1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171
|
squid (2.6.1-3) unstable; urgency=low
Squid 2.6 introduced a long listing of new features including ICAP support,
TPROXY support on Linux, epoll() support, WCCPv2 support and new
authentication helpers.
Release notes with details of changes can be found in
/usr/share/doc/squid/RELEASENOTES.html
Changes to the configuration file:
http_port
Now takes a list of options in addition to the port address, specifying the
purpose of this http_port. Default is plain Internet proxy as usual.
httpd_accel_* for transparent proxy
Now implemented by the "transparent" http_port option
httpd_accel_host
Replaced by defaultsite http_port option and cache_peer originserver option.
httpd_accel_port
No longer needed. Server port defined by the cache_peer port.
httpd_accel_uses_host_header
Replaced by vhost http_port option
https_port
Many new options. Reconstructs URLs as https:// by default.
cache_peer
Many new options to support origin servers and SSL encryption
ssl_engine
New directive for hardware assisted SSL encryption
sslproxy_*
New directives defining how to gateway http->https
sslpassword_program
New helper directive to query an external program for SSL key encryption
password (if any)
no_cache
Renamed to cache to better reflect the functionaliy. no_cache still
accepted.
cache
New name for the old no_cache directive.
cache_vary
New directive to disable caching of Vary:ing responses
broken_vary_encoding
New directive to work around known broken compression modules which hasn't
understood the meaning of the ETag HTTP header in relation to
Accept-Encoding.
logformat
New directive for defining custom log formats
cache_access_log
Renamed to access_log
access_log
Select what requests to log where any by what format. Support for multiple
log files and multiple log formats.
check_hostnames
New option to disable the hostname validity/sanity checks usually performed
by Squid, replacing the similar build time configure option in 2.5.
allow_underscore
New option to allow _ in hostnames, replacing the similar build time
configure option in 2.5 and earlier.
dns_defnames
Allow for domain searches. Now possible even when using the internal DNS
client
redirect_*
Renamed to url_rewrite_* to better reflect the functionality of this helper
(rewriting requested URLs)
url_rewrite_concurrency
Activates a new and more efficient helper protocol. Requires changes in the
helper.
location_rewrite_*
New helper hook for rewriting Location headers
auth_param basic blankpassword
New option to allow the use of blank passwords.
auth_param ntlm max_challenge_reuse / max_challenge_lifetime
No longer supported
auth_param ntlm use_ntlm_negotiate
Directive no longer supported. Use of NTLM negotiate packet is always on.
auth_param ntlm keep_alive
New option to fine-tune the use of HTTP keep-alive in combination with NTLM
auth_param negotiate
New Negotiate authentication scheme, the "next generation" scheme in the
family of Microsoft authentication.
external_acl_type
Many new format options %SRCPORT, %MYADDR, %MYPORT, %PATH, %USER_CERT, %ACL,
%DATA and a few variants. Helper protocol defaults to the simpler "3.0"
protocol, and there is support for a highly efficient protocol via the
concurrency= option if supported by the helper.
refresh_pattern
Several new HTTP override/ignore options
read_ahead_gap
New directive to set the response buffer size.
collapsed_forwarding
New directive to enable an alternative optimized forwarding path when there
is very many concurrent requests for the same URL.
refresh_stale_hit
New directive similar to collapsed_forwarding and activates an alternative
optimized request processing when there is very many concurrent requests for
the same recently expired URL.
acl urlgroup
New acl class
acl user_cert
New acl class matching the user SSL certificate (https_port)
acl ca_cert
New acl class matching the CA of the user SSL certificate (https_port)
acl ext_user / ext_user_regex
New acl matching usernames returned by external acl
follow_x_forwarded_for
New option to enable parsing of X-Forwarded-For headers allowing access
controls to be based on the real client IP even if behind secondary proxies
http_access2
New http_access type directive but evaluated after url rewrites
htcp_access, htcp_clr_access
Access control on HTCP requests
log_access
New directive to limit what gets logged.
httpd_suppress_version_string
Enable hiding of the Squid version
umask
New directive to specify the minimum umask Squid should run under
error_map
New directive to allow dynamic rewrites of error pages
via
New directive to disable the use of the Via directive
wccp2_*
WCCP2 protocol support
-- Luigi Gangitano <luigi@debian.org> Wed, 12 Jul 2006 15:11:08 +0200
|