Bug 24981 - should enable more features in squid build
Summary: should enable more features in squid build
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: squid   
(Show other bugs)
Version: 7.0
Hardware: i386
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Bill Nottingham
QA Contact:
URL:
Whiteboard:
Keywords: FutureFeature
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2001-01-25 22:37 UTC by Frank Ch. Eigler
Modified: 2014-03-17 02:18 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2001-12-07 19:35:41 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Frank Ch. Eigler 2001-01-25 22:37:52 UTC
There are a bunch of non-default options available in the squid source's
autoconf-based configure file.  Please consider adding these options
in the RPM's build instructions:

  --enable-icmp           Enable ICMP pinging
  --enable-carp           Enable CARP support
  --enable-snmp           Enable SNMP monitoring
  --enable-htpc           Enable HTCP protocol
  --enable-cache-digests  Use Cache Digests
  --enable-delay-pools    Enable delay pools to limit bandwith usage

Comment 1 Bill Nottingham 2001-04-24 16:07:23 UTC
ICMP requires a setuid binary installed, which is why we've never installed
it in the past. SNMP & delay pools have been enabled for a while.

Some of the others will be enabled in 2.4.STABLE1-1.

Comment 2 Frank Ch. Eigler 2001-09-07 17:30:52 UTC
Testing the new squid-2.4.STABLE1-1 RPM, I see that the --enable-cache-digest
option is still off.  Can at least that be turned on?

I appreciate the hypothetical security concerns with --enable-icmp,
but FWIW, I'm using it anyway.  Maybe the setuid pinger program could be
built, but packaged into a separate RPM.

Comment 3 Frank Ch. Eigler 2001-12-07 19:35:36 UTC
Can we have a ruling about the security non-risk
options such as --enable-cache-digests?


Comment 4 Bill Nottingham 2002-03-22 22:47:42 UTC
Basically, it can cause sudden large bandwidth uses (when transferring the
digests) on slow links, so it's not a great config option for the
one-package-fits-all approach.

Comment 5 Frank Ch. Eigler 2002-03-27 13:08:46 UTC
On slow links, digests can be turned off at run time, or update frequencies
turned down.  Even there, they should be an advantage as it drastically
reduces the amount of upstream cache polling, reducing traffic and latency.

Keeping the option out of the build means that people who do want it have to
recompile, not merely reconfigure.

As a compromise, please consider enabling cache-digests in the build, but
turning them off in the default configuration file.


Note You need to log in before you can comment on or make changes to this bug.