e7d/README.md

## README.md

      
    Raw
  

              README.md
            
          
    If you don't want to build Squid from scratch, you can simply Setup a Squid anonymous proxy
Build a Squid anonymous proxy from source code


Please note that this whole manual refers to the version 3.5.23 of Squid. You probably would have to adapt some commands to the version you will actually download.

Table of contents


Automated Install

Disclaimer
Squid installation script


Manual Install

Resolve compilation dependencies
Grab a copy of the source code
Compile your Squid 3
Resolve library dependencies
Build configuration file
Build service runtime
Prepare execution folders
Start!


Additional configuration

Customize settings
Disable authentication
Manage users


Automated install

Disclaimer


Read the install script before using it.

You may want to understand what the script is doing before executing it.

I will not be responsible for any damage caused to your server.

Squid installation script

wget -qO- https://gist.githubusercontent.com/e7d/1f784339df82c57a43bf/raw/squid-install.sh | sh


Manual install

Resolve compilation dependencies

Edit your /etc/apt/sources.list file, and check that you have deb-src entries like the following sample.
deb http://httpredir.debian.org/debian stable main
deb-src http://httpredir.debian.org/debian stable main
deb http://security.debian.org/ stable/updates main
deb-src http://security.debian.org/ stable/updates main


Build Squid 3 dependencies
apt-get update
apt-get install build-essential libssl-dev apache2-utils
apt-get build-dep squid3


Grab a copy of the source code

cd /usr/src
wget http://www.squid-cache.org/Versions/v3/3.5/squid-3.5.23.tar.gz
tar zxvf squid-3.5.23.tar.gz
cd squid-3.5.23


Compile your Squid 3

./configure --prefix=/usr \
  --localstatedir=/var/squid \
  --libexecdir=${prefix}/lib/squid \
  --srcdir=. \
  --datadir=${prefix}/share/squid \
  --sysconfdir=/etc/squid \
  --with-default-user=proxy \
  --with-logdir=/var/log/squid \
  --with-pidfile=/var/run/squid.pid
make -j$(nproc)
make install


Resolve library dependencies

Extract the content of squid-lib-3.4.8.tar.gz to /usr/lib
cd /usr/lib
wget -O /usr/lib/squid-lib.tar.gz http://e7d.github.io/resources/squid-lib-3.4.8.tar.gz
tar zxvf squid-lib.tar.gz
rm squid-lib.tar.gz


Build configuration file

Copy squid.conf contents to /etc/squid/squid.conf.
rm -rf /etc/squid/squid.conf
wget --no-check-certificate -O /etc/squid/squid.conf https://gist.githubusercontent.com/e7d/1f784339df82c57a43bf/raw/squid.conf


With this sample configuration file, you can use a Htpasswd file at /etc/squid/users.pwd to manage a basic authentication.
rm -rf /etc/squid/users.pwd
htpasswd -cbd /etc/squid/users.pwd proxy proxy


This this authentication is enabled by default/ To disable it you will have to comment the Authentication section of the sample squid.conf configuration file. See Disable authentication.

You can create your users entries using the htpasswd tool from Apache. See Manage user accounts.

You can directly use the users.pwd sample, providing you a basic user named proxy, using also proxy as password.

Build service runtime

Copy squid.sh contents to /etc/init/squid and make it executable.
wget --no-check-certificate -O /etc/init.d/squid https://gist.githubusercontent.com/e7d/1f784339df82c57a43bf/raw/squid.sh
chmod +x /etc/init.d/squid


Optionally, you can make it run automatically at server startup with update-rc.d squid defaults.

Prepare execution folders

mkdir /var/log/squid
mkdir /var/cache/squid
mkdir /var/spool/squid
chown -cR proxy /var/log/squid
chown -cR proxy /var/cache/squid
chown -cR proxy /var/spool/squid

squid -z


Start!

Try to start your brand new Squid with service squid start
Additional configuration

Customize settings

Squid offers some interesting customisation options you should have a look at. This modifications implies to edit the file located at /etc/squid/squid.conf.
Listening ports

With the provided configuration, your proxy will be listening on HTTP port 3128, which is the squid default.
You can change it to any available port that suits you with:
http_port 3128


Disable authentication

Your proxy will respond to any request. If you want to limit its accessibility to a set of users, you may want to enable authentication, by uncommenting the following section:
#acl Users proxy_auth REQUIRED
#http_access allow Users


This authentication relies on a password file you will find at /etc/squid/users.pwd. A sample user is included, defined with the following identification:

username : proxy
password : proxy

This user file may be modified following the next section instructions.
Manage users

Using the command htpasswd, you can manage the users able to use the proxy:

create/update a user: htpasswd -bd /etc/squid3/users.pwd myuser mypw
remove a user: htpasswd -D /etc/squid3/users.pwd myuser

NOTE: Provided authentication relies on CRYPT algorithm. Information defined in users.pwd must respect that, meaning that passwords can only be up to 8 characters.

  
## squid-install.sh
#!/bin/sh

SQUID_VERSION=3.5.23

if [ "$(id -u)" != "0" ]; then
  echo "This script must be run as root" 1>&2
  exit 1
fi

echo "Add repositories to Aptitude"
echo "deb http://httpredir.debian.org/debian stable main" > /etc/apt/sources.list.d/squid.list
echo "deb-src http://httpredir.debian.org/debian stable main" >> /etc/apt/sources.list.d/squid.list
echo "deb http://security.debian.org/ stable/updates main" >> /etc/apt/sources.list.d/squid.list
echo "deb-src http://security.debian.org/ stable/updates main" >> /etc/apt/sources.list.d/squid.list

echo "Update packages list"
apt-get update

echo "Build dependencies"
apt-get -y install build-essential libssl-dev apache2-utils
apt-get -y build-dep squid3

echo "Download source code"
cd /usr/src
wget http://www.squid-cache.org/Versions/v3/3.5/squid-${SQUID_VERSION}.tar.gz
tar zxvf squid-${SQUID_VERSION}.tar.gz
cd squid-${SQUID_VERSION}

echo "Build binaries"
./configure --prefix=/usr \
	--localstatedir=/var/squid \
	--libexecdir=${prefix}/lib/squid \
	--srcdir=. \
	--datadir=${prefix}/share/squid \
	--sysconfdir=/etc/squid \
	--with-default-user=proxy \
	--with-logdir=/var/log/squid \
	--with-pidfile=/var/run/squid.pid
make -j$(nproc)

echo "Stop running service"
service squid stop

echo "Install binaries"
make install

echo "Download libraries"
cd /usr/lib
wget -O /usr/lib/squid-lib.tar.gz http://e7d.github.io/resources/squid-lib-3.4.8.tar.gz

echo "Install libraries"
tar zxvf squid-lib.tar.gz

echo "Create configuration file"
rm -rf /etc/squid/squid.conf
wget --no-check-certificate -O /etc/squid/squid.conf https://gist.githubusercontent.com/e7d/1f784339df82c57a43bf/raw/squid.conf

echo "Create users database sample"
rm -rf /etc/squid/users.pwd
htpasswd -cbd /etc/squid/users.pwd proxy proxy

echo "Create service executable file"
wget --no-check-certificate -O /etc/init.d/squid https://gist.githubusercontent.com/e7d/1f784339df82c57a43bf/raw/squid.sh
chmod +x /etc/init.d/squid

echo "Register service to startup entries"
update-rc.d squid defaults

echo "Prepare environment for first start"
mkdir /var/log/squid
mkdir /var/cache/squid
mkdir /var/spool/squid
chown -cR proxy /var/log/squid
chown -cR proxy /var/cache/squid
chown -cR proxy /var/spool/squid
squid -z

echo "Start service"
service squid start

echo "Cleanup temporary files"
rm -rf /etc/apt/sources.list.d/squid.list
rm -rf /usr/src/squid-${SQUID_VERSION}.tar.gz
rm -rf /usr/src/squid-${SQUID_VERSION}
rm -rf /usr/lib/squid-lib.tar.gz

exit 0

## squid.conf
# General

http_port 3128
visible_hostname Proxy
forwarded_for delete
via off

# Log

logformat squid %tg.%03tu %6tr %>a %Ss/%03>Hs %<st %rm %ru %[un %Sh/%<a %mt
access_log /var/log/squid/access.log squid

# Cache

cache_dir aufs /var/cache/squid 1024 16 256
coredump_dir /var/spool/squid

acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY

refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern -i (/cgi-bin/|\?) 0     0%      0
refresh_pattern .               0       20%     4320

# Network ACL

acl localnet src 10.0.0.0/8     # RFC 1918 possible internal network
acl localnet src 172.16.0.0/12  # RFC 1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC 1918 possible internal network
acl localnet src fc00::/7       # RFC 4193 local private network range
acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged) machines

# Port ACL

acl SSL_ports port 443          # https
acl SSL_ports port 563          # snews
acl SSL_ports port 873          # rync
acl Safe_ports port 80 8080     # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443 563     # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl purge method PURGE
acl CONNECT method CONNECT

# Authentication
#   Uncomment the following lines to enable file based authentication BUT:
#   The following section requires to have squid libs installed, especially `nsca_auth`, to be working.
#   This sections uses a Htpasswd file named `users.pwd` file to store eligible accounts.
#   You can generate yours using the htpasswd command from "apache2-utils" aptitude package, using "-d" flag to use system CRYPT.

auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/users.pwd
auth_param basic children 5
auth_param basic realm Proxy
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive on

acl Users proxy_auth REQUIRED
http_access allow Users

# Access Restrictions

http_access allow manager localhost
http_access deny manager

http_access allow purge localhost
http_access deny purge

http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports

http_reply_access allow all
htcp_access deny all
icp_access allow all
always_direct allow all

# Request Headers Forcing

request_header_access Allow allow all
request_header_access Authorization allow all
request_header_access WWW-Authenticate allow all
request_header_access Proxy-Authorization allow all
request_header_access Proxy-Authenticate allow all
request_header_access Cache-Control allow all
request_header_access Content-Encoding allow all
request_header_access Content-Length allow all
request_header_access Content-Type allow all
request_header_access Date allow all
request_header_access Expires allow all
request_header_access Host allow all
request_header_access If-Modified-Since allow all
request_header_access Last-Modified allow all
request_header_access Location allow all
request_header_access Pragma allow all
request_header_access Accept allow all
request_header_access Accept-Charset allow all
request_header_access Accept-Encoding allow all
request_header_access Accept-Language allow all
request_header_access Content-Language allow all
request_header_access Mime-Version allow all
request_header_access Retry-After allow all
request_header_access Title allow all
request_header_access Connection allow all
request_header_access Proxy-Connection allow all
request_header_access User-Agent allow all
request_header_access Cookie allow all
request_header_access All deny all

# Response Headers Spoofing

reply_header_access Via deny all
reply_header_access X-Cache deny all
reply_header_access X-Cache-Lookup deny all

## squid.sh
#! /bin/sh
#
# squid3                Startup script for the SQUID HTTP proxy-cache.
#
# Version:      @(#)squid3.rc  1.0  07-Jul-2006  luigi@debian.org
#
### BEGIN INIT INFO
# Provides:          squid
# Required-Start:    $network $remote_fs $syslog
# Required-Stop:     $network $remote_fs $syslog
# Should-Start:      $named
# Should-Stop:       $named
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Squid HTTP Proxy version 3.x
### END INIT INFO

NAME=squid
DESC="Squid HTTP Proxy 3.x"
DAEMON=/usr/sbin/squid
PIDFILE=/var/run/$NAME.pid
CONFIG=/etc/squid/squid.conf
SQUID_ARGS="-YC -f $CONFIG"

[ ! -f /etc/default/squid ] || . /etc/default/squid

. /lib/lsb/init-functions

PATH=/bin:/usr/bin:/sbin:/usr/sbin

[ -x $DAEMON ] || exit 0

ulimit -n 65535

find_cache_dir () {
        w="     " # space tab
        res=`sed -ne '
                s/^'$1'['"$w"']\+[^'"$w"']\+['"$w"']\+\([^'"$w"']\+\).*$/\1/p;
                t end;
                d;
                :end q' < $CONFIG`
        [ -n "$res" ] || res=$2
        echo "$res"
}

find_cache_type () {
        w="     " # space tab
        res=`sed -ne '
                s/^'$1'['"$w"']\+\([^'"$w"']\+\).*$/\1/p;
                t end;
                d;
                :end q' < $CONFIG`
        [ -n "$res" ] || res=$2
        echo "$res"
}

start () {
        cache_dir=`find_cache_dir cache_dir`
        cache_type=`find_cache_type cache_dir`

        #
        # Create spool dirs if they don't exist.
        #
        if [ "$cache_type" = "coss" -a -d "$cache_dir" -a ! -f "$cache_dir/stripe" ] || [ "$cache_type" != "coss" -a -d "$cache_dir" -a ! -d "$cache_dir/00" ]
        then
                log_warning_msg "Creating $DESC cache structure"
                $DAEMON -z -f $CONFIG
        fi

        umask 027
        ulimit -n 65535
        cd $cache_dir
        start-stop-daemon --quiet --start \
                --pidfile $PIDFILE \
                --exec $DAEMON -- $SQUID_ARGS < /dev/null
        return $?
}

stop () {
        PID=`cat $PIDFILE 2>/dev/null`
        start-stop-daemon --stop --quiet --pidfile $PIDFILE --exec $DAEMON
        #
        #       Now we have to wait until squid has _really_ stopped.
        #
        sleep 2
        if test -n "$PID" && kill -0 $PID 2>/dev/null
        then
                log_action_begin_msg " Waiting"
                cnt=0
                while kill -0 $PID 2>/dev/null
                do
                        cnt=`expr $cnt + 1`
                        if [ $cnt -gt 24 ]
                        then
                                log_action_end_msg 1
                                return 1
                        fi
                        sleep 5
                        log_action_cont_msg ""
                done
                log_action_end_msg 0
                return 0
        else
                return 0
        fi
}

case "$1" in
    start)
        log_daemon_msg "Starting $DESC" "$NAME"
        if start ; then
                log_end_msg $?
        else
                log_end_msg $?
        fi
        ;;
    stop)
        log_daemon_msg "Stopping $DESC" "$NAME"
        if stop ; then
                log_end_msg $?
        else
                log_end_msg $?
        fi
        ;;
    reload|force-reload)
        log_action_msg "Reloading $DESC configuration files"
        start-stop-daemon --stop --signal 1 \
                --pidfile $PIDFILE --quiet --exec $DAEMON
        log_action_end_msg 0
        ;;
    restart)
        log_daemon_msg "Restarting $DESC" "$NAME"
        stop
        if start ; then
                log_end_msg $?
        else
                log_end_msg $?
        fi
        ;;
    status)
        status_of_proc -p $PIDFILE $DAEMON $NAME && exit 0 || exit 3
        ;;
    *)
        echo "Usage: /etc/init.d/$NAME {start|stop|reload|force-reload|restart|status}"
        exit 3
        ;;
esac

exit 0

## users.pwd
proxy:5qHyKopcCn9NA
	#!/bin/sh

	SQUID_VERSION=3.5.23

	if [ "$(id -u)" != "0" ]; then
	echo "This script must be run as root" 1>&2
	exit 1
	fi

	echo "Add repositories to Aptitude"
	echo "deb http://httpredir.debian.org/debian stable main" > /etc/apt/sources.list.d/squid.list
	echo "deb-src http://httpredir.debian.org/debian stable main" >> /etc/apt/sources.list.d/squid.list
	echo "deb http://security.debian.org/ stable/updates main" >> /etc/apt/sources.list.d/squid.list
	echo "deb-src http://security.debian.org/ stable/updates main" >> /etc/apt/sources.list.d/squid.list

	echo "Update packages list"
	apt-get update

	echo "Build dependencies"
	apt-get -y install build-essential libssl-dev apache2-utils
	apt-get -y build-dep squid3

	echo "Download source code"
	cd /usr/src
	wget http://www.squid-cache.org/Versions/v3/3.5/squid-${SQUID_VERSION}.tar.gz
	tar zxvf squid-${SQUID_VERSION}.tar.gz
	cd squid-${SQUID_VERSION}

	echo "Build binaries"
	./configure --prefix=/usr \
	--localstatedir=/var/squid \
	--libexecdir=${prefix}/lib/squid \
	--srcdir=. \
	--datadir=${prefix}/share/squid \
	--sysconfdir=/etc/squid \
	--with-default-user=proxy \
	--with-logdir=/var/log/squid \
	--with-pidfile=/var/run/squid.pid
	make -j$(nproc)

	echo "Stop running service"
	service squid stop

	echo "Install binaries"
	make install

	echo "Download libraries"
	cd /usr/lib
	wget -O /usr/lib/squid-lib.tar.gz http://e7d.github.io/resources/squid-lib-3.4.8.tar.gz

	echo "Install libraries"
	tar zxvf squid-lib.tar.gz

	echo "Create configuration file"
	rm -rf /etc/squid/squid.conf
	wget --no-check-certificate -O /etc/squid/squid.conf https://gist.githubusercontent.com/e7d/1f784339df82c57a43bf/raw/squid.conf

	echo "Create users database sample"
	rm -rf /etc/squid/users.pwd
	htpasswd -cbd /etc/squid/users.pwd proxy proxy

	echo "Create service executable file"
	wget --no-check-certificate -O /etc/init.d/squid https://gist.githubusercontent.com/e7d/1f784339df82c57a43bf/raw/squid.sh
	chmod +x /etc/init.d/squid

	echo "Register service to startup entries"
	update-rc.d squid defaults

	echo "Prepare environment for first start"
	mkdir /var/log/squid
	mkdir /var/cache/squid
	mkdir /var/spool/squid
	chown -cR proxy /var/log/squid
	chown -cR proxy /var/cache/squid
	chown -cR proxy /var/spool/squid
	squid -z

	echo "Start service"
	service squid start

	echo "Cleanup temporary files"
	rm -rf /etc/apt/sources.list.d/squid.list
	rm -rf /usr/src/squid-${SQUID_VERSION}.tar.gz
	rm -rf /usr/src/squid-${SQUID_VERSION}
	rm -rf /usr/lib/squid-lib.tar.gz

	exit 0
	# General

	http_port 3128
	visible_hostname Proxy
	forwarded_for delete
	via off

	# Log

	logformat squid %tg.%03tu %6tr %>a %Ss/%03>Hs %<st %rm %ru %[un %Sh/%<a %mt
	access_log /var/log/squid/access.log squid

	# Cache

	cache_dir aufs /var/cache/squid 1024 16 256
	coredump_dir /var/spool/squid

	acl QUERY urlpath_regex cgi-bin \?
	cache deny QUERY

	refresh_pattern ^ftp: 1440 20% 10080
	refresh_pattern ^gopher: 1440 0% 1440
	refresh_pattern -i (/cgi-bin/\|\?) 0 0% 0
	refresh_pattern . 0 20% 4320

	# Network ACL

	acl localnet src 10.0.0.0/8 # RFC 1918 possible internal network
	acl localnet src 172.16.0.0/12 # RFC 1918 possible internal network
	acl localnet src 192.168.0.0/16 # RFC 1918 possible internal network
	acl localnet src fc00::/7 # RFC 4193 local private network range
	acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines

	# Port ACL

	acl SSL_ports port 443 # https
	acl SSL_ports port 563 # snews
	acl SSL_ports port 873 # rync
	acl Safe_ports port 80 8080 # http
	acl Safe_ports port 21 # ftp
	acl Safe_ports port 443 563 # https
	acl Safe_ports port 70 # gopher
	acl Safe_ports port 210 # wais
	acl Safe_ports port 1025-65535 # unregistered ports
	acl Safe_ports port 280 # http-mgmt
	acl Safe_ports port 488 # gss-http
	acl Safe_ports port 591 # filemaker
	acl Safe_ports port 777 # multiling http
	acl purge method PURGE
	acl CONNECT method CONNECT

	# Authentication
	# Uncomment the following lines to enable file based authentication BUT:
	# The following section requires to have squid libs installed, especially `nsca_auth`, to be working.
	# This sections uses a Htpasswd file named `users.pwd` file to store eligible accounts.
	# You can generate yours using the htpasswd command from "apache2-utils" aptitude package, using "-d" flag to use system CRYPT.

	auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/users.pwd
	auth_param basic children 5
	auth_param basic realm Proxy
	auth_param basic credentialsttl 2 hours
	auth_param basic casesensitive on

	acl Users proxy_auth REQUIRED
	http_access allow Users

	# Access Restrictions

	http_access allow manager localhost
	http_access deny manager

	http_access allow purge localhost
	http_access deny purge

	http_access deny !Safe_ports
	http_access deny CONNECT !SSL_ports

	http_reply_access allow all
	htcp_access deny all
	icp_access allow all
	always_direct allow all

	# Request Headers Forcing

	request_header_access Allow allow all
	request_header_access Authorization allow all
	request_header_access WWW-Authenticate allow all
	request_header_access Proxy-Authorization allow all
	request_header_access Proxy-Authenticate allow all
	request_header_access Cache-Control allow all
	request_header_access Content-Encoding allow all
	request_header_access Content-Length allow all
	request_header_access Content-Type allow all
	request_header_access Date allow all
	request_header_access Expires allow all
	request_header_access Host allow all
	request_header_access If-Modified-Since allow all
	request_header_access Last-Modified allow all
	request_header_access Location allow all
	request_header_access Pragma allow all
	request_header_access Accept allow all
	request_header_access Accept-Charset allow all
	request_header_access Accept-Encoding allow all
	request_header_access Accept-Language allow all
	request_header_access Content-Language allow all
	request_header_access Mime-Version allow all
	request_header_access Retry-After allow all
	request_header_access Title allow all
	request_header_access Connection allow all
	request_header_access Proxy-Connection allow all
	request_header_access User-Agent allow all
	request_header_access Cookie allow all
	request_header_access All deny all

	# Response Headers Spoofing

	reply_header_access Via deny all
	reply_header_access X-Cache deny all
	reply_header_access X-Cache-Lookup deny all
	#! /bin/sh
	#
	# squid3 Startup script for the SQUID HTTP proxy-cache.
	#
	# Version: @(#)squid3.rc 1.0 07-Jul-2006 luigi@debian.org
	#
	### BEGIN INIT INFO
	# Provides: squid
	# Required-Start: $network $remote_fs $syslog
	# Required-Stop: $network $remote_fs $syslog
	# Should-Start: $named
	# Should-Stop: $named
	# Default-Start: 2 3 4 5
	# Default-Stop: 0 1 6
	# Short-Description: Squid HTTP Proxy version 3.x
	### END INIT INFO

	NAME=squid
	DESC="Squid HTTP Proxy 3.x"
	DAEMON=/usr/sbin/squid
	PIDFILE=/var/run/$NAME.pid
	CONFIG=/etc/squid/squid.conf
	SQUID_ARGS="-YC -f $CONFIG"

	[ ! -f /etc/default/squid ] \|\| . /etc/default/squid

	. /lib/lsb/init-functions

	PATH=/bin:/usr/bin:/sbin:/usr/sbin

	[ -x $DAEMON ] \|\| exit 0

	ulimit -n 65535

	find_cache_dir () {
	w=" " # space tab
	res=`sed -ne '
	s/^'$1'['"$w"']\+[^'"$w"']\+['"$w"']\+\([^'"$w"']\+\).*$/\1/p;
	t end;
	d;
	:end q' < $CONFIG`
	[ -n "$res" ] \|\| res=$2
	echo "$res"
	}

	find_cache_type () {
	w=" " # space tab
	res=`sed -ne '
	s/^'$1'['"$w"']\+\([^'"$w"']\+\).*$/\1/p;
	t end;
	d;
	:end q' < $CONFIG`
	[ -n "$res" ] \|\| res=$2
	echo "$res"
	}

	start () {
	cache_dir=`find_cache_dir cache_dir`
	cache_type=`find_cache_type cache_dir`

	#
	# Create spool dirs if they don't exist.
	#
	if [ "$cache_type" = "coss" -a -d "$cache_dir" -a ! -f "$cache_dir/stripe" ] \|\| [ "$cache_type" != "coss" -a -d "$cache_dir" -a ! -d "$cache_dir/00" ]
	then
	log_warning_msg "Creating $DESC cache structure"
	$DAEMON -z -f $CONFIG
	fi

	umask 027
	ulimit -n 65535
	cd $cache_dir
	start-stop-daemon --quiet --start \
	--pidfile $PIDFILE \
	--exec $DAEMON -- $SQUID_ARGS < /dev/null
	return $?
	}

	stop () {
	PID=`cat $PIDFILE 2>/dev/null`
	start-stop-daemon --stop --quiet --pidfile $PIDFILE --exec $DAEMON
	#
	# Now we have to wait until squid has _really_ stopped.
	#
	sleep 2
	if test -n "$PID" && kill -0 $PID 2>/dev/null
	then
	log_action_begin_msg " Waiting"
	cnt=0
	while kill -0 $PID 2>/dev/null
	do
	cnt=`expr $cnt + 1`
	if [ $cnt -gt 24 ]
	then
	log_action_end_msg 1
	return 1
	fi
	sleep 5
	log_action_cont_msg ""
	done
	log_action_end_msg 0
	return 0
	else
	return 0
	fi
	}

	case "$1" in
	start)
	log_daemon_msg "Starting $DESC" "$NAME"
	if start ; then
	log_end_msg $?
	else
	log_end_msg $?
	fi
	;;
	stop)
	log_daemon_msg "Stopping $DESC" "$NAME"
	if stop ; then
	log_end_msg $?
	else
	log_end_msg $?
	fi
	;;
	reload\|force-reload)
	log_action_msg "Reloading $DESC configuration files"
	start-stop-daemon --stop --signal 1 \
	--pidfile $PIDFILE --quiet --exec $DAEMON
	log_action_end_msg 0
	;;
	restart)
	log_daemon_msg "Restarting $DESC" "$NAME"
	stop
	if start ; then
	log_end_msg $?
	else
	log_end_msg $?
	fi
	;;
	status)
	status_of_proc -p $PIDFILE $DAEMON $NAME && exit 0 \|\| exit 3
	;;
	*)
	echo "Usage: /etc/init.d/$NAME {start\|stop\|reload\|force-reload\|restart\|status}"
	exit 3
	;;
	esac

	exit 0