Sun ONE Web Proxy Server 3.6 SP2 Administrator's Guide - UNIX Version |
817-0535.10 |
Updated: January 30, 2003 |
Contents PrefaceWhat iPlanet Web Proxy Server Provides
Administering the Proxy Server
What's in This Book?
Conventions Used in This Book
Contacting iPlanet Technical Support
Chapter 1 Starting the Administration and Proxy ServersStarting and Stopping the Administration Server
Starting the Administration Server
Using the Server Administration Page
Stopping the Administration Server
Starting and Stopping iPlanet Web Proxy Server
Starting the Proxy Server
Creating a New Proxy Server Instance
Restarting the Proxy Server
Stopping the Proxy Server
Chapter 2 Managing Your ServerOverview
Using the Server Manager
Chapter 3 Managing Templates and ResourcesWhat is a Template?
Understanding Regular Expressions
Creating Templates
Understanding Wildcard Patterns
Viewing and Removing Templates
Removing Resources
Online Forms for Controlling Resources
Chapter 4 Configuring Server PreferencesStarting and Stopping the Proxy Server
Viewing Server Settings
Restoring and Viewing Backup Configuration Files
Changing System Specifics
Bind Address
Creating MIME Types
Server Port
Server User
Processes
Process Life
DNS
ICP
Proxy Array
Parent Array
Proxy Timeout
Understanding DNS Caching
Enabling HTTP Keep-Alive
Setting Levels of DNS Subdomains
Chapter 5 Controlling Access to Your ServerHow Does Access Control Work?
Access Control Files
Restricting Access
Controlling Access with Client Certificates
Denying Access to a Resource
Allowing Access to a Resource
Chapter 6 Proxying and Routing URLsEnabling Proxying for a Resource
Configuring Routing for a Resource
Chaining Proxy Servers
Routing Through a SOCKS Server
Sending the Client's IP Address to the Server
Allowing Clients to Check IP Addresses
Disconnecting the Proxy from the Network
Changing the Default FTP Transfer Mode
Mapping URLs to Other URLs
Creating a URL Mapping
Specifying the SOCKS Name Server IP Address
Editing Existing Mappings
Redirecting URLs
Client Autoconfiguration
Chapter 7 Reverse ProxyHow Reverse Proxying Works
Proxy as a Stand-in for a Server
Setting up a Reverse Proxy
Proxying for Load Balancing
Virtual Multihosting in Reverse Proxy
Chapter 8 Using SOCKS v5Using a SOCKS Server
Configuring SOCKS v5
Authenticating Through a SOCKS Server Chain
Creating SOCKS v5 Authentication Entries
Editing SOCKS v5 Authentication Entries
Deleting SOCKS v5 Authentication Entries
Moving SOCKS v5 Authentication Entries
Creating SOCKS v5 Connection Entries
Editing SOCKS v5 Connection Entries
Deleting SOCKS v5 Connection Entries
Moving SOCKS v5 Connection Entries
Creating Routing Entries
Editing Routing Entries
Deleting Routing Entries
Moving Routing Entries
Enabling SOCKS
Chapter 9 CachingHow Caching Works
Understanding the Cache Structure
Distributing Files in the Cache
Setting Cache Specifics
Enabling the Cache
Configuring the Cache
Creating a Cache Working Directory
Recording URLs
Setting the Cache Size
Editing the Cache Capacity
Caching HTTP Documents
Caching FTP and Gopher Documents
Setting the Cache Default
Adding and Modifying Cache Partitions
Caching Pages Retrieved Using HTTPS
Caching Pages that Require Authentication
Caching Queries
Setting the Minimum and Maximum Cache File Sizes
Setting the Cache Behavior for Client Interruptions
Setting the Cache Behavior for Failed Origin Server Connections
Adding and Modifying Cache Sections
Setting the Cache Capacity
Enabling the Cache Monitor and Manager
Accessing Cache Manager Information
Caching Local Hosts
Using Cache Batch Updates
Creating a Batch Update
Using the Cache Command Line Utilities
Editing or Deleting a Batch Update Configuration
Building the Cache Directory Structure
Routing through Proxy Arrays
Upgrading the Cache Structure
Repairing the Cache URL List
Cleaning the URL List
Creating a Proxy Array Member List
Routing Through ICP Neighborhoods
Configuring Proxy Array Members
Enabling Routing Through a Proxy Array
Enabling a Proxy Array
Redirecting Requests in a Proxy Array
Generating a PAC File from a PAT File
Routing Through a Parent Array
Adding Parents to an ICP Neighborhood
Removing Parents from an ICP Neighborhood
Editing Configurations for Parents in an ICP neighborhood
Adding Siblings to an ICP Neighborhood
Removing Siblings from an ICP Neighborhood
Editing Configurations for Siblings in an ICP Neighborhood
Configuring Individual ICP Neighbors
Enabling ICP
Enabling Routing Through an ICP Neighborhood
Chapter 10 Filtering Content Through the ProxyFiltering URLs
Creating a Filter File of URLs
Restricting Access to Specific Web Browsers
Setting Default Access for a Filter File
Request Blocking
Suppressing Outgoing Headers
Appending Customized Outgoing Headers
Filtering by MIME Type
Filtering out HTML Tags
Chapter 11 Using the Client Autoconfiguration FileUnderstanding Autoconfiguration Files
What Does the Autoconfiguration File Do?
Using the Server Manager Forms to Create an Autoconfiguration File
Accessing the Proxy as a Web Server
Creating the Autoconfiguration File Manually
The FindProxyForURL Function
The Function Return Values
JavaScript Functions and Environment
Chapter 12 Monitoring the Server's StatusMonitoring the Server Using HTTP
Server Usage
Working with Log Files
Activity Breakdown
Totals
Viewing the Error Log File
Monitoring the Server Using SNMP
Viewing an Access Log File
Understanding Access Logfile Syntax
Understanding Status Codes
Setting Access Log Preferences
Working with the Log Analyzer
Running the Log Analyzer from the Server Manager
Running the Log Analyzer from the Command Line
Archiving Log Files
How Does SNMP Work?
The Proxy Server MIB
Chapter 13 Proxy Error Log MessagesProxy Error Messages
Catastrophe
SOCKS Error Messages
Failure
Warning
Security
Chapter 14 Understanding Encryption and SSLWhat is Encryption?
Using Encryption in the Proxy Server
What is SSL?
Tunneling SSL through the Proxy Server
What is HTTPS?
Enabling HTTPS Proxying
Enabling SSL on Your Server
Activating SSL
Setting Encryption Preferences
SSL Version
Increasing Server Security
Client Certificates
Ciphers
Keeping Clients from Caching SSL Files
Configuring SSL Tunneling
What is Client Authentication?
Client Authentication in a Reverse Proxy
Effects of an SSL-Enabled Server
Setting up Client Authentication in a Reverse Proxy
Secure URL Construction
Secure Server Document Root
Unprotected Server Document Directory
Changes to the magnus.conf File
Chapter 15 Tuning Server PerformanceUsing Timeouts Effectively
Read Timeout
Controlling Up-to-Date Checks
Proxy Timeout
Timeout After Interrupt
Keep-Alive Timeout
Global Netlib Timeout
Stall Timeout Override
Setting the Last-modified Factor
Using DNS Effectively
Determining the Number of Processes
Disabling Keep-Alives
Using SOCKS Effectively
Worker Threads
Tuning FTP Listing Width
Accept Threads
Using the Cache Effectively
Optimizing Cache Architecture
Tuning the Garbage Collector
Tuning the Cache
Gc URL DB Interval
Gc Nap Length
Hard Gc Nap Count
Soft Gc Nap Count
Hard Gc Max Entries
Gc Dir Chunk
Gc Hi Margin Percent
Gc Lo Margin Percent
Gc Extra Margin Percent
Gc Leave Fs Full Percent
Chapter 16 Configuring the Proxy ManuallyThe magnus.conf File
Programming the Proxy Server
The obj.conf File
The Structure of obj.conf
The mime.types File
Required Objects for obj.conf
How the Proxy Server Handles Objects
The admpw File
The socks5.conf File
The bu.conf File
Object Boundaries
The icp.conf File
Examples of bu.conf
The parray.pat File
The parent.pat File
Chapter 17 Creating Server Plug-in FunctionsWhat Is the Server Plug-in API?
Writing Plug-in Functions
The Server Plug-in API Header Files
Compiling and Linking Your Code
Getting Data From the Server: The Parameter Block
Passing Parameters to Server Application Functions
Reporting Errors to the Server
Loading Your Shared Object
Using Your Plug-in Functions
Appendix A Server Plug-in API Function Definitions
Appendix B Server Data StructuresThe Session Data Structure
The Parameter Block (pblock) Data Structure
The Pb_entry Data Structure
The Client Parameter Block
The Pb_param Data Structure
The Request Data Structure
The Stat Data Structure
The Shared Memory Structure, Shmem_s
The Netbuf Data Structure
The Filebuffer Data Structure
The Cinfo Data Structure
The SYS_NETFD Data Structure
The SYS_FILE Data Structure
The SEMAPHORE Data Structure
The Sockaddr_in Data Structure
The CONDVAR Data Structure
The CRITICAL Data Structure
The SYS_THREAD Data Structure
The CacheEntry Data Structure
The CacheState Data Structure
The ConnectMode Data Structure
Appendix C Proxy Configuration FilesThe magnus.conf File
Certfile
The obj.conf File
Ciphers
DNS
ErrorLog
Keyfile
LDAPConnPool
LoadObjects
MaxProcs
PidLog
Port
ProcessLife
RootObject
Security
ServerName
SSLClientAuth
SSL2
SSL3
SSL3Ciphers
User
AddLog
The socks5.conf File
AuthTrans
Connect
DNS
Error
Filter
Init
NameTrans
ObjectType
PathCheck
Route
Service
Authentication/Ban Host Entries
The bu.conf File
Routing Entries
Variables and Flags
Accept
The icp.conf File
Connections
Count
Days
Depth
Object boundaries
Reject
Source
Time
Type