While using Squid as an httpd-accelerator and general front-end server
for SSL handling and distributing requests, I added a few small features
that I needed. I am sending this patch to the list in case anybody else
is interested in these humble improvements.
The added options are:
- peer option 'httpd' sends normal HTTP requests to that peer instead of
proxy requests.
- peer option 'immortal' prevents the peer from ever being marked dead.
- global option 'forward_retries' allows the previously hardcoded number
of retries (10) to be changed.
- global option 'httpd_accel_with_icp' turns on ICP without turning on
full proxy mode.
Regards, Karsten
P.S. Please CC any replies to me, as I am not subscribed to the list.
diff -ru squid-2.5.STABLE5-20040329/src/access_log.c
squid-2.5.5-intrical/src/access_log.c
--- squid-2.5.STABLE5-20040329/src/access_log.c Mon Jul 28 20:59:28 2003
+++ squid-2.5.5-intrical/src/access_log.c Mon Mar 29 14:21:46 2004
@@ -290,6 +290,41 @@
safe_free(user2);
}
+static void
+accessLogCombined(AccessLogEntry *al)
+{
+ const char *client = NULL;
+ char *user1, *user2;
+ const char *agent = NULL, *refer = NULL;
+
+ if (Config.onoff.log_fqdn)
+ client = fqdncache_gethostbyaddr(al->cache.caddr, 0);
+ if (client == NULL)
+ client = inet_ntoa(al->cache.caddr);
+ user1 = accessLogFormatName(al->cache.authuser);
+ user2 = accessLogFormatName(al->cache.rfc931);
+ if (al->req_hdr) {
+ refer = httpHeaderGetStr(al->req_hdr, HDR_REFERER);
+ agent = httpHeaderGetStr(al->req_hdr, HDR_USER_AGENT);
+ }
+ logfilePrintf(logfile, "%s %s %s [%s] \"%s %s HTTP/%d.%d\" %d %ld \"%s\" \"%s\"
%s:%s",
+ client,
+ user2 ? user2 : dash_str,
+ user1 ? user1 : dash_str,
+ mkhttpdlogtime(&squid_curtime),
+ al->private.method_str,
+ al->url,
+ al->http.version.major, al->http.version.minor,
+ al->http.code,
+ (long int) al->cache.size,
+ refer ? refer : "",
+ agent ? agent : "",
+ log_tags[al->cache.code],
+ hier_strings[al->hier.code]);
+ safe_free(user1);
+ safe_free(user2);
+}
+
void
accessLogLog(AccessLogEntry * al)
{
@@ -306,7 +341,9 @@
if (al->hier.host[0] == '\0')
xstrncpy(al->hier.host, dash_str, SQUIDHOSTNAMELEN);
- if (Config.onoff.common_log)
+ if (Config.onoff.combined_log)
+ accessLogCombined(al);
+ else if (Config.onoff.common_log)
accessLogCommon(al);
else
accessLogSquid(al);
diff -ru squid-2.5.STABLE5-20040329/src/cache_cf.c squid-2.5.5-intrical/src/cache_cf.c
--- squid-2.5.STABLE5-20040329/src/cache_cf.c Sun Dec 7 06:19:36 2003
+++ squid-2.5.5-intrical/src/cache_cf.c Wed Mar 31 15:49:47 2004
@@ -1473,6 +1473,10 @@
p->options.allow_miss = 1;
} else if (!strncasecmp(token, "max-conn=", 9)) {
p->max_conn = atoi(token + 9);
+ } else if (!strcasecmp(token, "httpd")) {
+ p->options.httpd = 1;
+ } else if (!strcasecmp(token, "immortal")) {
+ p->options.immortal = 1;
} else {
debug(3, 0) ("parse_peer: token='%s'\n", token);
self_destruct();
diff -ru squid-2.5.STABLE5-20040329/src/cf.data.pre
squid-2.5.5-intrical/src/cf.data.pre
--- squid-2.5.STABLE5-20040329/src/cf.data.pre Wed Feb 11 10:01:21 2004
+++ squid-2.5.5-intrical/src/cf.data.pre Wed Mar 31 16:26:20 2004
@@ -276,6 +276,8 @@
max-conn
htcp
carp-load-factor
+ httpd
+ immortal
use 'proxy-only' to specify that objects fetched
from this cache should not be saved locally.
@@ -373,6 +375,17 @@
cache as one participating in a CARP array.
The 'f' values for all CARP parents must add
up to 1.0.
+
+ use 'httpd' for peers that aren't actualy proxy servers,
+ and thus don't understand proxy requests. This will
+ cause the protocol, hostname and port to be omitted
+ when forwarding a request to this peer. This is mostly
+ useful in accelerator mode when configuring back-end
+ servers as peers.
+
+ use 'immortal' to prevent the peer from ever being
+ marked as DEAD. This is mainly useful in httpd accel mode
+ when you have configured your backend servers as peers.
NOTE: non-ICP/HTCP neighbors must be specified as 'parent'.
@@ -910,6 +923,20 @@
information that Squid-specific log analyzers use.
DOC_END
+NAME: emulate_httpd_combined_log
+COMMENT: on|off
+TYPE: onoff
+DEFAULT: off
+LOC: Config.onoff.combined_log
+DOC_START
+ The cache can emulate the combined log file format which
+ many 'httpd' programs use. The combined log format is similar
+ to the common log format enabled by setting 'emulate_httpd_log',
+ but includes Referer and User-Agent information. If both
+ 'emulate_http_combined_log' and 'emulate_httpd_log' are set,
+ combined log format takes precedence.
+DOC_END
+
NAME: log_ip_on_direct
COMMENT: on|off
TYPE: onoff
@@ -2575,6 +2602,16 @@
setting)
DOC_END
+NAME: httpd_accel_with_icp
+COMMENT: on|off
+TYPE: onoff
+DEFAULT: off
+LOC: Config.onoff.accel_with_icp
+DOC_START
+ If you want to enable ICP in accelerator mode, change this to 'on'.
+ ICP is automatically enabled if httpd_accel_with_proxy is set.
+DOC_END
+
NAME: httpd_accel_uses_host_header
COMMENT: on|off
TYPE: onoff
@@ -3188,6 +3225,14 @@
Note: This is in addition to the request reforwarding which
takes place if Squid fails to get a satisfying response.
+DOC_END
+
+NAME: forward_retries
+TYPE: int
+LOC: Config.retry.forward
+DEFAULT: 10
+DOC_START
+ This sets the number of retries for forwarding connections.
DOC_END
NAME: snmp_port
diff -ru squid-2.5.STABLE5-20040329/src/client_side.c
squid-2.5.5-intrical/src/client_side.c
--- squid-2.5.STABLE5-20040329/src/client_side.c Thu Feb 19 07:51:16 2004
+++ squid-2.5.5-intrical/src/client_side.c Mon Mar 29 14:21:46 2004
@@ -844,6 +844,7 @@
memBufDefInit(&mb);
packerToMemInit(&p, &mb);
httpHeaderPackInto(&request->header, &p);
+ http->al.req_hdr = &request->header;
http->al.http.method = request->method;
http->al.http.version = request->http_ver;
http->al.headers.request = xstrdup(mb.buf);
diff -ru squid-2.5.STABLE5-20040329/src/forward.c squid-2.5.5-intrical/src/forward.c
--- squid-2.5.STABLE5-20040329/src/forward.c Thu Feb 19 02:44:55 2004
+++ squid-2.5.5-intrical/src/forward.c Mon Mar 29 14:21:46 2004
@@ -133,7 +133,7 @@
return 0;
if (fwdState->entry->mem_obj->inmem_hi > 0)
return 0;
- if (fwdState->n_tries > 10)
+ if (fwdState->n_tries > Config.retry.forward)
return 0;
if (fwdState->origin_tries > 2)
return 0;
diff -ru squid-2.5.STABLE5-20040329/src/http.c squid-2.5.5-intrical/src/http.c
--- squid-2.5.STABLE5-20040329/src/http.c Fri Mar 19 21:56:55 2004
+++ squid-2.5.5-intrical/src/http.c Wed Mar 31 16:05:29 2004
@@ -1048,7 +1048,7 @@
httpState->fd = fd;
if (fwd->servers)
httpState->peer = fwd->servers->peer; /* might be NULL */
- if (httpState->peer) {
+ if (httpState->peer && !httpState->peer->options.httpd) {
proxy_req = requestCreate(orig_req->method,
PROTO_NONE, storeUrl(httpState->entry));
xstrncpy(proxy_req->host, httpState->peer->host, SQUIDHOSTNAMELEN);
@@ -1058,6 +1058,11 @@
httpState->request = requestLink(proxy_req);
httpState->orig_request = requestLink(orig_req);
proxy_req->flags.proxying = 1;
+ } else {
+ httpState->request = requestLink(orig_req);
+ httpState->orig_request = requestLink(orig_req);
+ }
+ if (httpState->peer) {
/*
* This NEIGHBOR_PROXY_ONLY check probably shouldn't be here.
* We might end up getting the object from somewhere else if,
@@ -1070,9 +1075,6 @@
if (httpState->peer->options.no_delay)
delaySetNoDelay(fd);
#endif
- } else {
- httpState->request = requestLink(orig_req);
- httpState->orig_request = requestLink(orig_req);
}
/*
* register the handler to free HTTP state data when the FD closes
diff -ru squid-2.5.STABLE5-20040329/src/icp_v2.c squid-2.5.5-intrical/src/icp_v2.c
--- squid-2.5.STABLE5-20040329/src/icp_v2.c Sat May 5 01:37:42 2001
+++ squid-2.5.5-intrical/src/icp_v2.c Mon Mar 29 14:21:46 2004
@@ -407,7 +407,7 @@
int x;
socklen_t len;
wordlist *s;
- if (Config2.Accel.on && !Config.onoff.accel_with_proxy)
+ if (Config2.Accel.on && !Config.onoff.accel_with_proxy &&
!Config.onoff.accel_with_icp)
return;
if ((port = Config.Port.icp) <= 0)
return;
diff -ru squid-2.5.STABLE5-20040329/src/main.c squid-2.5.5-intrical/src/main.c
--- squid-2.5.STABLE5-20040329/src/main.c Thu Dec 18 10:10:30 2003
+++ squid-2.5.5-intrical/src/main.c Mon Mar 29 14:21:46 2004
@@ -383,7 +383,7 @@
#endif
serverConnectionsOpen();
if (theOutIcpConnection >= 0) {
- if (!Config2.Accel.on || Config.onoff.accel_with_proxy)
+ if (!Config2.Accel.on || Config.onoff.accel_with_proxy ||
Config.onoff.accel_with_icp)
neighbors_open(theOutIcpConnection);
else
debug(1, 1) ("ICP port disabled in httpd_accelerator mode\n");
@@ -546,7 +546,7 @@
#endif
serverConnectionsOpen();
if (theOutIcpConnection >= 0) {
- if (!Config2.Accel.on || Config.onoff.accel_with_proxy)
+ if (!Config2.Accel.on || Config.onoff.accel_with_proxy ||
Config.onoff.accel_with_icp)
neighbors_open(theOutIcpConnection);
else
debug(1, 1) ("ICP port disabled in httpd_accelerator mode\n");
diff -ru squid-2.5.STABLE5-20040329/src/neighbors.c
squid-2.5.5-intrical/src/neighbors.c
--- squid-2.5.STABLE5-20040329/src/neighbors.c Sun Nov 30 07:53:00 2003
+++ squid-2.5.5-intrical/src/neighbors.c Wed Mar 31 16:16:10 2004
@@ -504,7 +504,7 @@
} else {
/* Neighbor is dead; ping it anyway, but don't expect a reply */
/* log it once at the threshold */
- if (p->stats.logged_state == PEER_ALIVE) {
+ if (p->stats.logged_state == PEER_ALIVE && !p->options.immortal) {
debug(15, 1) ("Detected DEAD %s: %s/%d/%d\n",
neighborTypeStr(p),
p->host, p->http_port, p->icp.port);
@@ -1046,12 +1046,14 @@
debug(15, 2) ("TCP connection to %s/%d dead\n", p->host, p->http_port);
return;
}
- p->tcp_up--;
- if (!p->tcp_up) {
- debug(15, 1) ("Detected DEAD %s: %s/%d/%d\n",
- neighborTypeStr(p),
- p->host, p->http_port, p->icp.port);
- p->stats.logged_state = PEER_DEAD;
+ if (!p->options.immortal) {
+ p->tcp_up--;
+ if (!p->tcp_up) {
+ debug(15, 1) ("Detected DEAD %s: %s/%d/%d\n",
+ neighborTypeStr(p),
+ p->host, p->http_port, p->icp.port);
+ p->stats.logged_state = PEER_DEAD;
+ }
}
}
diff -ru squid-2.5.STABLE5-20040329/src/structs.h squid-2.5.5-intrical/src/structs.h
--- squid-2.5.STABLE5-20040329/src/structs.h Thu Feb 5 06:42:28 2004
+++ squid-2.5.5-intrical/src/structs.h Wed Mar 31 16:11:52 2004
@@ -566,10 +566,12 @@
int source_ping;
#endif
int common_log;
+ int combined_log;
int log_mime_hdrs;
int log_fqdn;
int announce;
int accel_with_proxy;
+ int accel_with_icp;
int mem_pools;
int test_reachability;
int half_closed_clients;
@@ -643,6 +645,7 @@
char *errorDirectory;
struct {
int maxtries;
+ int forward;
} retry;
struct {
size_t limit;
@@ -1047,6 +1050,7 @@
char *request;
char *reply;
} headers;
+ HttpHeader *req_hdr;
struct {
const char *method_str;
} private;
@@ -1276,6 +1280,8 @@
unsigned int no_delay:1;
#endif
unsigned int allow_miss:1;
+ unsigned int httpd:1;
+ unsigned int immortal:1;
} options;
int weight;
struct {
