Re: [squid-users] squid workers question

2017-03-20 Thread Matus UHLAR - fantomas 

On 10.03.17 08:52, Alex Rousskov wrote:

Sorry, but that 2010 documentation is outdated. It was written before
Rock store, a 2011 feature that changed what "SMP mode" means. This is
my fault. Here is a replacement draft that I was working on until wiki
went down:


NAME: workers
DEFAULT: 1
Number of main Squid processes or "workers" to fork and maintain.

In a typical setup, each worker listens on all http_port(s) and
proxies requests without talking to other workers. Depending on
configuration, other Squid processes (e.g., rock store "diskers")
may also participate in request processing. All such Squid processes
are collectively called "kids".

Setting workers to 0 disables kids creation and is similar to
running "squid -N ...". A positive value starts that many workers.



On 03/20/2017 09:20 AM, Matus UHLAR - fantomas wrote:

The default of 1 (only) creates kids for each rock store configured.


On 20.03.17 12:32, Alex Rousskov wrote:

What makes you think that? I believe "workers 1" in the presence of rock
cache_dirs should create one kid to handle HTTP transaction _plus_ one
kid for each rock cache_dir.


That's exactly what I meant, for inclusion to your paragraph.
Should I replace "kids" with "one extra kid"?
and should I replace (only) by "however"?


When multiple concurrent kids are in use, Squid is said to work in
"SMP mode". Some Squid features (e.g., ufs-based cache_dirs) are not
SMP-aware and should not or cannot be used in SMP mode.

See http://wiki.squid-cache.org/Features/SmpScale for details.



very nice, thanks. However this is not meant for the wiki, but for:
http://www.squid-cache.org/Doc/config/workers/


To be more precise, the text is meant for src/cf.data.pre, from which
squid.conf.documented (and Doc/Config pages) are generated from. Not
sure why you say "However" though.


You mentioned you were working on the draft until wiki went down.
I understood the paragraph as replacement for "workers" documentation, not
as something to be written to wiki...


maybe that pages could be updated (all but 3.2 versions are the same).


Once the above worker documentation changes are polished and committed
to the Squid repository, the affected generated pages/files will be
updated automatically.

The documentation for earlier versions may never be updated though -- it
depends on whether the changes are going to be ported and committed to
the code branches corresponding to those earlier versions.


it's up to the release team.
I would recommend update the docs on the web to avoid issues for people
using older squid versions, e.g. in enterprise environment


The final version will probably move and extend the terminology-related
text to the SMP section preamble -- it is kind of wrong to talk about
diskers when documenting workers. Improvements and constructive
suggestions welcomed!


compared to current version I'd change it to:

1: start one main Squid process daemon (default)
   "no SMP" when rock store is not used
   "SMP" when rock store in use


I agree that we should add something like this as a common-case example
of general rules. Thank you.


if we replace the current paragraph with your proposed one, I have proposed
change at the top

--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Eagles may soar, but weasels don't get sucked into jet engines. 
___

squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] SSL

2017-03-20 Thread Eliezer Croitoru 
What mobile devices are you using?

Eliezer


Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: elie...@ngtech.co.il


-Original Message-
From: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] On Behalf 
Of turgut kalfao?lu
Sent: Monday, March 20, 2017 8:58 AM
To: squid-users@lists.squid-cache.org
Subject: [squid-users] SSL

Good morning everyone,

Congratulations on improving the SSL interception in squid; I am now 
caching https traffic - especially the beast called facebook.
Likewise google https works well; and I have no issues on the destop.

The androids are giving a few headaches:
1) WhatsApp videos do not download,
2) Facebook messenger will not connect.

Are these known issues, or shall I collect debugging info on them?
If there are any iptables or squid commands to bypass caching these; I'd 
be very glad if someone can share them.
I just want to be able to speed up the traffic without hindering any 
communication.

Many thanks,
Turgut Kalfaoglu

___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] Squid Authentication with HTTP REST API

2017-03-20 Thread Eliezer Croitoru 
Hey Serhat,

The right way to support OAUTH2 or any similar idea would be using an ICAP
service or ECAP module(to my knowledge).
There might be a way to do it using an external_acl helper but I do not know
how and if it would be possible.

To my understanding OAUTH2 will use some redirection when a cookie is not
present and if present and valid then it will let you pass.
Also it will has a special token "portal" api which the OAUTH2 will redirect
towards in or order to get the cookie from the origin service.
In the backend when the request from the client to the api with the key will
be done the client token will be revalidated in the background
against the facebook or google or another OAUTH2 provider using the
developer API key.

Eliezer


http://ngtech.co.il/lmgtfy/
Linux System Administrator
Mobile: +972-5-28704261
Email: elie...@ngtech.co.il


From: Serhat Koroglu [mailto:serhatkoro...@outlook.com] 
Sent: Monday, March 20, 2017 8:49 AM
To: Eliezer Croitoru ;
squid-users@lists.squid-cache.org
Subject: Re: [squid-users] Squid Authentication with HTTP REST API

Sorry for late reply.
I have find a suitable solution for validation through a http web service.
Here tells developing custom helper even using
php: http://freesoftwaremagazine.com/articles/authentication_with_squid/ Tha
t's nice. 

Then I know there is  authentication with oauth2 for squid-server. But you
may be know, in oauth2 authentication, you must authorize the app using
user's credentials e.g. facebook username and password. When this oauth2
method is used, your app must redirect to the oauth2 service to authorize
your app. 

You may had used many web sites like that with facebook login. So my
question is how may squid server do this redirect  and authorization process
using a third party oauth2 service? Squid asks username and password with
web browser popup. Is there any example to this? 

Regards,
Serhat.

From: Eliezer Croitoru 
Sent: Wednesday, March 15, 2017 12:01:15 PM
To: 'Serhat Koroglu'
Cc: mailto:squid-users@lists.squid-cache.org
Subject: RE: [squid-users] Squid Authentication with HTTP REST API 
 
Hey Serhat,(first name right?)

From what I understand you have a specific case.
Today the squid project doesn't have an example on how to implement such a
solution.
I am willing to write an example for such a use case.
If you are willing to give me some of the details privately I would be able
to put up together an ICAP server as an example.

Eliezer


Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: mailto:elie...@ngtech.co.il


-Original Message-
From: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] On
Behalf Of Amos Jeffries
Sent: Wednesday, March 15, 2017 4:04 AM
To: mailto:squid-users@lists.squid-cache.org
Subject: Re: [squid-users] Squid Authentication with HTTP REST API

On 14/03/2017 8:15 p.m., Serhat Koroglu wrote:
> Hello,
> 
> Is there any possibilty implementing an authentication through a custom
XML Web Service or HTTP REST API? What should I check?
> 

Squid supports the HTTP authentication framework (RFC 7235
). Squid is intentionally designed
not to touch the message payloads.

If the API uses custom headers then you can possibly do it with an
external_acl_type helper that takes those headers and returns
credentials to Squid.

But, if the API uses message payloads you will likely need something
like an ICAP service or eCAP module to do the payload processing.


Amos

___
squid-users mailing list
mailto:squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] Squid Authentication with HTTP REST API

2017-03-20 Thread Serhat Koroglu 
Sorry for late reply.

I have find a suitable solution for validation through a http web service. Here 
tells developing custom helper even using php: 
http://freesoftwaremagazine.com/articles/authentication_with_squid/ That's nice.


Then I know there is  authentication with oauth2 for squid-server. But you may 
be know, in oauth2 authentication, you must authorize the app using user's 
credentials e.g. facebook username and password. When this oauth2 method is 
used, your app must redirect to the oauth2 service to authorize your app.


You may had used many web sites like that with facebook login. So my question 
is how may squid server do this redirect  and authorization process using a 
third party oauth2 service? Squid asks username and password with web browser 
popup. Is there any example to this?


Regards,

Serhat.


From: Eliezer Croitoru 
Sent: Wednesday, March 15, 2017 12:01:15 PM
To: 'Serhat Koroglu'
Cc: squid-users@lists.squid-cache.org
Subject: RE: [squid-users] Squid Authentication with HTTP REST API

Hey Serhat,(first name right?)

>From what I understand you have a specific case.
Today the squid project doesn't have an example on how to implement such a 
solution.
I am willing to write an example for such a use case.
If you are willing to give me some of the details privately I would be able to 
put up together an ICAP server as an example.

Eliezer


Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: elie...@ngtech.co.il


-Original Message-
From: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] On Behalf 
Of Amos Jeffries
Sent: Wednesday, March 15, 2017 4:04 AM
To: squid-users@lists.squid-cache.org
Subject: Re: [squid-users] Squid Authentication with HTTP REST API

On 14/03/2017 8:15 p.m., Serhat Koroglu wrote:
> Hello,
>
> Is there any possibilty implementing an authentication through a custom XML 
> Web Service or HTTP REST API? What should I check?
>

Squid supports the HTTP authentication framework (RFC 7235
). Squid is intentionally designed
not to touch the message payloads.

If the API uses custom headers then you can possibly do it with an
external_acl_type helper that takes those headers and returns
credentials to Squid.

But, if the API uses message payloads you will likely need something
like an ICAP service or eCAP module to do the payload processing.


Amos

___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] SSL Bump issues

2017-03-20 Thread Tim Bates 
Ignoring the Squid part, is it TLS 1.2 that's the root problem, or the 
ciphers?
Are you aware XP schannel.dll has some ciphers and protocols disabled by 
default, even though they're supported?


See here: 
https://support.microsoft.com/en-au/help/245030/how-to-restrict-the-use-of-certain-cryptographic-algorithms-and-protocols-in-schannel.dll


TB


On 20/03/2017 12:58 PM, mr_jrt wrote:

Hello all,

Brief version:
Can't get ssl_bump working to get an old XP system's schannel.dll (i.e.
built-in SSL) talking to a TLS 1.2 server, but works with Firefox (which has
it's own SSL stack).

Long version:
This afternoon's task was to try and solve the issue of an old internal
legacy XP system (and thus stuck on TLS 1.0) that can't be upgraded, but
needs to be able to speak to servers running TLS 1.2. I've tried several
approaches, but using squid with ssl_bump seemed to be the most appropriate
solution, but for the life of me, I've not been able to get it to work
properly, so was hoping for a few pointers.

The software that needs to run uses the built-in schannel dll, but it can
have a proxy specified, so things don't have to be transparent, ...but it
does get stuck with all the limitations of the ancient schannel dll. Does
however mean I can use the system's IE for testing.

First up, I'm running Debian on my squid server. That means the distro
packages don't have ssl support compiled in, so I had to compile my own
packages. The version is 3.5.23, and the relevant configure output is:



I had to compile against the older version of openssl due to the changes in
their locking API, so I installed
https://packages.debian.org/stretch/libssl1.0-dev, which enabled me to
compile successfully.

I've looked at countless examples, i.e.
http://wiki.squid-cache.org/ConfigExamples/Intercept/SslBumpExplicit

...but the only way I've got any successful SSL proxying is with:


...but as expected, that's clearly not doing any bumping from the logs:



When I put anything more in, i.e.


Then it turns on the mode:


...but then I just get errors about no ciphers:


I have a test site I'm using that I can fiddle with the ciphers on, and I
can access it fine from the legacy system directly when I enable the old
stuff (TLS 1.0, etc), but even then it seems to be squid's encryption (or
maybe, decryption from the client?) that isn't working as it still won't
connect regardless of what I try.

Even if I throw in an explicit list of ciphers, copied from the target
server (incidentally, the same host as squid, if that's relevant), still
nada.

Interestingly, ssl_bump seems to work perfectly fine from Firefox from the
same machine, even when crippled down to TLS 1.0 only with the server set to
restrict to TLS 1.2. So it seems to be doing what I want, just not for
schannel.dll? I'm suspecting that openssl as used by squid can't speak any
ciphers that schannel can, so it seems the issue isn't actually between
squid and the target server, but between squid and the old client...



--
View this message in context: 
http://squid-web-proxy-cache.1019090.n4.nabble.com/SSL-Bump-issues-tp4681843.html
Sent from the Squid - Users mailing list archive at Nabble.com.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users



___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] SSL Bump issues

2017-03-20 Thread Alex Rousskov 
On 03/19/2017 07:58 PM, mr_jrt wrote:

> ...but the only way I've got any successful SSL proxying is with:
> 
> 
> ...but as expected, that's clearly not doing any bumping from the logs:
> 
> 
> 
> When I put anything more in, i.e.
> 
> 
> Then it turns on the mode:
> 
> 
> ...but then I just get errors about no ciphers:
> 

Please note that your configuration and other details in the post did
not get through to the mailing list (probably due to some fancy quoting
provided by Nabble that does not get through to the actual squid-users
mailing list).

Alex.

___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] SSL

2017-03-20 Thread turgut kalfaoğlu 

On 03/20/2017 11:28 AM, Eliezer Croitoru wrote:

What mobile devices are you using?


It's an android 7 phone..
-turgut



Eliezer


Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: elie...@ngtech.co.il


-Original Message-
From: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] On Behalf 
Of turgut kalfao?lu
Sent: Monday, March 20, 2017 8:58 AM
To: squid-users@lists.squid-cache.org
Subject: [squid-users] SSL

Good morning everyone,

Congratulations on improving the SSL interception in squid; I am now
caching https traffic - especially the beast called facebook.
Likewise google https works well; and I have no issues on the destop.

The androids are giving a few headaches:
1) WhatsApp videos do not download,
2) Facebook messenger will not connect.

Are these known issues, or shall I collect debugging info on them?
If there are any iptables or squid commands to bypass caching these; I'd
be very glad if someone can share them.
I just want to be able to speed up the traffic without hindering any
communication.

Many thanks,
Turgut Kalfaoglu

___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users




___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] Squid Transparent/intercept Issues

2017-03-20 Thread Antony Stone 
On Monday 20 March 2017 at 16:26:40, christian brendan wrote:

> Hello Everyone,
> 
> Squid Cache: Version 3.5.20
> OS: CentOS 7
> 
> I have used squid for quite some times non transparently and it works,
> problem kicks in when: http_port 3128 transparent is enabled.
> Access denied error page shows up when transparent is enabled
> ERRORThe requested URL could not be retrieved

How are you getting the packets to the Squid server for interception?

Is the Squid server in the default route between your clients and the 
Internet, or are you redirecting the packets to the Squid server somehow?

Please give *details* of how you are intercepting and sending the packets to 
Squid (eg: iptables rules, and which machine/s the rules are running on).


Antony.

-- 
Anything that improbable is effectively impossible.

 - Murray Gell-Mann, Nobel Prizewinner in Physics

   Please reply to the list;
 please *don't* CC me.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] SMP and AUFS

2017-03-20 Thread Matus UHLAR - fantomas 

On 19.03.17 11:08, Alex Rousskov wrote:

On 03/18/2017 11:11 PM, senor wrote:


There are many references in the squid wiki, FAQ and Knowlegebase about
SMP but I don't see any of them reflecting the concerns you have brought
up.


There is a paragraph about these problems at [1] (search for "ufs") but
I agree that better documentation, including wiki and
squid.conf.documented changes/additions would be nice.

 [1] http://wiki.squid-cache.org/Features/SmpScale



My point in mentioning that there are a lot of installations using
SMP and AUFS is that something widely used but buggy tends to be brought
up on this email list and I haven't seen it.


IIRC, it has been brought up several times on the mailing lists and in
Bugzilla. Once you dedicate each ufs-based store to each individual
worker, most of the problems become subtle, often "invisible" to an
admin because they "break" transactions, not Squid, especially if you do
not use a mixture of ufs-based and rock stores. Using mailing list as an
indicator that as subtle problem does _not_ exist is a risky strategy IMO.


Well, I personally will still be curious how much does SMP affect the case of
one worker and one or more diskers...

do diskers only provide I/O to the requestor? 


--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Depression is merely anger without enthusiasm. 
___

squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

[squid-users] Squid Transparent/intercept Issues

2017-03-20 Thread christian brendan 
Hello Everyone,

Squid Cache: Version 3.5.20
OS: CentOS 7

I have used squid for quite some times non transparently and it works,
problem kicks in when: http_port 3128 transparent is enabled.
Access denied error page shows up when transparent is enabled
ERRORThe requested URL could not be retrieved
--

The following error was encountered while trying to retrieve the URL:
http://www. bing.com

*Access Denied.*

Access control configuration prevents your request from being allowed at
this time. Please contact your service provider if you feel this is
incorrect.

Your cache administrator is root

.


Some forums says
transparent was deprecated and replaced with "intercept"

while others says otherwise.
Most confusing is, when http_port is set to transparent or intercept it
gives the same result
The only thing that seems to work is: http_port 3128 accel vhost
allow-direct
but i'm not comfortable with this because i do not think it was meant for
transparent operations besides it blocks https sites on the squid host
system.

Please i need advice on transparent mode best practices.

Is it http_port 3128 transparent or intercept or accel vhost allow-direct

which one is supported by the current version of squid 3.5.20 ?
Best Regards
Thanks
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] squid workers question

2017-03-20 Thread Matus UHLAR - fantomas 

On 10.03.17 08:52, Alex Rousskov wrote:

Sorry, but that 2010 documentation is outdated. It was written before
Rock store, a 2011 feature that changed what "SMP mode" means. This is
my fault. Here is a replacement draft that I was working on until wiki
went down:


NAME: workers
DEFAULT: 1
Number of main Squid processes or "workers" to fork and maintain.

In a typical setup, each worker listens on all http_port(s) and
proxies requests without talking to other workers. Depending on
configuration, other Squid processes (e.g., rock store "diskers")
may also participate in request processing. All such Squid processes
are collectively called "kids".

Setting workers to 0 disables kids creation and is similar to
running "squid -N ...". A positive value starts that many workers.


The default of 1 (only) creates kids for each rock store configured.


When multiple concurrent kids are in use, Squid is said to work in
"SMP mode". Some Squid features (e.g., ufs-based cache_dirs) are not
SMP-aware and should not or cannot be used in SMP mode.

See http://wiki.squid-cache.org/Features/SmpScale for details.


very nice, thanks. However this is not meant for the wiki, but for:
http://www.squid-cache.org/Doc/config/workers/

maybe that pages could be updated (all but 3.2 versions are the same).



The final version will probably move and extend the terminology-related
text to the SMP section preamble -- it is kind of wrong to talk about
diskers when documenting workers. Improvements and constructive
suggestions welcomed!


compared to current version I'd change it to:

1: start one main Squid process daemon (default)
   "no SMP" when rock store is not used
   "SMP" when rock store in use


so, with "workers 1", both aufs and rock should work properly, with rock
using separate process, correct?


There are several ways to interpret your question, but the most likely
interpretation leads to the "incorrect" answer: Without -N, a
combination of "workers 1" and at least one "cache_dir rock" enables
SMP. Do not use ufs-based cache_dirs in SMP mode.


That explains it. thanks.


--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
99 percent of lawyers give the rest a bad name. 
___

squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] SMP and AUFS

2017-03-20 Thread Alex Rousskov 
On 03/20/2017 10:15 AM, Matus UHLAR - fantomas wrote:

> Well, I personally will still be curious how much does SMP affect the
> case of one worker and one or more diskers...

I do not understand why you are asking this question in AUFS context.
AUFS does not use diskers! Today, only Rock store uses diskers (in SMP
mode). Some other [ufs-based] cache stores use various helper threads
and processes for I/O as well, but those helper processes are not
diskers or even kids in SMP terminology.


> do diskers only provide I/O to the requestor?

Diskers primary function is low-level disk cache I/O. Like all kids,
diskers respond to cache manager requests and Squid management events
(e.g. shutdown and reconfiguration). IIRC, diskers also build in-RAM
cache_dir index.

http://wiki.squid-cache.org/Features/SmpScale#Terminology

HTH,

Alex.

___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] squid workers question

2017-03-20 Thread Alex Rousskov 
On 03/20/2017 09:20 AM, Matus UHLAR - fantomas wrote:
> On 10.03.17 08:52, Alex Rousskov wrote:
>> Sorry, but that 2010 documentation is outdated. It was written before
>> Rock store, a 2011 feature that changed what "SMP mode" means. This is
>> my fault. Here is a replacement draft that I was working on until wiki
>> went down:
>>
>>> NAME: workers
>>> DEFAULT: 1
>>> Number of main Squid processes or "workers" to fork and maintain.
>>>
>>> In a typical setup, each worker listens on all http_port(s) and
>>> proxies requests without talking to other workers. Depending on
>>> configuration, other Squid processes (e.g., rock store "diskers")
>>> may also participate in request processing. All such Squid processes
>>> are collectively called "kids".
>>>
>>> Setting workers to 0 disables kids creation and is similar to
>>> running "squid -N ...". A positive value starts that many workers.

> The default of 1 (only) creates kids for each rock store configured.

What makes you think that? I believe "workers 1" in the presence of rock
cache_dirs should create one kid to handle HTTP transaction _plus_ one
kid for each rock cache_dir.


>>> When multiple concurrent kids are in use, Squid is said to work in
>>> "SMP mode". Some Squid features (e.g., ufs-based cache_dirs) are not
>>> SMP-aware and should not or cannot be used in SMP mode.
>>>
>>> See http://wiki.squid-cache.org/Features/SmpScale for details.

> very nice, thanks. However this is not meant for the wiki, but for:
> http://www.squid-cache.org/Doc/config/workers/

To be more precise, the text is meant for src/cf.data.pre, from which
squid.conf.documented (and Doc/Config pages) are generated from. Not
sure why you say "However" though.


> maybe that pages could be updated (all but 3.2 versions are the same).

Once the above worker documentation changes are polished and committed
to the Squid repository, the affected generated pages/files will be
updated automatically.

The documentation for earlier versions may never be updated though -- it
depends on whether the changes are going to be ported and committed to
the code branches corresponding to those earlier versions.


>> The final version will probably move and extend the terminology-related
>> text to the SMP section preamble -- it is kind of wrong to talk about
>> diskers when documenting workers. Improvements and constructive
>> suggestions welcomed!
> 
> compared to current version I'd change it to:
> 
> 1: start one main Squid process daemon (default)
>"no SMP" when rock store is not used
>"SMP" when rock store in use

I agree that we should add something like this as a common-case example
of general rules. Thank you.

Alex.

___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users