squid logoSquid is a proxy server and web cache daemon. It has a wide variety of uses, from speeding up a web server by caching repeated requests, to caching web, DNS and other computer network lookups for a group of people sharing network resources, to aiding security by filtering traffic. Although primarily used for HTTP and FTP, Squid includes limited support for several other protocols including TLS, SSL, Internet Gopher and HTTPS.

When the cache client (like web browser) wishes to access a data presumably in the backing store, it first checks the cache. If an entry can be found with a tag matching that of the desired datum, the datum in the entry is used instead. This situation is known as a cache hit. The alternative situation, when the cache is consulted and found not to contain a datum with the desired tag, is known as a cache miss. More information about cache misses and cache hits is available here.

The common reason to mark cache misses and hits is to control bandwidth of these kinds of traffic. For example: there is a server running squid that caches requests sent by subscribers and it’s necessary to shape bandwidth of traffic retreived directly from original servers (misses) and traffic that comes with local cache (hits). Standard squid versions don’t allow this.

But here is patched Squid version (rpm package for Fedora Core 5) that marks misses and hits with different TOS flags: squid-2.5.STABLE-2.FC5.patched.i386.rpm

In case you run this version of squid it’s possible to mark hits by simple iptables command:

iptables -t mangle -A POSTROUTING -o eth1 -p tcp --sport 8080 -m tos --tos 0x0 -j MARK --set-mark 0x1
where eth1 is LAN network interface hardware name, 8080 is tcp port squid is listening at. Therefore all other traffic with source port 8080, output interface eth1 but with TOS flag different from 0×0 can be classified as misses.

Further information on how to follow marked packets to traffic shaping disciplines like HTB or CBQ is available at lartc.org.

P.S. It’s really working for me. Tested.

Information Improvisation: Traffic Engineering Server is Bandwidth Management and QoS Solution that is especially suitable for Broadband ISPs and SMEs.




  1. Pingback : fluffigt.com » Blog Archive » FAQ: Iptables rules on timely basis

  2. June 15, 2010  2:59 pm by Tianna Sakash Reply

    im often roaming throughout the web nearly all of the afternoon which means that We have a propensity to peruse a good deal, which sadly is not normally a beneficial option as some in the blogs I view are constructed of useless nonsense copied from various internet pages a million times, but I have to compliment you simply because this weblog is in reality quite informative and consists of a good deal of unique material, so cheers for stopping the fad of merely just copying other people’s websites, in situation you ever wanna have fun with several hands of zynga poker together just send me a message – you might have my email address :)

  3. October 17, 2010  12:54 pm by Andy Beverley Reply


    For the benefit of others, the TOS features have been available in the main Squid package for a while now (using the qos_flows parameter).

    I have also recently submitted a patch to Squid that will do the same for iptables MARK values.


  4. May 22, 2011  1:01 am by make day Reply

    Hey there! This post couldn't be written any better! Reading through this post reminds me of my previous room mate! He always kept chatting about this. I will forward this post to him. Fairly certain he will have a good read. Thanks for sharing!

  5. May 27, 2011  1:42 am by Marianna Kaili Reply

    I’ve been surfing on-line far more than three hours as of late, however I don’t ever found any interesting posting like your site. It’s fairly value ample for me. For my part, if most of web site owners and other people produced nice content material as you do, the web will be much far more helpful than ever before.

  6. May 31, 2011  12:43 am by army fail Reply

    Heya are using Wordpress for your blog platform? I'm new to the blog world but I'm trying to get started and set up my own. Do you need any coding expertise to make your own blog? Any help would be greatly appreciated!

  7. June 12, 2011  4:30 pm by watch free bootleg movies online Reply

    Hello there, I should say that Make squid to mark cache hits and misses (rpm package for Fedora 5) - Linux * Screw is really a really great place to slack from function :) I truly adore your weblog and I have already bookmarked it. Make sure you, keep it updated more usually. Thank you!

Leave a reply


Your email address will not be published.