Squid – caching proxy for the Web

Squid is a high-performance proxy caching server and web cache daemon. It supports FTP, gopher and HTTP data objects.

Squid has a wide variety of uses, from speeding up a web server by caching repeated requests, caching web, DNS and other computer network lookups for a group of people sharing network resources; to aiding security by filtering traffic.

Squid consists of a main server program squid, a Domain Name System lookup program dnsserver, some optional programs for rewriting requests and performing authentication, together with some management and client tools.

Squid offers a rich access control, authorization and logging environment to develop web proxy and content serving applications.

Features include:

  • Web proxy:
    • Caching to reduce access time and bandwidth use.
    • Keeps meta data and especially hot objects cached in RAM.
    • Caches DNS lookups.
    • Supports non-blocking DNS lookups.
    • Implements negative chacking of failed requests.
  • Squid caches can be arranged in a hierarchy or mesh for additional bandwidth savings.
  • Enforce site-usage policies with extensive access controls.
  • Anonymize connections, such as disabling or changing specific header fields in a client’s HTTP request.
  • Reverse proxy.
  • Media-range limitations.
  • Supports SSL.
  • Support for IPv6.
  • Error Page Localization – error pages presented by Squid may now be localized per-request to match the visitors local preferred language.
  • Connection Pinning (for NTLM Auth Passthrough) – a workaround which permits Web servers to use Microsoft NTLM Authentication instead of HTTP standard authentication through a web proxy.
  • Quality of Service (QoS) Flow support:
    • Select a TOS/Diffserv value to mark local hits.
    • Select a TOS/Diffserv value to mark peer hits.
    • Selectively mark only sibling or parent requests.
    • Allows any HTTP response towards clients to have the TOS value of the response coming from the remote server preserved.
    • Mask certain bits in the TOS received from the remote server, before copying the value to the TOS send towards clients.
  • SSL Bump (for HTTPS Filtering and Adaptation) – Squid-in-the-middle decryption and encryption of CONNECT tunneled SSL traffic, using configurable client- and server-side certificates.
  • eCAP Adaptation Module support.
  • ICAP Bypass and Retry enhancements – ICAP is now extended with full bypass and dynamic chain routing to handle multiple adaptation services.
  • ICY streaming protocol support – commonly known as SHOUTcast multimedia streams.
  • Dynamic SSL Certificate Generation.
  • Support for the Internet Content Adaptation Protocol (ICAP).
  • Full request logging.

Website: www.squid-cache.org
Support: FAQ
Developer: National Laboratory for Applied Networking Research (NLANR) and Internet volunteers
License: GNU GPL v2

Return to Web Caches Home Page | Return to Optimize Web Delivery Home Page

Read our complete collection of recommended free and open source software. The collection covers all categories of software.
Share this article

Share your Thoughts

This site uses Akismet to reduce spam. Learn how your comment data is processed.