The Squid HTTP/FTP proxy

Home : Linux resources : "Howto" : Squid

1. Web cache. This is the "standard" use for Squid, wherein it uses local RAM and hard drive to speed up Web access. The extra speed is not so important, as I have a cable modem, but the hard drive cache feature allows me to turn off all browser hard drive caching, which avoids bloating my backups with duplicates of random Web pages. I have allotted 250MB of hard drive to caching, which lives in /scratch/squid/cache/; the /scratch/ partition is never backed up. It took more than two years to fill it up (though that was before my wife discovered Ebay).

   In order to prevent randoms from using my machine as an anonymizer, this service is only available on the local network. This is because I have configured the ACLs to prevent nonlocal users from accessing nonlocal servers.

2. Virtual host redirector. Since I have two distinct Web servers running on this machine, I also need Squid to listen to port 80, where it redirects requests for local Web connections to the appropriate server based on the server named in the "Host:" request header. [I should explain how to set this up, but that would have to be a separate article. -- rgr, 20-Jul-02.]

   [This is somewhat out of date, as I haven't been running the other Web server since fall 2002, so the Web server is back on port 80. -- rgr, 1-Sep-03.]

3. Advertising filter. The same "redirector" technology that supports virtual hosting also serves to rewrite URLs for advertising images into something less annoying, e.g. from a flashing http://ad.doubleclick.net/ monstrosity to "", a small .png image kept locally.

Documentation

The Squid FAQ is the most useful piece of Squid documentation I have yet found. It is huge, which is a testament to the versatility of Squid.

http://www.squid-cache.org/Doc/ has links to the FAQ, as well as to other works.

And the default configuration file, installed by the SuSE 8.1 RPM into /etc/squid/squid.conf.default, is full of comments that describe each of the configuration options in some detail. (The configuration guide at squid.visolve.com is mostly a browseable version of these comments, with some added content.)

Configuration file

The configuration file is /etc/squid/squid.conf. If you change it, you can cause a running Squid to reread it by

       squid -k reconfigure

This is much faster than using the SysV script to stop and restart it, because Squid won't have to rebuild its in-memory cache database. It also causes the redirector to be restarted, which is necessary after modifying it.

[The SysV script seems to have a bug; stopping doesn't always work in any case. But maybe that's just because I was too impatient for Squid to exit. -- rgr, 20-Jul-02.]

But before you reload the configuration file, you might want to do

       squid -k parse

in order to ensure that you haven't introduced errors.

Listening ports

By default, Squid listens for proxy requests on port 3128. (I also used to have mine configured to listen to port 80 for the sake of virtual host redirection; if you do that, be sure it only honors requests either for local pages, or requests that originate locally.)

Access log file

The access log is written to /var/log/squid/access.log (if you use the SuSE RPM version; if installed from tarball, the default log destination is /usr/local/squid/logs/). By default, the access log is written in Squid's own internal format; the ~rogers/projects/system/scripts/squid2std.pl script converts this to the "standard" access log format used by Apache, etc., though without the "referer" field. See Squid FAQ #6.6 for details of Squid log format.

"Disk space over limit" errors

Recently, after an unexpected reboot, I started getting piles of the following warnings in the log:

       May 29 21:16:48 rgrjr squid[2666]: WARNING: Disk space over limit: -2935640 KB > 256000 KB 
       

It started immediately after reboot, and was repeated every few minutes. The last five lines of the normal Squid startup messages showed the same suspicious value:

       May 29 21:16:47 rgrjr squid[2666]: Beginning Validation Procedure 
       May 29 21:16:47 rgrjr squid[2666]:   Completed Validation Procedure 
       May 29 21:16:47 rgrjr squid[2666]:   Validated 5638 Entries 
       May 29 21:16:47 rgrjr squid[2666]:   store_swap_size = -2935640k 
       May 29 21:16:47 rgrjr squid[2666]: storeLateRelease: released 0 objects 
       

The normal value is 243156k on my system, but negative sizes can't be a good thing. Googling for store_swap_size found the following article: "Squid warning in logs (Disk space over limit)", which in turn lead me to try deleting the swap.state and restart Squid. This appears to have worked; swap.state seems to have been rebuilt OK, and the warnings have stopped.