_router 172.16.1.100

TAG NAME	wccp2_rebuild_wait
Description	Allows squid to wait for the cache dir rebuild to finish before sending the first wccp2 HereIAm packet.
Build Option	Default
Usage	wccp2_rebuild_wait on\|off
Default	wccp2_rebuild_wait on

Synopsis
If this is enabled Squid will wait for the cache dir rebuild to finish before sending the first wccp2 HereIAm packet.

Arguments

on/off

Enable/Disable rebuild Wait

TAG NAME	wccp2_forwarding_method
Description	Allows the setting of forwarding methods between the router/switch and the cache.
Build Option	Default
Usage	wccp2_forwarding_method version_number
Default	wccp2_forwarding_method 1

1	GRE encapsulation (forward the packet in a GRE/WCCP tunnel)
2	L2 redirect (forward the packet using Layer 2/MAC rewriting)

Example(s)
wccp2_forwarding_method 2

TAG NAME	wccp2_return_method
Description	Allows the setting of return methods between the router/switch and the cache for packets that the cache decides not to handle.
Build Option	Default
Usage	wccp2_return_method version_number
Default	wccp2_return_method 1

Synopsis
WCCP2 allows the setting of forwarding methods between the router/switch and the cache.

Currently (as of IOS 12.4) cisco routers only support GRE.
Cisco switches only support the L2 redirect assignment method.

If the "ip wccp redirect exclude in" command has been enabled on the cache interface, then it is still safe for the proxy server to use a l2 redirect method even if this option is set to GRE.
Arguments

1	GRE encapsulation (forward the packet in a GRE/WCCP tunnel)
2	L2 redirect (forward the packet using Layer 2/MAC rewriting)

Example(s)
wccp2_return_method 2

TAG NAME	wccp2_assignment_method
Description	Allows the setting of methods to assign the WCCP hash
Build Option	Default
Usage	wccp2_assignment_method version_number
Default	wccp2_assignment_method 1

Synopsis
WCCP2 allows the setting of methods to assign the WCCP hash

As a general rule, cisco routers support the hash assignment method and cisco switches support the mask assignment method.
Arguments

1	Hash assignment
2	Mask assignment

Example(s)
wccp2_assignment_method 2

TAG NAME	wccp2_service
Description	Allows for multiple traffic services.
Build Option	Default
Usage	wccp2_service version_number
Default	wccp2_service standard 0

Synopsis
WCCP2 allows for multiple traffic services.

MD5 service authentication can be enabled by adding "password=<password>" to the end of this service declaration.

Arguments

standard	Defines one service id - http (id 0).
dynamic	Defines the ids can be from 51 to 255 inclusive. In order to use a dynamic service id one must define the type of traffic to be redirected.

Note
The "standard" type does not require a wccp2_service_info option, just specifying the service id will suffice.
In order to use a dynamic service id one must define the type of traffic to be redirected; this is done using the wccp2_service_info option.

Example(s)
wccp2_service standard 0
wccp2_service standard 80
wccp2_service standard 0 password=foo

TAG NAME	wccp2_service_info
Description	Used in Dynamic wccp2 service to give the information to define the traffic to be diverted
Build Option	Default
Usage	wccp2_service_info <id> protocol=<protocol> flags=<flag>,<flag>.. priority=<priority> ports=<port>,<port>..
Default	none

Synopsis
Dynamic WCCPv2 services require further information to define the traffic to be diverted

The port list can be one to eight entries.

Arguments

#	Flags
1	src_ip_hash, dst_ip_hash
2	source_port_hash, dest_port_hash
3	src_ip_alt_hash, dst_ip_alt_hash
4	src_port_alt_hash, dst_port_alt_hash
5	ports_source

Note

The service id must have been defined by a previous 'wccp2_service dynamic <id>' entry.

Example(s)
wccp2_service_info 80 protocol=tcp flags=src_ip_hash,ports_source priority=240 ports=80

TAG NAME	wccp2_weight
Description	Each cache server gets assigned a set of the destination hash proportional to their weight.
Build Option	Default
Usage	wccp2_weight weight
Default	wccp2_weight 10000

Synopsis
Each cache server gets assigned a set of the destination hash proportional to their weight.

Example(s)
wccp2_weight 20000

TAG NAME	wccp_address,wccp2_adderss
Description	Option to give the specfic interface address to the WCCP
Build Option	Default
Usage	wccp_address ip wccp2_address ip
Default	wccp_address 0.0.0.0 wccp2_address 0.0.0.0

Synopsis
Use this option if you require WCCP to use a specific interface address.

The default behavior is to not bind to any specific address.

Example(s)
wccp_address 172.16.1.43
wccp2_address 172.16.1.32

TAG NAME	logfile_daemon
Description	Specifies the path to the logfile-writing daemon.
Build Option	Default
Usage	logfile_daemon path to file
Default	logfile_daemon /usr/local/squid/libexec/logfile-daemon

NOTE:
This daemon is used to write the access and store logs, if configured.

Synopsis
This option is used to specify the path of a log file writing daemon for writing the access and store logs.

Example(s)
logfile_daemon /usr/local/Squid/libexec/logfile-daemon

TAG NAME	netdb_filename
Description	Specify the filename to store the netdb state after squid restarts.
Build Option	Default
Usage	netdb_filename file path
Default	netdb_filename /usr/local/squid/var/logs/netdb.state

Synopsis
This file maintains the netdb state between the squid restart operation.

Example(s)
netdb_filename /usr/local/squid/var/logs/netdb.state

TAG NAME	update_headers
Description	Enable or disable the update of stored HTTP headers on a receiving a 304 response.
Build Option	Default
Usage	update_headers on (or) off
Default	update_headers on

Synopsis
By default Squid updates stored HTTP headers when receiving a 304 response. Set this to off to disable this feature, if there is any disk I/O performance issues.

NOTE: Disabling this option violates the HTTP standard

Example(s)
update_headers off

TAG NAME	zph_mode
Description	This option enables packet level marking of HIT/MISS responses either using IP TOS or socket priority.
Build Option	Default
Usage	zph_mode tos value
Default	zph_mode off

Synopsis
Mark the packets of HIT or MISS responses using tos value(Type Of Service).

Example(s)
zph_mode tos 0x40

TAG NAME	zph_local
Description	This option allows to select a TOS/Diffserv/Priority value to mark the local hits.
Build Option	Default
Usage	zph_local value
Default	zph_local 0

Synopsis
This option is used to select a TOS/Diffserv/Priority value to mark the local hits.

Example(s)
zph_local 0x40

TAG NAME	zph_sibling
Description	This option allows to select a TOS/Diffserv/Priority value to mark the sibling hits.
Build Option	Default
Usage	zph_sibling value
Default	zph_sibling 0

Synopsis
This option is used select a TOS/Diffserv/Priority value to mark the sibling hits.

Example(s)
zph_sibling 0x40

TAG NAME	zph_parent
Description	This option allows to select a TOS/Diffserv/Priority value to mark the parent hits.
Build Option	Default
Usage	zph_parent value
Default	zph_parent 0

Synopsis
This option is used to select a TOS/Diffserv/Priority value to mark the parent hits.

Example(s)
zph_parent 0x40

TAG NAME	zph_option
Description	This is used to set the IP option to use when zph_mode is set to "option".
Build Option	Default
Usage	zph_option value
Default	zph_option 136

Synopsis
This option sets the IP option. The default value is 136 which is officially registered as " SATNET Stream ID ".

Example(s)
zph_option (ID)