The following five squid.conf directives control the behavior of redirectors in Squid.
The redirect_program directive specifies the command line for the redirector program. For example:
redirect_program /usr/local/squid/bin/my_redirector -xyz
Note, the redirector program must be executable by the Squid user ID. If, for some reason, Squid can't execute the redirector, you should see an error message in cache.log. For example:
 This message appears only in cache.log, and not on stdout, if you use the -d option, or in syslog, if you use the -s option.
ipcCreate: /usr/local/squid/bin/my_redirector: (13) Permission denied
Due to the way Squid works, the main Squid process may be unaware of problems executing the redirector program. Squid doesn't detect the error until it tries to write a request and read a response. It then prints:
WARNING: redirector #1 (FD 6) exited
Thus, if you see such a message for the first request sent to Squid, check cache.log closely for other errors, and make sure the program is executable by Squid.
The redirect_children directive specifies how many redirector processes Squid should start. For example:
Squid warns you (via cache.log) when all redirectors are simultaneously busy:
WARNING: All redirector processes are busy. WARNING: 1 pending requests queued.
If you see this warning, you should increase the number of child processes and restart (or reconfigure) Squid. If the queue size becomes twice the number of redirectors, Squid aborts with a fatal message.
Don't attempt to disable Squid's use of the redirectors by setting redirect_children to 0. Instead, simply remove the redirect_program line from squid.conf.
Squid normally updates a request's Host header when using a redirector. That is, if the redirector returns a new URI with a different hostname, Squid puts the new hostname in the Host header. If you use Squid as a surrogate (see Chapter 15), you might want to disable this behavior by setting the redirect_rewrites_host_header directive to off:
Squid normally sends every request through a redirector. However, you can use the redirector_access rules to send certain requests through selectively. The syntax is identical to http_access:
redirector_access allow|deny [!]ACLname ...
acl Foo src 192.168.1.0/24 acl All src 0/0 redirector_access deny Foo redirector_access allow All
In this case, Squid skips the redirector for any request that matches the Foo ACL.
If you enable the redirector_bypass directive, Squid bypasses the redirectors when all of them are busy. Normally, Squid queues pending requests until a redirector process becomes available. If this queue grows too large, Squid exits with a fatal error message. Enabling this directive ensures that Squid never reaches that state.
The tradeoff, of course, is that some user requests may not be redirected when the load is high. If that's all right with you, simply enable the directive with this line: