Squid is a caching and forwarding HTTP

web proxy In computer networking, a proxy server is a server application that acts as an intermediary between a client requesting a resource and the server providing that resource. Instead of connecting directly to a server that can fulfill a request ...

. It has a wide variety of uses, including speeding up a web server by caching repeated requests, caching web, DNS and other

computer network A computer network is a set of computers sharing resources located on or provided by network nodes. The computers use common communication protocols over digital interconnections to communicate with each other. These interconnections are ...

lookups for a group of people sharing network resources, and aiding security by filtering traffic. Although primarily used for

HTTP The Hypertext Transfer Protocol (HTTP) is an application layer protocol in the Internet protocol suite model for distributed, collaborative, hypermedia information systems. HTTP is the foundation of data communication for the World Wide We ...

and

FTP The File Transfer Protocol (FTP) is a standard communication protocol used for the transfer of computer files from a server to a client on a computer network. FTP is built on a client–server model architecture using separate control and data ...

, Squid includes limited support for several other

protocols Protocol may refer to: Sociology and politics * Protocol (politics), a formal agreement between nation states * Protocol (diplomacy), the etiquette of diplomacy and affairs of state * Etiquette, a code of personal behavior Science and technology ...

including

Internet Gopher The Gopher protocol () is a communication protocol designed for distributing, searching, and retrieving documents in Internet Protocol networks. The design of the Gopher protocol and user interface is menu-driven, and presented an alternative to ...

, SSL, TLS and

HTTPS Hypertext Transfer Protocol Secure (HTTPS) is an extension of the Hypertext Transfer Protocol (HTTP). It is used for secure communication over a computer network, and is widely used on the Internet. In HTTPS, the communication protocol is enc ...

. Squid does not support the

SOCKS A sock is a piece of clothing worn on the feet and often covering the ankle or some part of the calf. Some types of shoes or boots are typically worn over socks. In ancient times, socks were made from leather or matted animal hair. In the late ...

protocol, unlike Privoxy, with which Squid can be used in order to provide SOCKS support. Squid was originally designed to run as a

daemon Daimon or Daemon (Ancient Greek: , "god", "godlike", "power", "fate") originally referred to a lesser deity or guiding spirit such as the daimons of ancient Greek religion and Greek mythology, mythology and of later Hellenistic religion and Hell ...

Unix-like A Unix-like (sometimes referred to as UN*X or *nix) operating system is one that behaves in a manner similar to a Unix system, although not necessarily conforming to or being certified to any version of the Single UNIX Specification. A Unix-li ...

systems. A Windows port was maintained up to version 2.7. New versions available on Windows use the Cygwin environment. Squid is

free software Free software or libre software is computer software distributed under terms that allow users to run the software for any purpose as well as to study, change, and distribute it and any adapted versions. Free software is a matter of liberty, no ...

released under the

GNU General Public License The GNU General Public License (GNU GPL or simply GPL) is a series of widely used free software licenses that guarantee end users the four freedoms to run, study, share, and modify the software. The license was the first copyleft for general ...

History

Squid was originally developed as the ''Harvest object cache'', part of the Harvest project at the

University of Colorado Boulder The University of Colorado Boulder (CU Boulder, CU, or Colorado) is a public research university in Boulder, Colorado. Founded in 1876, five months before Colorado became a state, it is the flagship university of the University of Colorado sy ...

. Further work on the program was completed at the

University of California, San Diego The University of California, San Diego (UC San Diego or colloquially, UCSD) is a public land-grant research university in San Diego, California. Established in 1960 near the pre-existing Scripps Institution of Oceanography, UC San Diego is t ...

and funded via two grants from the

National Science Foundation The National Science Foundation (NSF) is an independent agency of the United States government that supports fundamental research and education in all the non-medical fields of science and engineering. Its medical counterpart is the National ...

. Duane Wessels forked the "last pre-commercial version of Harvest" and renamed it to Squid to avoid confusion with the commercial fork called Cached 2.0, which became NetCache.Duane Wessel
Squid and ICP: Past, Present, and Future
Proceedings of the Australian Unix Users Group. September 1997, Brisbane, Australia Squid version 1.0.0 was released in July 1996. SquidNT, a port of the Squid proxy server was merged into the main Squid project in September 2006. Squid is now developed almost exclusively through volunteer efforts.

Basic functionality

After a Squid proxy server is installed,

web browser A web browser is application software for accessing websites. When a user requests a web page from a particular website, the browser retrieves its files from a web server and then displays the page on the user's screen. Browsers are used o ...

s can be configured to use it as a

proxy Proxy may refer to: * Proxy or agent (law), a substitute authorized to act for another entity or a document which authorizes the agent so to act * Proxy (climate), a measured variable used to infer the value of a variable of interest in climate ...

HTTP server, allowing Squid to retain copies of the documents returned, which, on repeated requests for the same documents, can reduce access time as well as

bandwidth Bandwidth commonly refers to: * Bandwidth (signal processing) or ''analog bandwidth'', ''frequency bandwidth'', or ''radio bandwidth'', a measure of the width of a frequency range * Bandwidth (computing), the rate of data transfer, bit rate or thr ...

consumption. This is often useful for

Internet service provider An Internet service provider (ISP) is an organization that provides services for accessing, using, or participating in the Internet. ISPs can be organized in various forms, such as commercial, community-owned, non-profit, or otherwise privat ...

s to increase speed to their customers, and LANs that share an

Internet The Internet (or internet) is the global system of interconnected computer networks that uses the Internet protocol suite (TCP/IP) to communicate between networks and devices. It is a '' network of networks'' that consists of private, pub ...

connection. Because the caching servers are controlled by the web service operator, caching proxies do not anonymize the user and should not be confused with anonymizing proxies. A client program (e.g. browser) either has to specify explicitly the proxy server it wants to use (typical for ISP customers), or it could be using a proxy without any extra configuration: "transparent caching", in which case all outgoing HTTP requests are intercepted by Squid and all responses are cached. The latter is typically a corporate set-up (all clients are on the same LAN) and often introduces the privacy concerns mentioned above. Squid has some features that can help anonymize connections, such as disabling or changing specific header fields in a client's HTTP requests. Whether these are set, and what they are set to do, is up to the person who controls the computer running Squid. People requesting pages through a network which transparently uses Squid may not know whether this information is being logged. Within UK organisations at least, users should be informed if computers or internet connections are being monitored.

Reverse proxy

The above setup—caching the contents of an unlimited number of

webserver A web server is computer software and underlying hardware that accepts requests via HTTP (the network protocol created to distribute web content) or its secure variant HTTPS. A user agent, commonly a web browser or web crawler, initiate ...

s for a limited number of clients—is the classical one. Another setup is "

reverse proxy In computer networks, a reverse proxy is the application that sits in front of back-end applications and forwards client (e.g. browser) requests to those applications. Reverse proxies help increase scalability, performance, resilience and securi ...

" or "webserver acceleration" (using ). In this mode, the cache serves an unlimited number of clients for a limited number of—or just one—web servers. As an example, if ''slow.example.com'' is a "real" web server, and ''www.example.com'' is the Squid cache server that "accelerates" it, the first time any page is requested from ''www.example.com'', the cache server would get the actual page from ''slow.example.com'', but later requests would get the stored copy directly from the accelerator (for a configurable period, after which the stored copy would be discarded). The end result, without any action by the clients, is less traffic to the source server, meaning less CPU and memory usage, and less need for bandwidth. This does, however, mean that the source server cannot accurately report on its traffic numbers without additional configuration, as all requests would seem to have come from the reverse proxy. A way to adapt the reporting on the source server is to use the

X-Forwarded-For The X-Forwarded-For (XFF) HTTP header field is a common method for identifying the originating IP address of a client connecting to a web server through an HTTP proxy or load balancer. The X-Forwarded-For HTTP request header was introduced by ...

HTTP header reported by the reverse proxy, to get the real client's IP address. It is possible for a single Squid server to serve both as a normal and a reverse proxy simultaneously. For example, a business might host its own website on a web server, with a Squid server acting as a reverse proxy between clients (customers accessing the website from outside the business) and the web server. The same Squid server could act as a classical web cache, caching HTTP requests from clients within the business (i.e., employees accessing the internet from their workstations), so accelerating web access and reducing bandwidth demands.

Media-range limitations

For example, a feature of the HTTP protocol is to limit a request to the range of data in the resource being referenced. This feature is used extensively by video streaming websites such as

YouTube YouTube is a global online video sharing and social media platform headquartered in San Bruno, California. It was launched on February 14, 2005, by Steve Chen, Chad Hurley, and Jawed Karim. It is owned by Google, and is the second mo ...

, so that if a user clicks to the middle of the video progress bar, the server can begin to send data from the middle of the file, rather than sending the entire file from the beginning and the user waiting for the preceding data to finish loading. Partial downloads are also extensively used by Microsoft

Windows Update Windows Update is a Microsoft service for the Windows 9x and Windows NT families of operating system, which automates downloading and installing Microsoft Windows software updates over the Internet. The service delivers software updates for Wind ...

so that extremely large update packages can download in the background and pause halfway through the download, if the user turns off their computer or disconnects from the Internet. The

Metalink Metalink is an extensible metadata file format that describes one or more computer files available for download. It specifies files appropriate for the user's language and operating system; facilitates file verification and recovery from da ...

download format enables clients to do segmented downloads by issuing partial requests and spreading these over a number of mirrors. Squid can relay partial requests to the origin web server. In order for a partial request to be satisfied at a fast speed from cache, Squid requires a full copy of the same object to already exist in its storage. If a proxy video user is watching a video stream and browses to a different page before the video completely downloads, Squid cannot keep the partial download for reuse and simply discards the data. Special configuration is required to force such downloads to continue and be cached.

Supported operating systems

Squid can run on the following

operating system An operating system (OS) is system software that manages computer hardware, software resources, and provides common services for computer programs. Time-sharing operating systems schedule tasks for efficient use of the system and may also i ...

s: *

AIX Aix or AIX may refer to: Computing * AIX, a line of IBM computer operating systems *An Alternate Index, for a Virtual Storage Access Method Key Sequenced Data Set * Athens Internet Exchange, a European Internet exchange point Places Belgi ...

* BSDI *

Digital Unix Tru64 UNIX is a discontinued 64-bit UNIX operating system for the Alpha instruction set architecture (ISA), currently owned by Hewlett-Packard (HP). Previously, Tru64 UNIX was a product of Compaq, and before that, Digital Equipment Corporation ...

* FreeBSD * HP-UX * IRIX *

Linux Linux ( or ) is a family of open-source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is typically packaged as a Linux distribution, w ...

macOS macOS (; previously OS X and originally Mac OS X) is a Unix operating system developed and marketed by Apple Inc. since 2001. It is the primary operating system for Apple's Mac computers. Within the market of desktop and lapt ...

* NetBSD *

NeXTStep NeXTSTEP is a discontinued object-oriented, multitasking operating system based on the Mach kernel and the UNIX-derived BSD. It was developed by NeXT Computer in the late 1980s and early 1990s and was initially used for its range of propri ...

* OpenBSD *

OS/2 OS/2 (Operating System/2) is a series of computer operating systems, initially created by Microsoft and IBM under the leadership of IBM software designer Ed Iacobucci. As a result of a feud between the two companies over how to position OS/2 r ...

(including ArcaOS and

eComStation eComStation or eCS is an operating system based on OS/2 Warp for the 32-bit x86 architecture. It was originally developed by Serenity Systems and Mensys BV under license from IBM. It includes additional applications, and support for new hard ...

)OS/2 Ports by Paul Smedley
OS/2 Ports *

SCO OpenServer Xinuos OpenServer, previously SCO UNIX and SCO Open Desktop (SCO ODT), is a closed source computer operating system developed by Santa Cruz Operation (SCO), later acquired by SCO Group, and now owned by Xinuos. Early versions of OpenServer we ...

* Solaris * UnixWare *

Windows Windows is a group of several proprietary graphical operating system families developed and marketed by Microsoft. Each family caters to a certain sector of the computing industry. For example, Windows NT for consumers, Windows Server for ser ...

References

External links

*
Squid Blog

Squid User's Guide

Squid Transparent Proxy For DD-WRT

Squid reverse proxy
— Create a reverse proxy with Squid
Configuration Manual
— ViSolve Squid Configuration Manual Guide
Configuration Manual
— Authoritative Squid Configuration Options * — Setup squid on solaris
SQUID – Installation on CentOS, Fedora and Red Hat
{{DEFAULTSORT:Squid (Software) Free proxy servers Reverse proxy Proxy server software for Linux Unix network-related software Gopher clients Cross-platform free software