Squid is a high-performance proxy caching server and web cache daemon. It supports FTP, gopher and HTTP data objects.
Squid has a wide variety of uses, from speeding up a web server by caching repeated requests, caching web, DNS and other computer network lookups for a group of people sharing network resources; to aiding security by filtering traffic.
Squid consists of a main server program squid, a Domain Name System lookup program dnsserver, some optional programs for rewriting requests and performing authentication, together with some management and client tools.
Squid offers a rich access control, authorization and logging environment to develop web proxy and content serving applications.
- Web proxy:
- Caching to reduce access time and bandwidth use.
- Keeps meta data and especially hot objects cached in RAM.
- Caches DNS lookups.
- Supports non-blocking DNS lookups.
- Implements negative chacking of failed requests.
- Squid caches can be arranged in a hierarchy or mesh for additional bandwidth savings.
- Enforce site-usage policies with extensive access controls.
- Anonymize connections, such as disabling or changing specific header fields in a client’s HTTP request.
- Reverse proxy.
- Media-range limitations.
- Supports SSL.
- Support for IPv6.
- Error Page Localization – error pages presented by Squid may now be localized per-request to match the visitors local preferred language.
- Connection Pinning (for NTLM Auth Passthrough) – a workaround which permits Web servers to use Microsoft NTLM Authentication instead of HTTP standard authentication through a web proxy.
- Quality of Service (QoS) Flow support:
- Select a TOS/Diffserv value to mark local hits.
- Select a TOS/Diffserv value to mark peer hits.
- Selectively mark only sibling or parent requests.
- Allows any HTTP response towards clients to have the TOS value of the response coming from the remote server preserved.
- Mask certain bits in the TOS received from the remote server, before copying the value to the TOS send towards clients.
- SSL Bump (for HTTPS Filtering and Adaptation) – Squid-in-the-middle decryption and encryption of CONNECT tunneled SSL traffic, using configurable client- and server-side certificates.
- eCAP Adaptation Module support.
- ICAP Bypass and Retry enhancements – ICAP is now extended with full bypass and dynamic chain routing to handle multiple adaptation services.
- ICY streaming protocol support – commonly known as SHOUTcast multimedia streams.
- Dynamic SSL Certificate Generation.
- Support for the Internet Content Adaptation Protocol (ICAP).
- Full request logging.
|Read our complete collection of recommended free and open source software. The collection covers all categories of software.|