General Section

General Section

The General section in the SafeSquid Interface allows you to configure options that affect the overall operation of the proxy server. These options mainly depend on your network infrastructure, like availability of Internet resources, network resources, network traffic, etc.

Profiles allow you to very granularly configure the way various content is processed, depending on the content type, like text, application, embedded, etc.

The options in this section must be very carefully set, as they most comprehensively affect your implementations of SafeSquid.

Main General Section

Web Filter Proxy Interface Screen-Shot - General Section
Proxy hostname
The hostname of this proxy, if not defined in startup.conf. The Proxy Hostname defined during SafeSquid installation, and stored in the startup.conf, precedes this value. This needs to be configured properly for CARP (Cache Array Routing Protocol) and Web interface requests through HTTP to work. You have to give here the hostname of the proxy by which you will be accessing Web interface. If you want to access proxy by using IP address you can put the IP address of the safesquid proxy server. Give the hostname which should be defined on DNS, so that you can access it from any machine in your intranet or internet.
Temporary directory
The directory in which temporary files are stored. The default path is /tmp. If you want to change this, create a directory with 777 permissions, and specify the path here.
Web interface line length
The maximum length of a string with no spaces, until an explicit break is placed in it. This is required since lines without spaces won't wrap in a table, which may cause Web interface table formatting problem. Normally, this parameter does not require any changes.
Connection pool size
The number of keep-alive connections, made to HTTP and FTP servers, to be kept in the connection pool. These connections are shared between threads.
Connection pool timeout
The time in seconds a connection may remain in the connection pool before being closed. This value should be increased, if Internet connection is slow.

General Sub-Section

You can granularly define a specific set of values to various content types, by creating a different Profile for each content type, in the Profiles section. These profiles can then be used in this section, to allot them different values.

Web Filter Proxy Interface Screen-Shot - General Section
This option allows you to enable or disable a specific rule.

Yes - Enable this rule
No - Disable this rule
A comment for future reference explaining what this rule does
A comma separated list of Profiles on which this rule should apply. The rule applies to everything if this field is left blank
Connection timeout
The timeout in seconds to wait for a connection to be established before giving up. SafeSquid will wait for the specified time duration for the target server to respond. If it exceeds the specified value, SafeSquid closes the connection and sends a template to the requesting user, saying that the Connection failed. This value can be increased if the Internet connection is slow.
Header timeout
The timeout in seconds to wait for a client, to make the initial HTTP request by sending request headers. SafeSquid tries to get the initial headers during this time. If it fails, SafeSquid sends 'Connection failed' template to user. You can increase the time if the network connection is slow.
Keepalive timeout
After an HTTP session is established , data must be exchanged periodically to ensure that session is still alive. The keepalive timeout defines the time in seconds that SafeSquid server should wait before closing the session. This is the timeout value for persistent connections. SafeSquid closes keepalive connections if they are idle for this amount of time. The default is 120 seconds and does not need to be changed. SafeSquid, being multi-threaded, allows the use of the same connection for multiple requests. The advantage is that less number of connections are required to be opened, for individual users, to the same server.
Maximum download buffer size
The maximum size in bytes of content that are buffered, for process by the Rewrite document, Keyword Filter and external programs like Anti Virus. You can define the value depending on the type of content . If you want to handle large size of data files then you can increase the value.
Maximum upload buffer size
The maximum size of upload content that is stored in memory for processing. Content larger that the specified value will be sent directly without processing. Having an upload buffer that is too large will cause the browser to timeout since all the data is received by SafeSquid immediately, but may take more time to process and transfer to the website.
Buffer wait time
The maximum time a file can be buffered before a message is sent to the client indicating it's being downloaded and for them to retry.
The ports on which outgoing CONNECT requests are allowed to be made. You can disable connection through proxy to certain ports , by not specifying their port numbers here. Each port or port range should be separated by a comma.
Always compress mime-type
A regular expression matching the MIME-Types which should always be buffered and compressed even if they wouldn't be buffered otherwise. Specify here the regular expression for MIME Type's. This will speed up the proxy process. Regular expression for MIME Type of Binary File (i.e. application/octet-stream) is ^application/octet-stream.
Compress outgoing
Toggle gzip or deflate encoding of outgoing processed content if the client supports it. If the proxy server is running locally, it is recommended to disable this feature.
Compress incoming
This option will make Safesquid attach an Accept-Encoding header that lets the Web server know that it can accept gzip and deflate content encoding, regardless of whether or not the browser making the request supports it; if the browser doesn't support it, it will be buffered and decompressed before sending.
Add X-Forwarded-For header
This option will add a header allowing an upstream proxy or Web server know the IP address where the original request came from.
Add Via header
This option will add a header allowing an upstream proxy or Web server know which proxy server the request passed through.
Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License