Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Tree: 58badfca4f
Fetching contributors…

Cannot retrieve contributors at this time

361 lines (224 sloc) 9.394 kB
squid (2.7.STABLE6-2) unstable; urgency=low
Since version 2.7.STABLE6-2 error pages are not included in squid-common
anymore, but are instead shipped in a separate package (squid-langpack).
If the error_directory option in /etc/squid/squid.conf was customized, it
should be checked against the new directory layout of squid-langpack; if
it is not set correctly, squid will refuse to start.
-- Luigi Gangitano <luigi@debian.org> Tue, 7 Jul 2009 1:48:10 +0200
squid (2.7.STABLE2-2) unstable; urgency=low
Squid 2.7 introduced a long listing of new features including partial
HTTP/1.1 support, modular logging, background object revalidation and
configuration file includes.
Release notes with details of changes can be found in
/usr/share/doc/squid/RELEASENOTES.html
Changes to the configuration file:
*Added directives*
acl myportname
new acl matching the incoming port name
authenticate_ip_shortcircuit_ttl
authenticate_ip_shortcircuit_access
controls the new IP based authentication cache.
zph_mode
zph_local
zph_sibling
zph_parent
zph_option
controls the Zero Penalty Hit support
update_headers
optimization to skip updating on-disk headers
logfile_daemon
new log file daemon support
netdb_filename
sas hardcoded to the first cache_dir
storeurl_rewrite_program
storeurl_rewrite_children
storeurl_rewrite_concurrency
storeurl_access
controls the new store URL rewrite functionality
rewrite_access
rewrite
controls the new builtin URL rewrite functionality
max_stale
server_http11
ignore_expect_100
Experimental HTTP/1.1 support knobs
external_refresh_check
new helper to allow custom cache validations in accelerator setups
delay_body_max_size
new way of using delay pools based on response size
ignore_ims_on_miss
optimization mainly targeted for accelerator setups
max_filedescriptors
can now be set runtime. Was previously hardcoded at build time and further limited by ulimit
accept_filter
optimization to avoid waking Squid up until a request has been received
incoming_rate
new tuning knob for high traffic conditions
zero_buffers
tuning knob to disable a new optimization
*Changed directives*
cache
Suggested defaults modified
cache_dir
the "read-only" option has been renamed to "no-store" to better reflect the functionality
cache_peer
new multicast-siblings option, enabling multicast ICP sibling relations
new idle=n option to keep a minimum pool of idle connections
new http11 option to enable experimental HTTP/1.1 support
external_acl_type
New %URI format tag
acl
Suggested defaults cleaned up, defines a new "localnet" acl with RFC1918 addresses
new "myportname" acl type matching the http_port name
icp_access
Suggested defaults cleaned up, now requires configuration to use ICP
htcp_access
Suggested defaults cleaned up, now requires configuration to use HTCP
http_access
Suggested defaults cleaned up, using a new "localnet" acl.
http_port
Accelerator mode options cleaned up (accel, defaultsite, vport, vhost and combinations thereof)
new "allow-direct" option
new "act-as-origin" option
new "http11" option (experimental)
new "name=" option
nee "keepalive=" option
https_port
See http_port.
logformat
New format codes: oa (Our outgoing IP address), rp (Request URL-Path), sn (Unique sequence number)
refresh_pattern
Several new options: stale-while-revalidate, ignore-stale-while-revalidate, max-stale, negative-ttl
Suggested defaults adjusted to match the changes in the cache directive.
url_rewrite_program
Future protocol change adding key=value pairs after the requests
forwarded_for
Has several new modes, allowing one to finetune how/if the requesting client IP should be forwarded in X-Forwarded-For
*Removed directives*
incoming_icp_average
incoming_http_average
incoming_dns_average
min_icp_poll_cnt
min_dns_poll_cnt
min_http_poll_cnt
the above tuning knobs no longer have any effect and has been removed.
-- Luigi Gangitano <luigi@debian.org> Sun, 1 Jun 2008 04:11:08 +0200
squid (2.6.1-3) unstable; urgency=low
Squid 2.6 introduced a long listing of new features including ICAP support,
TPROXY support on Linux, epoll() support, WCCPv2 support and new
authentication helpers.
Release notes with details of changes can be found in
/usr/share/doc/squid/RELEASENOTES.html
Changes to the configuration file:
http_port
Now takes a list of options in addition to the port address, specifying the
purpose of this http_port. Default is plain Internet proxy as usual.
httpd_accel_* for transparent proxy
Now implemented by the "transparent" http_port option
httpd_accel_host
Replaced by defaultsite http_port option and cache_peer originserver option.
httpd_accel_port
No longer needed. Server port defined by the cache_peer port.
httpd_accel_uses_host_header
Replaced by vhost http_port option
https_port
Many new options. Reconstructs URLs as https:// by default.
cache_peer
Many new options to support origin servers and SSL encryption
ssl_engine
New directive for hardware assisted SSL encryption
sslproxy_*
New directives defining how to gateway http->https
sslpassword_program
New helper directive to query an external program for SSL key encryption
password (if any)
no_cache
Renamed to cache to better reflect the functionaliy. no_cache still
accepted.
cache
New name for the old no_cache directive.
cache_vary
New directive to disable caching of Vary:ing responses
broken_vary_encoding
New directive to work around known broken compression modules which hasn't
understood the meaning of the ETag HTTP header in relation to
Accept-Encoding.
logformat
New directive for defining custom log formats
cache_access_log
Renamed to access_log
access_log
Select what requests to log where any by what format. Support for multiple
log files and multiple log formats.
check_hostnames
New option to disable the hostname validity/sanity checks usually performed
by Squid, replacing the similar build time configure option in 2.5.
allow_underscore
New option to allow _ in hostnames, replacing the similar build time
configure option in 2.5 and earlier.
dns_defnames
Allow for domain searches. Now possible even when using the internal DNS
client
redirect_*
Renamed to url_rewrite_* to better reflect the functionality of this helper
(rewriting requested URLs)
url_rewrite_concurrency
Activates a new and more efficient helper protocol. Requires changes in the
helper.
location_rewrite_*
New helper hook for rewriting Location headers
auth_param basic blankpassword
New option to allow the use of blank passwords.
auth_param ntlm max_challenge_reuse / max_challenge_lifetime
No longer supported
auth_param ntlm use_ntlm_negotiate
Directive no longer supported. Use of NTLM negotiate packet is always on.
auth_param ntlm keep_alive
New option to fine-tune the use of HTTP keep-alive in combination with NTLM
auth_param negotiate
New Negotiate authentication scheme, the "next generation" scheme in the
family of Microsoft authentication.
external_acl_type
Many new format options %SRCPORT, %MYADDR, %MYPORT, %PATH, %USER_CERT, %ACL,
%DATA and a few variants. Helper protocol defaults to the simpler "3.0"
protocol, and there is support for a highly efficient protocol via the
concurrency= option if supported by the helper.
refresh_pattern
Several new HTTP override/ignore options
read_ahead_gap
New directive to set the response buffer size.
collapsed_forwarding
New directive to enable an alternative optimized forwarding path when there
is very many concurrent requests for the same URL.
refresh_stale_hit
New directive similar to collapsed_forwarding and activates an alternative
optimized request processing when there is very many concurrent requests for
the same recently expired URL.
acl urlgroup
New acl class
acl user_cert
New acl class matching the user SSL certificate (https_port)
acl ca_cert
New acl class matching the CA of the user SSL certificate (https_port)
acl ext_user / ext_user_regex
New acl matching usernames returned by external acl
follow_x_forwarded_for
New option to enable parsing of X-Forwarded-For headers allowing access
controls to be based on the real client IP even if behind secondary proxies
http_access2
New http_access type directive but evaluated after url rewrites
htcp_access, htcp_clr_access
Access control on HTCP requests
log_access
New directive to limit what gets logged.
httpd_suppress_version_string
Enable hiding of the Squid version
umask
New directive to specify the minimum umask Squid should run under
error_map
New directive to allow dynamic rewrites of error pages
via
New directive to disable the use of the Via directive
wccp2_*
WCCP2 protocol support
-- Luigi Gangitano <luigi@debian.org> Wed, 12 Jul 2006 15:11:08 +0200
Jump to Line
Something went wrong with that request. Please try again.