Description
This tag can be used if you want the anonymous login password to be more informative. You can set this to something reasonable for your domain, like squid@squid.visolve.com. The reason why this is domain less by default is that the request can be made on the behalf of a user in any domain, depending on how the cache is used. Some ftp servers also validate the email address. For detailed explanation Click Here

Example
ftp_user squid@squid.visolve.com

Description
This tag is used to set the width of ftp listings. This should be set to fit in the width of a standard browser. Setting this too small can cut off long filenames when browsing ftp sites.

Example
ftp_list_width 64

Description
If your firewall does not allow Squid to use passive connections, then turn off this option.

Description
This tag is used to specify the location of the executable for dns lookup process. This option is only available if Squid is rebuilt with the --disable-internal-dns option.

The external dns program uses the normal resolver libraries which is a much more mature DNS client. The internal DNS client still has some problems with special cases in the DNS protocol. However, things has gotten a lot better compared to the early version so any of these issues are not likely to be noticed, and is heavily out weighted by the improved performance and reliability. But drawbacks of the external DNS helper are likely to be noticed when using external DNS. If DNS lookups are slow then the external DNS helper will hit the roof and no further DNS lookups can complete (some Squid versions even abort in such case).

Recommendation: Use the internal DNS client unless an experience problem which forces to use the external one until a fix is provided.

Example
cache_dns_program /usr/local/squid/bin/dnsserver

Description
The number of processes spawn to service DNS name lookups are specified here. For heavily loaded caches on large servers, There is probably need to increase this value to at least 10. The maximum is 32. The default is 5. This option is only available if Squid is rebuilt with the --disable-internal-dns option. The number of processes increases, the performance of DNS lookups also increases. It is recommended to use maximum child processes (32).

The limitation that the external dnsserver helper can only handle one DNS lookup at a time and cannot be aborted prior to the 2 minutes DNS lookup time-out. The internal DNS client does not have this limitation and can handle any number of concurrent lookups. See the description of cache_dns_program.

Example
dns_children 10

Caution
You must have at least one dnsserver process

Description
This tag is used to set the initial retransmit interval for DNS queries. The interval is doubled each time all configured DNS servers have been tried

Description
This tag is used to set the DNS Query time-out. If no response is received to a DNS query within this time then all DNS servers for the queried domain is assumed to be unavailable

Description
Normally the 'dnsserver' disables the RES_DEFNAMES resolver option (see res_init(3)). This prevents caches in a hierarchy from interpreting single component hostnames locally. To allow dnsserver handle single component names, enable this option. This option is only available if Squid is rebuilt with the --disable-internal-dnsoption.

Description
This tag can be used if you want to specify a list of DNS name servers (IP addresses) to use instead of those given in your /etc/resolv.conf file

Example
dns_nameservers 172.16.1.102 204.54.6.20

Description
To specify the location of the diskd executable. Note that this is only useful if you have compiled in diskd as one of the store io modules.

Example
diskd_program /local/squid/bin/diskd

Description
This tag specifies the location of the unlinkd program. This isn't needed if you are using async-io since it's handled by a thread

Example
unlinkd_program /usr/local/squid/bin/unlinkd

Description
This tag is used to specify the location of the executable for the pinger process. This is only useful if you configured Squid (during compilation) with the '--enable-icmp' option

Example
pinger_program /usr/local/squid/bin/pinger

Description
This tag is used to specify the location of the executable for the URL redirector. Since they can perform almost any function there isn't one included. Click here for information on how to write one. By default, a redirector is not used

Example
redirect_program /usr/local/squirm/bin/squirm

Description
This tag is used to set the number of redirect processes to spawn

Example
redirect_children 10

Caution
If you start too few Squid will have to wait for them to process a back log of URLs, slowing it down. If you start too many they will use RAM and other system resources.

Description
By default Squid rewrites any Host: header in redirected requests. If you are running a accelerator then this may not be a wanted effect of a redirector

Description
If defined, this access list specifies which requests are sent to the redirector processes

Example
redirector_access allow aclname

Description
This tag is used to specify the command for the external authenticator. Such a program reads a line containing "username password" and replies "OK" or "ERR" in an endless loop. If you use an authenticator, make sure you have 1 acl of type proxy_auth. If you want to use the traditional proxy authentication, jump over to the ../auth_modules/NCSA directory and give

# make
# make install

The source for this program is included in the source distribution, in the auth_modules/NCSA directory. You should now have an ncsa_authprogram in the same directory where your squid binary lives. You may need to create a password file. If you have been using proxy authentication before, you probably already have such a file. You can get apache's htpasswd program from here. Pick a pathname for your password file. We will assume you will want to put it in the same directory as your Squid.conf.

Example
authenticate_program /usr/local/squid/bin/ncsa_auth /usr/local/squid/etc/passwd

Description
The number of authenticator processes to spawn (default 5).

Caution
If you start too few Squid will have to wait for them to process aback log of usercode/password verifications, slowing it down. When password verifications are done via a (slow) network you are likely to need lots of authenticator processes.

Description
This tag is used to specify the time a checked username/password combination remains cached (default 3600). If a wrong password is given for a cached user, the user gets removed from the username/password cache forcing a revalidation.

Description
With this option you control how long a proxy authentication will be bound to a specific IP address. If a request using the same user name is received during this time then access will be denied and both users are required to reauthenticate them selves. The idea behind this is to make it annoying for people to share their password to their friends, but yet allow a dialup user to reconnect on a different dialup port. The default is 0 to disable the check. Recommended values if you have dialup users are no more than 60 (seconds). If all your users are stationary then higher values may be used.

Example
authenticate_ip_ttl 3600

Description
This option makes authenticate_ip_ttl a bit stricter. With this enabled authenticate_ip_ttl will deny all access from other IPaddresses until the TTL has expired, and the IP address "owning" the userid will not be forced to reauthenticate.