Oh brother. I am trying to configure the squid proxy server on my Linux box. At over 4,900 lines of code, it reads more like Tolstoy’s epic novel: War and Peace.
While I appreciate that every blessed thing I would ever need to know about squid is contained in this configuration file, it makes it hard to read the code through the comments. I had some fancy way of doing it, but Joe came up with a simpler method:
grep -v '^#' squid.conf
and I improved on that:
grep -v '^#' squid.conf | uniq | sort >squid.nocomment
so let’s break that down.
grep looks for a regular expression.
the -v option tells it to look for lines which DO NOT match to pattern. In this case we are looking for lines that do NOT match a comment: # in the first character of the line. So we just took the “War and Peace” sized squid.conf, to a handful of lines.
uniq – filters out adjacent lines, so if we have multiple blank lines, it eliminates them.
and sort? Well it sorts the output, and writes the file.
Notice the | ? It is piping. What’s that? It means the input to the next programme (following the pipe) is the output of the previous programme.
So what the command does is, looks for lines that do NOT start with a comment, eliminates any adjacent duplicate lines, then sorts the output.
So our 4,900 configuration file, is now, 50 lines! About 2% of the total. Who knew? Thanks Joe for getting me started with the grep trick. Here is the squid.conf file, with the comment lines removed:
access_log /var/log/squid/access.log squid
acl all src all
acl apache rep_header Server ^Apache
acl CONNECT method CONNECT
acl localhost src 127.0.0.1/32
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl manager proto cache_object
acl purge method PURGE
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 210 # wais
acl Safe_ports port 21 # ftp
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 443 # https
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 631 # cups
acl Safe_ports port 70 # gopher
acl Safe_ports port 777 # multiling http
acl Safe_ports port 80 # http
acl Safe_ports port 873 # rsync
acl Safe_ports port 901 # SWAT
acl shoutcast rep_header X-HTTP09-First-Line ^ICY.[0-9]
acl SSL_ports port 443 # https
acl SSL_ports port 563 # snews
acl SSL_ports port 873 # rsync
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
broken_vary_encoding allow apache
coredump_dir /var/spool/squid
extension_methods REPORT MERGE MKACTIVITY CHECKOUT
hierarchy_stoplist cgi-bin ?
hosts_file /etc/hosts
http_access allow localhost
http_access allow manager localhost
http_access allow purge localhost
http_access deny all
http_access deny CONNECT !SSL_ports
http_access deny manager
http_access deny purge
http_access deny !Safe_ports
http_port 3128
icp_access allow localnet
icp_access deny all
refresh_pattern . 0 20% 4320
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880
upgrade_http0.9 deny shoutcast
Wayno
Related Articles
2 users responded in this post
Thank you so much.
Great time and code.Thanks