* squid-2.3.DEVEL3.squid.conf_template_update.patch * Mon Jan 10 23:46:56 CET 2000 Modified Files in squid/src Makefile.in cache_cf.c cf.data.pre cf_gen.c defines.h dns_internal.c mem.c squid.h structs.h Added Files: cf_gen_defines A major update on how squid.conf is generated from cf.data.pre: a) cf_gen_defines is a new program that picks up the conditional defines used in cf.data.pre and makes this available cf_gen_defines.h. It also provides translation to --enable directives when known. b) cf_gen now includes information on how to enable a directive if in the generated squid.conf if the directive wasn't enabled when Squid was built. This is only shown on directives not enabled. c) cf_gen automatically inserts the default (or default-if-none) configuration line between the documentation and no-comment sections. d) Multiple default-if-none settings are allowed. For directives where we wan to provide a recommended configuration different from the built-in default, put this inside the no-comment section (in most cases non-commented) This was initiated when I added squid.conf directives for the internal DNS implementation, and quickly realized that it was far from obvious when the different dns_* directives did apply. A future plan is to split squid.conf in two files. One documenting the beast, and one more suitable as a template configuration. Having all the documentation inside squid.conf is mostly only beneficial when you make the first configuration. After a few upgrades it becomes more of a burden than a benefit, as the documentation gets outdated and you lack documentation on any new directives introduced in the later upgrades. I also took the time to condition out some unused stuff when it is not enabled. ----------------------------------------------------------------- Index: squid/src/Makefile.in diff -u squid/src/Makefile.in:1.1.1.33 squid/src/Makefile.in:1.1.1.33.2.1 --- squid/src/Makefile.in:1.1.1.33 Sat Oct 30 13:24:47 1999 +++ squid/src/Makefile.in Mon Jan 10 23:46:53 2000 @@ -244,6 +244,11 @@ cf_gen: cf_gen.o $(CC) -o $@ $(LDFLAGS) cf_gen.o $(STD_APP_LIBS) +cf_gen.o: cf_gen_defines.h Makefile defines.h ../include/autoconf.h + +cf_gen_defines.h: cf_gen_defines cf.data.pre + awk -f ./cf_gen_defines cf_gen_defines.h + cf.data: cf.data.pre Makefile sed "\ s%@DEFAULT_MIME_TABLE@%$(DEFAULT_MIME_TABLE)%g;\ @@ -362,7 +367,7 @@ clean: -rm -rf *.o *pure_* core $(PROGS) $(UTILS) $(CGIPROGS) $(SUID_UTILS) - -rm -f cf_gen cf_parser.c cf.data globals.c string_arrays.c + -rm -f cf_gen cf_gen_defines.h cf_parser.c cf.data globals.c string_arrays.c distclean: clean -rm -f Makefile squid.conf squid.conf.pre Index: squid/src/cache_cf.c diff -u squid/src/cache_cf.c:1.1.1.35.2.6 squid/src/cache_cf.c:1.1.1.35.2.7 --- squid/src/cache_cf.c:1.1.1.35.2.6 Mon Jan 10 23:37:56 2000 +++ squid/src/cache_cf.c Mon Jan 10 23:46:53 2000 @@ -257,6 +257,7 @@ Config.Announce.period = 86400 * 365; /* one year */ Config.onoff.announce = 0; } +#if USE_DNSSERVERS if (Config.dnsChildren < 1) fatal("No dnsservers allocated"); if (Config.dnsChildren > DefaultDnsChildrenMax) { @@ -266,6 +267,7 @@ DefaultDnsChildrenMax); Config.dnsChildren = DefaultDnsChildrenMax; } +#endif if (Config.Program.redirect) { if (Config.redirectChildren < 1) { Config.redirectChildren = 0; @@ -340,8 +342,12 @@ } #endif requirePathnameExists("MIME Config Table", Config.mimeTablePathname); +#if USE_DNSSERVERS requirePathnameExists("cache_dns_program", Config.Program.dnsserver); +#endif +#if USE_UNLINKD requirePathnameExists("unlinkd_program", Config.Program.unlinkd); +#endif if (Config.Program.redirect) requirePathnameExists("redirect_program", Config.Program.redirect->key); if (Config.Program.authenticate) @@ -1415,6 +1421,12 @@ head = &(*head)->next; *head = t; safe_free(pattern); +} + +static int +check_null_refreshpattern(refresh_t *data) +{ + return data != NULL; } static void Index: squid/src/cf.data.pre diff -u squid/src/cf.data.pre:1.1.1.41.2.13 squid/src/cf.data.pre:1.1.1.41.2.14 --- squid/src/cf.data.pre:1.1.1.41.2.13 Mon Jan 10 11:51:10 2000 +++ squid/src/cf.data.pre Mon Jan 10 23:46:53 2000 @@ -80,8 +80,6 @@ The -a command line option will override the *first* port number listed here. That option will NOT override an IP address, however. - -http_port 3128 DOC_END @@ -93,8 +91,6 @@ The port number where Squid sends and receives ICP queries to and from neighbor caches. Default is 3130. To disable use "0". May be overridden with -u on the command line. - -icp_port 3130 DOC_END NAME: htcp_port @@ -109,7 +105,6 @@ To enable this option, you must use --enable-htcp with the configure script. -htcp_port 4827 DOC_END @@ -138,8 +133,6 @@ Usage: mcast_groups 239.128.16.128 224.0.1.20 By default, Squid doesn't listen on any multicast groups. - -mcast_groups 239.128.16.128 DOC_END @@ -172,16 +165,20 @@ The default behavior is to not bind to any specific address. + A *_incoming_address value of 0.0.0.0 indicates that Squid should + listen on all available interfaces. + + If udp_outgoing_address is set to 255.255.255.255 (the default) + then it will use the same socket as udp_incoming_address. Only + change this if you want to have ICP queries sent using another + address than where this Squid listens for ICP queries from other + caches. + NOTE, udp_incoming_address and udp_outgoing_address can not - have the same value (unless it is 0.0.0.0) since they both use - port 3130. + have the same value since they both use port 3130. NOTE, tcp_incoming_address has been removed. You can now specify IP addresses on the 'http_port' line. - -tcp_outgoing_address 0.0.0.0 -udp_incoming_address 0.0.0.0 -udp_outgoing_address 0.0.0.0 DOC_END COMMENT_START @@ -196,7 +193,7 @@ DOC_START To specify other caches in a hierarchy, use the format: - hostname type http_port icp_port + cache_peer hostname type http_port icp_port For example, @@ -300,8 +297,6 @@ source is a peer) NOTE: non-ICP neighbors must be specified as 'parent'. - -cache_peer hostname type 3128 3130 DOC_END NAME: cache_peer_domain cache_host_domain @@ -371,8 +366,6 @@ timeout (the old default), you would write: icp_query_timeout 2000 - -icp_query_timeout 0 DOC_END NAME: maximum_icp_query_timeout @@ -389,7 +382,6 @@ If 'icp_query_timeout' is set to zero, then this value is ignored. -icp_query_timeout 2000 DOC_END NAME: mcast_icp_query_timeout @@ -403,8 +395,6 @@ address. This value specifies how long Squid should wait to count all the replies. The default is 2000 msec, or 2 seconds. - -mcast_icp_query_timeout 2000 DOC_END NAME: dead_peer_timeout @@ -427,15 +417,12 @@ your time between requests is greater than this timeout, you will see a lot of requests sent DIRECT to origin servers instead of to your parents. - -dead_peer_timeout 10 seconds DOC_END NAME: hierarchy_stoplist TYPE: wordlist DEFAULT: none -DEFAULT_IF_NONE: cgi-bin ? LOC: Config.hierarchy_stoplist DOC_START A list of words which, if found in a URL, cause the object to @@ -443,9 +430,10 @@ to not query neighbor caches for certain objects. You may list this option multiple times. - The default is to directly fetch URLs containing 'cgi-bin' or '?'. - +NOCOMMENT_START +#We recommend you to use at least the following line. hierarchy_stoplist cgi-bin ? +NOCOMMENT_END DOC_END @@ -460,12 +448,12 @@ You must use the word 'DENY' to indicate the ACL names which should NOT be cached. - - There is no default. We recommend you uncomment the following - two lines. +NOCOMMENT_START +#We recommend you to use the following two lines. acl QUERY urlpath_regex cgi-bin \? no_cache deny QUERY +NOCOMMENT_END DOC_END @@ -510,10 +498,6 @@ decreases, blocks will be freed until the high-water mark is reached. Thereafter, blocks will be used to store hot objects. - - The default is 8 Megabytes. - -cache_mem 8 MB DOC_END @@ -541,9 +525,6 @@ Defaults are 90% and 95%. If you have a large cache, 5% could be hundreds of MB. If this is the case you may wish to set these numbers closer together. - -cache_swap_low 90 -cache_swap_high 95 DOC_END NAME: maximum_object_size @@ -562,8 +543,6 @@ NOTE: if using the LFUDA replacement policy you should increase this value to maximize the byte hit rate improvement of LFUDA! See replacement_policy below for a discussion of this policy. - -maximum_object_size 4096 KB DOC_END @@ -588,10 +567,6 @@ LOC: Config.ipcache.high DOC_START The size, low-, and high-water marks for the IP cache. - -ipcache_size 1024 -ipcache_low 90 -ipcache_high 95 DOC_END NAME: fqdncache_size @@ -601,7 +576,6 @@ LOC: Config.fqdncache.size DOC_START Maximum number of FQDN cache entries. -fqdncache_size 1024 DOC_END COMMENT_START @@ -647,8 +621,6 @@ 'Level-2' is the number of second-level subdirectories which will be created under each first-level directory. The default is 256. - -cache_dir ufs @DEFAULT_SWAP_DIR@ 100 16 256 DOC_END @@ -659,8 +631,6 @@ DOC_START Logs the client request activity. Contains an entry for every HTTP and ICP queries received. - -cache_access_log @DEFAULT_ACCESS_LOG@ DOC_END @@ -672,8 +642,6 @@ Cache logging file. This is where general information about your cache's behavior goes. You can increase the amount of data logged to this file with the "debug_options" tag below. - -cache_log @DEFAULT_CACHE_LOG@ DOC_END @@ -687,8 +655,6 @@ saved and for how long. To disable, enter "none". There are not really utilities to analyze this data, so you can safely disable it. - -cache_store_log @DEFAULT_STORE_LOG@ DOC_END @@ -724,8 +690,6 @@ the correct 'cache_dir' entry (unless you manually rename them). We recommend that you do NOT use this option. It is better to keep these log files in each 'cache_dir' directory. - -cache_swap_log DOC_END @@ -740,8 +704,6 @@ emulate_httpd_log to 'off' or 'on'. The default is to use the native log format since it includes useful information that Squid-specific log analyzers use. - -emulate_httpd_log off DOC_END @@ -753,8 +715,6 @@ Pathname to Squid's MIME table. You shouldn't need to change this, but the default file contains examples and formatting information if you do. - -mime_table @DEFAULT_MIME_TABLE@ DOC_END @@ -769,8 +729,6 @@ safely and will appear as two bracketed fields at the end of the access log (for either the native or httpd-emulated log formats). To enable this logging set log_mime_hdrs to 'on'. - -log_mime_hdrs off DOC_END @@ -778,13 +736,11 @@ TYPE: string LOC: Config.Log.useragent DEFAULT: none +IFDEF: USE_USERAGENT_LOG DOC_START - If configured with the "--enable-useragent_log" configure - option, Squid will write the User-Agent field from HTTP - requests to the filename specified here. By default - useragent_log is disabled. - -useragent_log none + Squid will write the User-Agent field from HTTP requests + to the filename specified here. By default useragent_log + is disabled. DOC_END @@ -794,8 +750,6 @@ LOC: Config.pidFilename DOC_START A filename to write the process-id to. To disable, enter "none". - -pid_filename @DEFAULT_PID_FILE@ DOC_END @@ -810,8 +764,6 @@ log file, so be careful. The magic word "ALL" sets debugging levels for all sections. We recommend normally running with "ALL,1". - -debug_options ALL,1 DOC_END @@ -826,8 +778,6 @@ IP's connecting to it. This can (in some situations) increase latency, which makes your cache seem slower for interactive browsing. - -log_fqdn off DOC_END @@ -840,8 +790,6 @@ Change this to protect the privacy of your cache clients. A netmask of 255.255.255.0 will log all IP's in that range with the last digit set to '0'. - -client_netmask 255.255.255.255 DOC_END @@ -864,8 +812,6 @@ depending on how the cache is used. Some ftp server also validate that the email address is valid (for example perl.com). - -ftp_user Squid@ DOC_END NAME: ftp_list_width @@ -876,24 +822,22 @@ Sets the width of ftp listings. This should be set to fit in the width of a standard browser. Setting this too small can cut off long filenames when browsing ftp sites. - -ftp_list_width 32 DOC_END NAME: cache_dns_program TYPE: string DEFAULT: @DEFAULT_DNSSERVER@ LOC: Config.Program.dnsserver +IFDEF: USE_DNSSERVERS DOC_START Specify the location of the executable for dnslookup process. - -cache_dns_program @DEFAULT_DNSSERVER@ DOC_END NAME: dns_children TYPE: int DEFAULT: 5 LOC: Config.dnsChildren +IFDEF: USE_DNSSERVERS DOC_START The number of processes spawn to service DNS name lookups. For heavily loaded caches on large servers, you should @@ -903,8 +847,6 @@ To disable dnsservers, set this to 0. NOTE, this is very strongly discouraged. If you disable dnsservers your Squid process will BLOCK on DNS lookups! - -dns_children 5 DOC_END NAME: dns_retransmit_interval @@ -934,14 +876,13 @@ TYPE: onoff DEFAULT: off LOC: Config.onoff.res_defnames +IFDEF: USE_DNSSERVERS DOC_START Normally the 'dnsserver' disables the RES_DEFNAMES resolver option (see res_init(3)). This prevents caches in a hierarchy from interpreting single-component hostnames locally. To allow dnsserver to handle single-component names, enable this option. - -dns_defnames off DOC_END NAME: dns_nameservers @@ -954,8 +895,6 @@ /etc/resolv.conf file. Example: dns_nameservers 10.0.0.1 192.172.0.4 - -dns_nameservers none DOC_END @@ -965,23 +904,15 @@ LOC: Config.Program.unlinkd DOC_START Specify the location of the executable for file deletion process. - This isn't needed if you are using async-io since it's handled by - a thread. - -unlinkd_program @DEFAULT_UNLINKD@ DOC_END - NAME: pinger_program TYPE: string DEFAULT: @DEFAULT_PINGER@ LOC: Config.Program.pinger +IFDEF: USE_ICMP DOC_START Specify the location of the executable for the pinger process. - This is only useful if you configured Squid (during compilation) - with the '--enable-icmp' option. - -pinger_program @DEFAULT_PINGER@ DOC_END @@ -994,8 +925,6 @@ Since they can perform almost any function there isn't one included. See the Release-Notes for information on how to write one. By default, a redirector is not used. - -redirect_program none DOC_END @@ -1008,8 +937,6 @@ too few Squid will have to wait for them to process a backlog of URLs, slowing it down. If you start too many they will use RAM and other system resources. - -redirect_children 5 DOC_END NAME: redirect_rewrites_host_header @@ -1020,7 +947,6 @@ By default Squid rewrites any Host: header in redirected requests. If you are running a accelerator then this may not be a wanted effect of a redirector. -redirect_rewrites_host_header on DOC_END NAME: redirector_access @@ -1054,8 +980,6 @@ Then, set this line to something like authenticate_program @DEFAULT_PREFIX@/bin/ncsa_auth @DEFAULT_PREFIX@/etc/passwd - -authenticate_program none DOC_END NAME: authenticate_children @@ -1068,8 +992,6 @@ of usercode/password verifications, slowing it down. When password verifications are done via a (slow) network you are likely to need lots of authenticator processes. - -authenticate_children 5 DOC_END NAME: authenticate_ttl @@ -1081,8 +1003,6 @@ (default 3600). If a wrong password is given for a cached user, the user gets removed from the username/password cache forcing a revalidation. - -authenticate_ttl 3600 DOC_END NAME: authenticate_ip_ttl @@ -1103,8 +1023,6 @@ if you have dialup users are no more than 60 (seconds). If all your users are stationary then higher values may be used. - -authenticate_ip_ttl 0 DOC_END COMMENT_START @@ -1124,9 +1042,6 @@ LOC: Config.Wais.relayPort DOC_START Relay WAIS request to host (1st arg) at port (2 arg). - -wais_relay_host localhost -wais_relay_port 8000 DOC_END @@ -1141,7 +1056,6 @@ Placing a limit on the request header size will catch certain bugs (for example with persistent connections) and possibly buffer-overflow or denial-of-service attacks. -request_header_max_size 10 KB DOC_END NAME: request_body_max_size @@ -1156,7 +1070,6 @@ than this limit receives an "Invalid Request" error message. If you set this parameter to a zero, there will be no limit imposed. -request_body_max_size 1 MB DOC_END NAME: reply_body_max_size @@ -1183,7 +1096,6 @@ If you set this parameter to zero (the default), there will be no limit imposed. -reply_body_max_size 0 DOC_END @@ -1191,6 +1103,9 @@ TYPE: refreshpattern LOC: Config.Refresh DEFAULT: none +DEFAULT_IF_NONE: ^ftp: 1440 20% 10080 +DEFAULT_IF_NONE: ^gopher: 1440 0% 1440 +DEFAULT_IF_NONE: . 0 20% 4320 DOC_START usage: refresh_pattern [-i] regex min percent max [options] @@ -1247,12 +1162,9 @@ The first entry which matches is used. If none of the entries match, then the default will be used. -Default: -NOCOMMENT_START -refresh_pattern ^ftp: 1440 20% 10080 -refresh_pattern ^gopher: 1440 0% 1440 -refresh_pattern . 0 20% 4320 -NOCOMMENT_END + Note, you must uncomment all the default lines if you want + to change one. The default setting is only active if none is + used. DOC_END @@ -1295,8 +1207,6 @@ For more information about these cache replacement policies see http://www.hpl.hp.com/techreports/1999/HPL-1999-69.html and http://fog.hpl.external.hp.com/techreports/98/HPL-98-173.html. - -replacement_policy LFUDA DOC_END @@ -1324,8 +1234,6 @@ NOTE: this parameter is not used when using the enhanced replacement policies, GDSH or LFUDA. - -reference_age 1 year DOC_END @@ -1339,7 +1247,7 @@ NAME: quick_abort_max COMMENT: (KB) TYPE: kb_size_t -DEFAULT: 16 kb +DEFAULT: 16 KB LOC: Config.quickAbort.max DOC_NONE @@ -1368,10 +1276,6 @@ If more than 'quick_abort_pct' of the transfer has completed, it will finish the retrieval. - -quick_abort_min 16 KB -quick_abort_max 16 KB -quick_abort_pct 95 DOC_END @@ -1386,8 +1290,6 @@ negatively-cached for a configurable amount of time. The default is 5 minutes. Note that this is different from negative caching of DNS lookups. - -negative_ttl 5 minutes DOC_END @@ -1400,8 +1302,6 @@ Time-to-Live (TTL) for positive caching of successful DNS lookups. Default is 6 hours (360 minutes). If you want to minimize the use of Squid's ipcache, set this to 1, not 0. - -positive_dns_ttl 6 hours DOC_END @@ -1412,8 +1312,6 @@ DEFAULT: 5 minutes DOC_START Time-to-Live (TTL) for negative caching of failed DNS lookups. - -negative_dns_ttl 5 minutes DOC_END NAME: range_offset_limit @@ -1436,8 +1334,6 @@ A value of 0 causes Squid to never fetch more than the client client requested. (default) - -range_offset_limit 0 KB DOC_END @@ -1457,8 +1353,6 @@ enforces its own timeout on server connections. This parameter specifies how long to wait for the connect to complete. The default is two minutes (120 seconds). - -connect_timeout 120 seconds DOC_END NAME: peer_connect_timeout @@ -1471,7 +1365,6 @@ connection to a peer cache. The default is 30 seconds. You may also set different timeout values for individual neighbors with the 'connect-timeout' option on a 'cache_peer' line. -peer_connect_timeout 30 seconds DOC_END NAME: siteselect_timeout @@ -1481,8 +1374,6 @@ DEFAULT: 4 seconds DOC_START For URN to multiple URL's URL selection - -siteselect_timeout 4 seconds DOC_END NAME: read_timeout @@ -1496,8 +1387,6 @@ amount. If no data is read again after this amount of time, the request is aborted and logged with ERR_READ_TIMEOUT. The default is 15 minutes. - -read_timeout 15 minutes DOC_END @@ -1510,8 +1399,6 @@ establishment. For persistent connections idle timeout, see pconn_timeout. - -request_timeout 5 minutes DOC_END @@ -1535,8 +1422,6 @@ If you seem to have many client connections tying up filedescriptors, we recommend first tuning the read_timeout, request_timeout, pconn_timeout and quick_abort values. - -client_lifetime 1 day DOC_END NAME: half_closed_clients @@ -1552,8 +1437,6 @@ socket returns an error. Change this option to 'off' and Squid will immediately close client connections when read(2) returns "no more data to read." - -half_closed_clients on DOC_END NAME: pconn_timeout @@ -1566,8 +1449,6 @@ Persistent connections will be disabled if this is less than 10 seconds. - -pconn_timeout 120 seconds DOC_END NAME: ident_timeout @@ -1587,7 +1468,6 @@ This option may be disabled by using --disable-ident with the configure script. -ident_timeout 10 seconds DOC_END @@ -1602,8 +1482,6 @@ This value is the lifetime to set for all open descriptors during shutdown mode. Any active clients after this many seconds will receive a 'timeout' message. - -shutdown_lifetime 30 seconds DOC_END COMMENT_START @@ -1707,13 +1585,18 @@ acl myexample dst_as 1241 acl password proxy_auth REQUIRED -Defaults: NOCOMMENT_START +#Recommended minimum configuration: acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl SSL_ports port 443 563 -acl Safe_ports port 80 21 443 563 70 210 1025-65535 +acl Safe_ports port 80 # http +acl Safe_ports port 21 # ftp +acl Safe_ports port 443 563 # https, snews +acl Safe_ports port 70 # gopher +acl Safe_ports port 210 # wais +acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker @@ -1733,12 +1616,9 @@ Access to the HTTP port: http_access allow|deny [!]aclname ... - Access to the ICP port: - icp_access allow|deny [!]aclname ... - NOTE on default values: - If there are no "access" lines present, the default is to allow + If there are no "access" lines present, the default is to deny the request. If none of the "access" lines cause a match, the default is the @@ -1748,15 +1628,20 @@ good idea to have an "deny all" or "allow all" entry at the end of your access lists to avoid potential confusion. -Default configuration: NOCOMMENT_START +#Recommended minimum configuration: +# +# Only allow cachemgr access from localhost http_access allow manager localhost http_access deny manager +# Deny requests to unknown ports http_access deny !Safe_ports +# Deny CONNECT to other than SSL ports http_access deny CONNECT !SSL_ports # # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS # +# And finally deny all other access to this proxy http_access deny all NOCOMMENT_END DOC_END @@ -1768,9 +1653,15 @@ DEFAULT: none DEFAULT_IF_NONE: deny all DOC_START - Reply to all ICP queries we receive + Allowing or Denying access to the ICP port based on defined + access lists + + icp_access allow|deny [!]aclname ... + See http_access for details + NOCOMMENT_START +#Allow ICP queries from eveyone icp_access allow all NOCOMMENT_END DOC_END @@ -1793,8 +1684,10 @@ By default, allow all clients who passed the http_access rules to fetch MISSES from us. + NOCOMMENT_START -miss_access allow all +#Default setting: +# miss_access allow all NOCOMMENT_END DOC_END @@ -1822,8 +1715,6 @@ Specifies the realm name which is to be reported to the client for proxy authentication (part of the text the user will see when prompted their username and password). - -proxy_auth_realm Squid proxy-caching web server DOC_END @@ -1850,7 +1741,6 @@ This option may be disabled by using --disable-ident with the configure script. -ident_lookup_access deny all DOC_END @@ -1866,8 +1756,6 @@ DOC_START Email-address of local cache manager who will receive mail if the cache dies. The default is "webmaster." - -cache_mgr webmaster DOC_END @@ -1890,9 +1778,6 @@ If Squid is not started as root, the default is to keep the current UID/GID. Note that if Squid is not started as root then you cannot set http_port to a value lower than 1024. - -cache_effective_user nobody -cache_effective_group nogroup DOC_END @@ -1906,8 +1791,6 @@ will be used. If you have multiple caches in a cluster and get errors about IP-forwarding you must set them to have individual names with this setting. - -visible_hostname www-cache.foo.org DOC_END @@ -1919,8 +1802,6 @@ If you want to have multiple machines with the same 'visible_hostname' then you must give each machine a different 'unique_hostname' so that forwarding loops can be detected. - -unique_hostname www-cache1.foo.org DOC_END @@ -1964,11 +1845,11 @@ This is how frequently to send cache announcements. The default is `0' which disables sending the announcement messages. - - To enable announcing your cache, just uncomment the line - below. -announce_period 1 day +NOCOMMENT_START +#To enable announcing your cache, just uncomment the line below. +#announce_period 1 day +NOCOMMENT_END DOC_END @@ -1996,9 +1877,6 @@ default default to 3131. If the 'filename' argument is given, the contents of that file will be included in the announce message. - -announce_host tracker.ircache.net -announce_port 3131 DOC_END COMMENT_START @@ -2026,9 +1904,6 @@ NOTE: enabling httpd_accel_host disables proxy-caching and ICP. If you want these features enabled also, then set the 'httpd_accel_with_proxy' option. - -httpd_accel_host hostname -httpd_accel_port port DOC_END NAME: httpd_accel_single_host @@ -2059,12 +1934,13 @@ LOC: Config.onoff.accel_with_proxy DOC_START If you want to use Squid as both a local httpd accelerator - and as a proxy, change this to 'on'. - -httpd_accel_with_proxy off + and as a proxy, change this to 'on'. Note however that your + proxy users may have trouble to reach the accelerated domains + unless their browsers are configured not to use this proxy for + those domains (for example via the no_proxy browser configuration + setting) DOC_END - NAME: httpd_accel_uses_host_header COMMENT: on|off TYPE: onoff @@ -2081,7 +1957,6 @@ However, you will need to enable this option if you run Squid as a transparent proxy. Otherwise, virtual servers which require the Host: header will not be properly cached. -httpd_accel_uses_host_header off DOC_END COMMENT_START @@ -2093,13 +1968,11 @@ TYPE: wordlist LOC: Config.dns_testname_list DEFAULT: none +DEFAULT_IF_NONE: netscape.com internic.net nlanr.net microsoft.com DOC_START The DNS tests exit as soon as the first site is successfully looked up - If you want to disable DNS tests, do not comment out or delete this - list. Instead use the -D command line option - -dns_testnames netscape.com internic.net nlanr.net microsoft.com + This test can be disabled with the -D command line option. DOC_END @@ -2121,8 +1994,6 @@ purposes, so -k rotate uses another signal. It is best to get in the habit of using 'squid -k rotate' instead of 'kill -USR1 '. - -logfile_rotate 10 DOC_END @@ -2134,7 +2005,8 @@ Appends local domain name to hostnames without any dots in them. append_domain must begin with a period. -append_domain .yourdomain.com +Example: + append_domain .yourdomain.com DOC_END @@ -2147,8 +2019,6 @@ Size of receive buffer to set for TCP sockets. Probably just as easy to change your kernel's default. Set to zero to use the default buffer size. - -tcp_recv_bufsize 0 bytes DOC_END NAME: err_html_text @@ -2164,7 +2034,6 @@ the error template files (found in the "errors" directory). Wherever you want the 'err_html_text' line to appear, insert a %L tag in the error template file. -err_html_text DOC_END @@ -2195,8 +2064,6 @@ available for future use. If memory is a premium on your system and you believe your malloc library outperforms Squid routines, disable this. - -memory_pools on DOC_END NAME: memory_pools_limit @@ -2244,8 +2111,6 @@ If you disable this, it will appear as X-Forwarded-For: unknown - -forwarded_for on DOC_END NAME: log_icp_queries @@ -2257,8 +2122,6 @@ If set, ICP queries are logged to access.log. You may wish do disable this if your ICP load is VERY high to speed things up or to simplify log analysis. - -log_icp_queries on DOC_END NAME: icp_hit_stale @@ -2272,8 +2135,6 @@ in other administrative domains, this should be 'off'. If you only have sibling relationships with caches under your control, then it is probably okay to set this to 'on'. - -icp_hit_stale off DOC_END @@ -2284,8 +2145,6 @@ DOC_START If using the ICMP pinging stuff, do direct fetches for sites which are no more than this many hops away. - -minimum_direct_hops 4 DOC_END @@ -2345,9 +2204,10 @@ Use the keyword "all" to set the same password for all actions. -cachemgr_passwd secret shutdown -cachemgr_passwd lesssssssecret info stats/objects -cachemgr_passwd disable all +Example: + cachemgr_passwd secret shutdown + cachemgr_passwd lesssssssecret info stats/objects + cachemgr_passwd disable all DOC_END NAME: store_avg_object_size @@ -2359,8 +2219,6 @@ Average object size, used to estimate number of objects your cache can hold. See doc/Release-Notes-1.1.txt. The default is 13 KB. - -store_avg_object_size 13 KB DOC_END NAME: store_objects_per_bucket @@ -2371,8 +2229,6 @@ Target number of objects per bucket in the store hash table. Lowering this value increases the total number of buckets and also the storage maintenance rate. The default is 50. - -store_objects_per_bucket 50 DOC_END NAME: client_db @@ -2383,8 +2239,6 @@ DOC_START If you want to disable collecting per-client statistics, then turn off client_db here. - -client_db on DOC_END @@ -2403,9 +2257,6 @@ database. These are counts, not percents. The defaults are 900 and 1000. When the high water mark is reached, database entries will be deleted until the low mark is reached. - -netdb_low 900 -netdb_high 1000 DOC_END @@ -2417,8 +2268,6 @@ The minimum period for measuring a site. There will be at least this much delay between successive pings to the same network. The default is five minutes. - -netdb_ping_period 5 minutes DOC_END @@ -2439,8 +2288,6 @@ the minimal RTT to the origin server. When this happens, the hierarchy field of the access.log will be "CLOSEST_PARENT_MISS". This option is off by default. - -query_icmp off DOC_END NAME: test_reachability @@ -2452,8 +2299,6 @@ When this is 'on', ICP MISS replies will be ICP_MISS_NOFETCH instead of ICP_MISS if the target host is NOT in the ICMP database, or has a zero RTT. - -test_reachability off DOC_END NAME: buffered_logs @@ -2467,7 +2312,6 @@ unbuffered. By default they will be unbuffered. Buffering them can speed up the writing slightly (though you are unlikely to need to worry). -buffered_logs off DOC_END NAME: reload_into_ims @@ -2487,7 +2331,6 @@ This option may be disabled by using --disable-http-violations with the configure script. -reload_into_ims off DOC_END NAME: always_direct @@ -2598,8 +2441,6 @@ By default, all headers are allowed (no anonymizing is performed). - -anonymize_headers DOC_END NAME: fake_user_agent @@ -2613,8 +2454,6 @@ fake_user_agent Nutscrape/1.0 (CP/M; 8-bit) (credit to Paul Southworth pauls@etext.org for this one!) - -fake_user_agent none DOC_END NAME: icon_directory @@ -2657,8 +2496,6 @@ minimum value, is five seconds, and the maximum value is sixty seconds, or half of connect_timeout, whichever is greater and less than connect_timeout. - -minimum_retry_timeout 5 seconds DOC_END NAME: maximum_single_addr_tries @@ -2673,8 +2510,6 @@ The default value is three tries, the (not recommended) maximum is 255 tries. A warning message will be generated if it is set to a value greater than ten. - -maximum_single_addr_tries 3 DOC_END NAME: snmp_port @@ -2689,7 +2524,6 @@ NOTE: SNMP support requires use the --enable-snmp configure command line option. -snmp_port 3401 DOC_END NAME: snmp_access @@ -2707,8 +2541,8 @@ snmp_access allow|deny [!]aclname ... Example: -snmp_access allow snmppublic localhost -snmp_access deny all + snmp_access allow snmppublic localhost + snmp_access deny all DOC_END NAME: snmp_incoming_address @@ -2730,13 +2564,16 @@ snmp_outgoing_address is used for SNMP packets returned to SNMP agents. - The default behavior is to not bind to any specific address. + The default snmp_incoming_address (0.0.0.0) is to listen on all + available network interfaces. - NOTE, snmp_incoming_address and snmp_outgoing_address can not have - the same value since they both use port 3130. + If snmp_outgoing_address is set to 255.255.255.255 (the default) + then it will use the same socket as snmp_incoming_address. Only + change this if you want to have SNMP replies sent using another + address than where this Squid listens for SNMP queries. -snmp_incoming_address 0.0.0.0 -snmp_outgoing_address 0.0.0.0 + NOTE, snmp_incoming_address and snmp_outgoing_address can not have + the same value since they both use port 3401. DOC_END NAME: as_whois_server @@ -2758,7 +2595,6 @@ Use this option to define your WCCP ``home'' router for Squid. Setting the 'wccp_router' to 0.0.0.0 (the default) disables WCCP. -wccp_router 0.0.0.0 DOC_END NAME: wccp_incoming_address @@ -2791,9 +2627,6 @@ NOTE, wccp_incoming_address and wccp_outgoing_address can not have the same value since they both use port 2048. - -wccp_incoming_address 0.0.0.0 -wccp_outgoing_address 0.0.0.0 DOC_END @@ -2814,7 +2647,6 @@ To enable this option, you must use --enable-delay-pools with the configure script. -delay_pools 0 DOC_END NAME: delay_class @@ -2828,9 +2660,10 @@ delay pools, one of class 2 and one of class 3, the settings above and here would be: -delay_pools 2 # 2 delay pools -delay_class 1 2 # pool 1 is a class 2 pool -delay_class 2 3 # pool 2 is a class 3 pool +Example: + delay_pools 2 # 2 delay pools + delay_class 1 2 # pool 1 is a class 2 pool + delay_class 2 3 # pool 2 is a class 3 pool The delay pool classes are: @@ -2866,10 +2699,11 @@ all been checked. For example, if you want some_big_clients in delay pool 1 and lotsa_little_clients in delay pool 2: -delay_access 1 allow some_big_clients -delay_access 1 deny all -delay_access 2 allow lotsa_little_clients -delay_access 2 deny all +Example: + delay_access 1 allow some_big_clients + delay_access 1 deny all + delay_access 2 allow lotsa_little_clients + delay_access 2 deny all DOC_END NAME: delay_parameters @@ -2945,8 +2779,6 @@ a host accessing it (in class 2 and class 3, individual hosts and networks only have buckets associated with them once they have been "seen" by squid). - -delay_initial_bucket_level 50 DOC_END NAME: incoming_icp_average @@ -2975,18 +2807,19 @@ Heavy voodoo here. I can't even believe you are reading this. Are you crazy? Don't even think about adjusting these unless you understand the algorithms in comm_select.c first! - -incoming_icp_average 6 -incoming_http_average 4 -min_icp_poll_cnt 8 -min_http_poll_cnt 8 DOC_END NAME: max_open_disk_fds TYPE: int LOC: Config.max_open_disk_fds DEFAULT: 0 -DOC_NONE +DOC_START + To avoid having disk as the I/O bottleneck Squid can optionally + bypass the on-disk cache if more than this amount of disk file + descriptors are open. + + A value of 0 indicates no limit. +DOC_END NAME: offline_mode TYPE: onoff @@ -3020,7 +2853,6 @@ chop: The request is allowed and the URI is chopped at the first whitespace. This might also be considered a violation. -uri_whitespace strip DOC_END NAME: broken_posts @@ -3041,8 +2873,9 @@ forbidden by the BNF, an HTTP/1.1 client must not preface or follow a request with an extra CRLF. -acl buggy_server url_regex ^http://.... -broken_posts allow buggy_server +Example: + acl buggy_server url_regex ^http://.... + broken_posts allow buggy_server DOC_END NAME: mcast_miss_addr @@ -3107,8 +2940,6 @@ If you are inside an firewall then see never_direct instead of this directive. - -nonhierarchical_direct on DOC_END NAME: prefer_direct @@ -3123,8 +2954,6 @@ By combining nonhierarchical_direct off and prefer_direct on you can set up Squid to use a parent as a backup path if going direct fails. - -prefer_direct off DOC_END NAME: strip_query_terms @@ -3134,7 +2963,6 @@ DOC_START By default, Squid strips query terms from requested URLs before logging. This protects your user's privacy. -strip_query_terms on DOC_END NAME: coredump_dir @@ -3174,7 +3002,6 @@ don't match, Squid ignores the response and writes a warning message to cache.log. You can allow responses from unknown nameservers by setting this option to 'off'. -ignore_unknown_nameservers on DOC_END NAME: digest_generation @@ -3186,7 +3013,6 @@ This controls whether the server will generate a Cache Digest of its contents. By default, Cache Digest generation is enabled if Squid is compiled with USE_CACHE_DIGESTS defined. -digest_generation on DOC_END NAME: digest_bits_per_entry @@ -3198,7 +3024,6 @@ This is the number of bits of the server's Cache Digest which will be associated with the Digest entry for a given HTTP Method and URL (public key) combination. The default is 5. -digest_bits_per_entry 5 DOC_END NAME: digest_rebuild_period @@ -3209,8 +3034,6 @@ DEFAULT: 1 hour DOC_START This is the number of seconds between Cache Digest rebuilds. - By default the server's Digest is rebuilt every hour. -digest_rebuild_period 1 hour DOC_END NAME: digest_rewrite_period @@ -3221,9 +3044,7 @@ DEFAULT: 1 hour DOC_START This is the number of seconds between Cache Digest writes to - disk. By default the server's Digest is written to disk every - hour. -digest_rewrite_period 1 hour + disk. DOC_END NAME: digest_swapout_chunk_size @@ -3236,7 +3057,6 @@ This is the number of bytes of the Cache Digest to write to disk at a time. It defaults to 4096 bytes (4KB), the Squid default swap page. -digest_swapout_chunk_size 4096 bytes DOC_END NAME: digest_rebuild_chunk_percentage @@ -3248,7 +3068,6 @@ DOC_START This is the percentage of the Cache Digest to be scanned at a time. By default it is set to 10% of the Cache Digest. -digest_rebuild_chunk_percentage 10 DOC_END NAME: chroot Index: squid/src/cf_gen.c diff -u squid/src/cf_gen.c:1.1.1.16 squid/src/cf_gen.c:1.1.1.16.2.1 --- squid/src/cf_gen.c:1.1.1.16 Sat Oct 30 13:24:56 1999 +++ squid/src/cf_gen.c Mon Jan 10 23:46:54 2000 @@ -48,6 +48,7 @@ *****************************************************************************/ #include "config.h" +#include "cf_gen_defines.h" #if HAVE_STDIO_H #include @@ -89,7 +90,7 @@ char *type; char *loc; char *default_value; - char *default_if_none; + Line *default_if_none; char *comment; char *ifdef; Line *doc; @@ -106,6 +107,14 @@ static void gen_conf(Entry *, FILE *); static void gen_default_if_none(Entry *, FILE *); +static void lineAdd(Line **L, char *str) +{ + while(*L) + L = &(*L)->next; + *L=xcalloc(1, sizeof(Line)); + (*L)->data = xstrdup(str); +} + int main(int argc, char *argv[]) { @@ -189,7 +198,7 @@ ptr = buff + 16; while (xisspace(*ptr)) ptr++; - curr->default_if_none = xstrdup(ptr); + lineAdd(&curr->default_if_none, ptr); } else if (!strncmp(buff, "LOC:", 4)) { if ((ptr = strtok(buff + 4, WS)) == NULL) { printf("Error on line %d\n", linenum); @@ -396,6 +405,7 @@ gen_default_if_none(Entry * head, FILE * fp) { Entry *entry; + Line *line; fprintf(fp, "static void\n" "defaults_if_none(void)\n" @@ -408,15 +418,20 @@ continue; if (entry->ifdef) fprintf(fp, "#if %s\n", entry->ifdef); - fprintf(fp, - "\tif (check_null_%s(%s))\n" - "\t\tdefault_line(\"%s %s\");\n", - entry->type, - entry->loc, - entry->name, - entry->default_if_none); + if (entry->default_if_none) { + fprintf(fp, + "\tif (check_null_%s(%s)) {\n", + entry->type, + entry->loc); + for (line = entry->default_if_none; line; line = line->next) + fprintf(fp, + "\t\tdefault_line(\"%s %s\");\n", + entry->name, + line->data); + fprintf(fp, "\t}\n"); + } if (entry->ifdef) - fprintf(fp, "#endif\n"); + fprintf(fp, "#endif\n"); } fprintf(fp, "}\n\n"); } @@ -520,13 +535,37 @@ fprintf(fp, "}\n\n"); } +static int defined(char *name) +{ + int i=0; + if (!name) + return 1; + for(i=0;strcmp(defines[i].name, name) != 0; i++) { + assert(defines[i].name); + } + return defines[i].defined; +} + +static const char *available_if(char *name) +{ + int i=0; + assert(name); + for(i=0;strcmp(defines[i].name, name) != 0; i++) { + assert(defines[i].name); + } + return defines[i].enable; +} + static void gen_conf(Entry * head, FILE * fp) { Entry *entry; + char buf[8192]; + Line *def = NULL; for (entry = head; entry != NULL; entry = entry->next) { Line *line; + int blank = 1; if (!strcmp(entry->name, "comment")) (void) 0; @@ -535,9 +574,43 @@ if (entry->comment) fprintf(fp, "\t%s", entry->comment); fprintf(fp, "\n"); + if (!defined(entry->ifdef)) { + fprintf(fp, "# Note: This option is only available if Squid is rebuilt with the\n"); + fprintf(fp, "# %s option\n#\n", available_if(entry->ifdef)); + } for (line = entry->doc; line != NULL; line = line->next) { fprintf(fp, "#%s\n", line->data); } + if (entry->default_value && strcmp(entry->default_value,"none") != 0) { + sprintf(buf, "%s %s", entry->name, entry->default_value); + lineAdd(&def, buf); + } + if (entry->default_if_none) { + for (line = entry->default_if_none; line; line = line->next) { + sprintf(buf, "%s %s", entry->name, line->data); + lineAdd(&def, buf); + } + } + if (entry->nocomment) + blank = 0; + if (!def && entry->doc && !entry->nocomment && + strcmp(entry->name, "comment") != 0) + lineAdd(&def, "none"); + if (def && (entry->doc || entry->nocomment)) { + if (blank) + fprintf(fp, "#\n"); + fprintf(fp, "#Default:\n"); + while (def != NULL) { + line = def; + def = line->next; + fprintf(fp, "# %s\n", line->data); + free(line->data); + free(line); + } + blank=1; + } + if (entry->nocomment && blank) + fprintf(fp, "#\n"); for (line = entry->nocomment; line != NULL; line = line->next) { fprintf(fp, "%s\n", line->data); } Index: squid/src/cf_gen_defines diff -u /dev/null squid/src/cf_gen_defines:1.1.2.1 --- /dev/null Mon Jan 10 23:47:01 2000 +++ squid/src/cf_gen_defines Mon Jan 10 23:46:54 2000 @@ -0,0 +1,31 @@ +#!/usr/bin/awk -f +BEGIN { + print "/* Generated automatically from cf.data.pre" + print " * DO NOT EDIT" + print "*/" + print "struct { char *name; char *enable; int defined;} defines[] = {" + define["DELAY_POOLS"]="--enable-delaypools" + define["HEAP_REPLACEMENT"]="--enable-heap-replacement" + define["HTTP_VIOLATIONS"]="--enable-http-violations" + define["SQUID_SNMP"]="--enable-snmp" + define["USE_CACHE_DIGESTS"]="--enable-cache-digests" + define["USE_DNSSERVERS"]="--disable-internal-dns" + define["!USE_DNSSERVERS"]="--enable-internal-dns" + define["USE_HTCP"]="--enable-htcp" + define["USE_ICMP"]="--enable-icmp" + define["USE_IDENT"]="--enable-ident-lookups" + define["USE_USERAGENT_LOG"]="--enable-useragent-log" + define["USE_WCCP"]="--enable-wccp" +} +/^IFDEF:/ { + print "{\"" $2 "\", \"" (define[$2] != "" ? define[$2] : ("-D" $2)) "\", " + print "#if " $2 + print "1" + print "#else" + print "0" + print "#endif" + print "}," +} +END { + print "{(void *)0L, 0}};" +} Index: squid/src/defines.h diff -u squid/src/defines.h:1.1.1.28.2.2 squid/src/defines.h:1.1.1.28.2.3 --- squid/src/defines.h:1.1.1.28.2.2 Mon Nov 22 22:40:54 1999 +++ squid/src/defines.h Mon Jan 10 23:46:55 2000 @@ -285,3 +285,10 @@ #define NUMTHREADS 16 #endif #endif + +#if USE_ASYNC_IO +#undef USE_UNLINKD +#else +#define USE_UNLINKD 1 +#endif + Index: squid/src/dns_internal.c diff -u squid/src/dns_internal.c:1.1.1.3.2.2 squid/src/dns_internal.c:1.1.1.3.2.3 --- squid/src/dns_internal.c:1.1.1.3.2.2 Mon Jan 10 12:17:52 2000 +++ squid/src/dns_internal.c Mon Jan 10 23:46:55 2000 @@ -73,7 +73,6 @@ static OBJH idnsStats; static void idnsAddNameserver(const char *buf); -static void idnsFreeNameservers(void); static void idnsParseResolvConf(void); static void idnsSendQuery(idns_query * q); static int idnsFromKnownNameserver(struct sockaddr_in *from); @@ -107,12 +106,14 @@ nns++; } +#if UNUSED_CODE static void idnsFreeNameservers(void) { safe_free(nameservers); nns = nns_alloc = 0; } +#endif static void idnsParseResolvConf(void) Index: squid/src/enums.h diff -u squid/src/enums.h:1.1.1.39.4.2 squid/src/enums.h:1.1.1.39.4.3 --- squid/src/enums.h:1.1.1.39.4.2 Sun Jan 16 20:29:32 2000 +++ squid/src/enums.h Wed Feb 2 23:24:40 2000 @@ -565,8 +565,10 @@ #if USE_CACHE_DIGESTS MEM_PEER_DIGEST, #endif +#if USE_ICMP MEM_PINGERECHODATA, MEM_PINGERREPLYDATA, +#endif MEM_PS_STATE, MEM_REFRESH_T, MEM_RELIST, Index: squid/src/mem.c diff -u squid/src/mem.c:1.1.1.20 squid/src/mem.c:1.1.1.20.2.1 --- squid/src/mem.c:1.1.1.20 Sat Oct 30 13:25:06 1999 +++ squid/src/mem.c Mon Jan 10 23:46:55 2000 @@ -264,10 +264,12 @@ memDataInit(MEM_PEER_DIGEST, "PeerDigest", sizeof(PeerDigest), 0); memDataInit(MEM_DIGEST_FETCH_STATE, "DigestFetchState", sizeof(DigestFetchState), 0); #endif +#if USE_ICMP memDataInit(MEM_PINGERECHODATA, "pingerEchoData", sizeof(pingerEchoData), 0); memDataInit(MEM_PINGERREPLYDATA, "pingerReplyData", sizeof(pingerReplyData), 0); +#endif memDataInit(MEM_PS_STATE, "ps_state", sizeof(ps_state), 0); memDataInit(MEM_REFRESH_T, "refresh_t", sizeof(refresh_t), 0); memDataInit(MEM_RELIST, "relist", sizeof(relist), 0); Index: squid/src/squid.h diff -u squid/src/squid.h:1.1.1.27 squid/src/squid.h:1.1.1.27.2.1 --- squid/src/squid.h:1.1.1.27 Sat Oct 30 13:25:15 1999 +++ squid/src/squid.h Mon Jan 10 23:46:55 2000 @@ -335,12 +335,6 @@ #include #endif -#if USE_ASYNC_IO -#undef USE_UNLINKD -#else -#define USE_UNLINKD 1 -#endif - #include "md5.h" #include "Stack.h" Index: squid/src/structs.h diff -u squid/src/structs.h:1.1.1.42.2.10 squid/src/structs.h:1.1.1.42.2.11 --- squid/src/structs.h:1.1.1.42.2.10 Mon Jan 10 11:51:11 2000 +++ squid/src/structs.h Mon Jan 10 23:46:55 2000 @@ -49,12 +49,6 @@ acl_ip_data *next; /* used for parsing, not for storing */ }; -struct _acl_snmp_comm { - char *name; - void *community; - acl_snmp_comm *next; -}; - struct _acl_time_data { int weekbits; int start; @@ -306,20 +300,30 @@ char *access; char *store; char *swap; +#if USE_USERAGENT_LOG char *useragent; +#endif int rotateNumber; } Log; char *adminEmail; char *effectiveUser; char *effectiveGroup; struct { +#if USE_DNSSERVERS char *dnsserver; +#endif wordlist *redirect; wordlist *authenticate; +#if USE_ICMP char *pinger; +#endif +#if USE_UNLINKD char *unlinkd; +#endif } Program; +#if USE_DNSSERVERS int dnsChildren; +#endif int redirectChildren; int authenticateChildren; int authenticateTTL; @@ -385,7 +389,9 @@ struct { int log_udp; int enable_purge; +#if USE_DNSSERVERS int res_defnames; +#endif int anonymizer; int client_db; int query_icmp; @@ -1128,7 +1134,7 @@ }; struct _net_db_peer { - char *peername; + const char *peername; double hops; double rtt; time_t expires; @@ -1183,6 +1189,7 @@ aclCheck_t *acl_checklist; }; +#if USE_ICMP struct _pingerEchoData { struct in_addr to; unsigned char opcode; @@ -1198,6 +1205,7 @@ int psize; char payload[PINGER_PAYLOAD_SZ]; }; +#endif struct _icp_common_t { unsigned char opcode; /* opcode */