Make squid to mark cache hits and misses (rpm package for Fedora 5)

squid logoSquid is a proxy server and web cache daemon. It has a wide variety of uses, from speeding up a web server by caching repeated requests, to caching web, DNS and other computer network lookups for a group of people sharing network resources, to aiding security by filtering traffic. Although primarily used for HTTP and FTP, Squid includes limited support for several other protocols including TLS, SSL, Internet Gopher and HTTPS.

When the cache client (like web browser) wishes to access a data presumably in the backing store, it first checks the cache. If an entry can be found with a tag matching that of the desired datum, the datum in the entry is used instead. This situation is known as a cache hit. The alternative situation, when the cache is consulted and found not to contain a datum with the desired tag, is known as a cache miss. More information about cache misses and cache hits is available here.

The common reason to mark cache misses and hits is to control bandwidth of these kinds of traffic. For example: there is a server running squid that caches requests sent by subscribers and it’s necessary to shape bandwidth of traffic retreived directly from original servers (misses) and traffic that comes with local cache (hits). Standard squid versions don’t allow this.

But here is patched Squid version (rpm package for Fedora Core 5) that marks misses and hits with different TOS flags: squid-2.5.STABLE-2.FC5.patched.i386.rpm

In case you run this version of squid it’s possible to mark hits by simple iptables command:

iptables -t mangle -A POSTROUTING -o eth1 -p tcp --sport 8080 -m tos --tos 0x0 -j MARK --set-mark 0x1
where eth1 is LAN network interface hardware name, 8080 is tcp port squid is listening at. Therefore all other traffic with source port 8080, output interface eth1 but with TOS flag different from 0x0 can be classified as misses.

Further information on how to follow marked packets to traffic shaping disciplines like HTB or CBQ is available at

P.S. It’s really working for me. Tested.

Information Improvisation: Traffic Engineering Server is Bandwidth Management and QoS Solution that is especially suitable for Broadband ISPs and SMEs.


Stefan Durand

My name is Stefan, I'm the admin of LinuxScrew. I am a full-time Linux/Unix sysadmin, a hobby Python programmer, and a part-time blogger. I post useful guides, tips, and tutorials on common Linux and Programming issues. Feel free to reach out in the comment section.

Leave a Reply

Your email address will not be published. Required fields are marked *