Chapter 1. Introduction

This long-overdue book is about Squid: a popular open source caching proxy for the Web. With Squid you can:

  • Use less bandwidth on your Internet connection when surfing the Web

  • Reduce the amount of time web pages take to load

  • Protect the hosts on your internal network by proxying their web traffic

  • Collect statistics about web traffic on your network

  • Prevent users from visiting inappropriate web sites at work or school

  • Ensure that only authorized users can surf the Internet

  • Enhance your user's privacy by filtering sensitive information from web requests

  • Reduce the load on your own web server(s)

  • Convert encrypted (HTTPS) requests on one side, to unencrypted (HTTP) requests on the other

Squid's job is to be both a proxy and a cache. As a proxy, Squid is an intermediary in a web transaction. It accepts a request from a client, processes that request, and then forwards the request to the origin server. The request may be logged, rejected, and even modified before forwarding. As a cache, Squid stores recently retrieved web content for possible reuse later. Subsequent requests for the same content may be served from the cache, rather than contacting the origin server again. You can disable the caching part of Squid if you like, but the proxying part is essential.

Figure 1-1. Squid sits between clients and servers
figs/SQ_0101.gif

As Figure 1-1 shows, Squid accepts HTTP (and HTTPS) requests from clients, and speaks a number of protocols to servers. In particular, Squid knows how to talk to HTTP, FTP, and Gopher servers.[1] Conceptually, Squid has two "sides." The client-side talks to web clients (e.g., browsers and user-agents); the server-side talks to HTTP, FTP, and Gopher servers. These are called origin servers, because they are the origin location for the data they serve.

[1] Gopher servers are quite rare these days. Squid also knows about WAIS and whois, but these are even more obscure.

Note that Squid's client-side understands only HTTP (and HTTP encrypted with SSL/TLS). This means, for example, that you can't make an FTP client talk to Squid (unless the FTP client is also an HTTP client). Furthermore, Squid can't proxy protocols for email (SMTP), instant messaging, or Internet Relay Chat.



    Appendix A. Config File Reference