Index  | Alphabetical Index |

Option Name:http_port
Replaces:ascii_port
Requires:
Default Value:none
Suggested Config: 

# Squid normally listens to port 3128
http_port 3128


	Usage:	port [options]
		hostname:port [options]
		1.2.3.4:port [options]

	The socket addresses where Squid will listen for HTTP client
	requests.  You may specify multiple socket addresses.
	There are three forms: port alone, hostname with port, and
	IP address with port.  If you specify a hostname or IP
	address, Squid binds the socket to that specific
	address.  This replaces the old 'tcp_incoming_address'
	option.  Most likely, you do not need to bind to a specific
	address, so you can use the port number alone.

	If you are running Squid in accelerator mode, you
	probably want to listen on port 80 also, or instead.

	The -a command line option may be used to specify additional
	port(s) where Squid listens for proxy request. Such ports will
	be plain proxy ports with no options.

	You may specify multiple socket addresses on multiple lines.

	Options:

	   intercept	Support for IP-Layer interception of
			outgoing requests without browser settings.
			NP: disables authentication and IPv6 on the port.

	   tproxy	Support Linux TPROXY for spoofing outgoing
			connections using the client IP address.
			NP: disables authentication and maybe IPv6 on the port.

	   accel	Accelerator mode. Also needs at least one of
			vhost / vport / defaultsite.

	   allow-direct	Allow direct forwarding in accelerator mode. Normally
			accelerated requests are denied direct forwarding as if
			never_direct was used.

	   defaultsite=domainname
			What to use for the Host: header if it is not present
			in a request. Determines what site (not origin server)
			accelerators should consider the default.
			Implies accel.

	   vhost	Accelerator mode using Host header for virtual domain support.
			Also uses the port as specified in Host: header unless
			overridden by the vport option. Implies accel.

	   vport	Virtual host port support. Using the http_port number
			instead of the port passed on Host: headers. Implies accel.

	   vport=NN	Virtual host port support. Using the specified port
			number instead of the port passed on Host: headers.
			Implies accel.

	   protocol=	Protocol to reconstruct accelerated requests with.
			Defaults to http.

	   ignore-cc	Ignore request Cache-Control headers.

	   		Warning: This option violates HTTP specifications if
			used in non-accelerator setups.

	   connection-auth[=on|off]
	                use connection-auth=off to tell Squid to prevent 
	                forwarding Microsoft connection oriented authentication
			(NTLM, Negotiate and Kerberos)

	   disable-pmtu-discovery=
			Control Path-MTU discovery usage:
			    off		lets OS decide on what to do (default).
			    transparent	disable PMTU discovery when transparent
					support is enabled.
			    always	disable always PMTU discovery.

			In many setups of transparently intercepting proxies
			Path-MTU discovery can not work on traffic towards the
			clients. This is the case when the intercepting device
			does not fully track connections and fails to forward
			ICMP must fragment messages to the cache server. If you
			have such setup and experience that certain clients
			sporadically hang or never complete requests set
			disable-pmtu-discovery option to 'transparent'.

	   ssl-bump 	Intercept each CONNECT request matching ssl_bump ACL,
			establish secure connection with the client and with
			the server, decrypt HTTP messages as they pass through
			Squid, and treat them as unencrypted HTTP messages,
			becoming the man-in-the-middle.

			When this option is enabled, additional options become
			available to specify SSL-related properties of the
			client-side connection: cert, key, version, cipher,
			options, clientca, cafile, capath, crlfile, dhparams,
			sslflags, and sslcontext. See the https_port directive
			for more information on these options.

			The ssl_bump option is required to fully enable
			the SslBump feature.

	   name=	Specifies a internal name for the port. Defaults to
			the port specification (port or addr:port)

	   tcpkeepalive[=idle,interval,timeout]
			Enable TCP keepalive probes of idle connections.
			In seconds; idle is the initial time before TCP starts
			probing the connection, interval how often to probe, and
			timeout the time before giving up.

	If you run Squid on a dual-homed machine with an internal
	and an external interface we recommend you to specify the
	internal address:port in http_port. This way Squid will only be
	visible on the internal address.
 

Index  | Alphabetical Index |