OS/2 Shareware BBS: 35 Internet

home *** CD-ROM | disk | FTP | other *** search

/ OS/2 Shareware BBS: 35 Internet / 35-Internet.zip / webtraps.zip / ibmproxy.conf2 < prev next >

Wrap

Text File | 2001-04-18 | 111KB | 2,977 lines

# (C) COPYRIGHT International Business Machines Corp. 1997, 2000 # All Rights Reserved # Licensed Materials - Property of IBM # # US Government Users Restricted Rights - Use, duplication or # disclosure restricted by GSA ADP Schedule Contract with IBM Corp. # # ===================================================================== # # # This is the default configuration file for the # IBM WebSphere Performance Pack Web Traffic Express # proxy server. # # TABLE OF CONTENTS # ================= # - Basic directives # - Process control # - Logging directives # * log file directives # * log archive directives # * log filtering directives # - Method directives # - Content presentation directives # * Welcome pages directives # * Directory browsing directives # * CGI program directives # * Content type directives # - Error Message directives # - API directives # - User authentication and document protection # - Mapping rules # - Performance directives # - Timeout directives # - Proxy directives # - Proxy caching directives # - Proxy cache garbage collection directives # - Advanced proxy and caching directives # - Remote Cache Access (RCA) directives # - SNMP directives # - Icon directives # - Cache agent directives # - PICS Filtering directives # - Miscellaneous directives # # ===================================================================== # # ===================================================================== # # # Basic directives # # ===================================================================== # # ServerRoot directive: # # Set this to point to the directory where you unpacked this # distribution, or wherever you want ibmproxy to have its "home". # # Default: opt/IBMWTE/usr/internet/server_root # Syntax: ServerRoot <path> ServerRoot /opt/IBMWTE/usr/internet/server_root # This ServerRoot entry usually points to where the WTE install # is, you sure can change it, at least to get a WTE log file # in a different location # Hostname directive: # # Specify the fully-qualified hostname, including the domain. You can # use an alias (if you have one set up) instead of the machine's real # host name so that clients will not be able to see the real host name. # # Default: <host name default defined in DNS> # Syntax: Hostname <fully-qualified host name> # # BindSpecific directive: # # Allows a multi-homed system to run a different server on # each IP address. # # Default: off # Syntax: BindSpecific <on | off> BindSpecific off # Port directive: # # Port used by the server. # NOTE: If the server is not started by root, you have to use a port # above 1024; good choices are 8000, 8001, 8080. # # Default: 80 # Syntax: Port <num> Port 8081 # Multiple ports are possible # AdminPort directive: # # This port may be used by the administrator for access to the # server status pages or configuration forms. Requests to this # port will not be queued with all other incoming requests on the # standard port(s) defined with the Port directive. However, they # will go through the normal access control and request-mapping # rules (Pass, Exec, Protect, etc). # # The administration port must not be the same as the standard # port(s) defined with the Port directive. # # Default: none # Syntax: AdminPort <num> AdminPort 8007 # ===================================================================== # # # Process control directives # # ===================================================================== # # UserId directive: # # Specify the user name/number to which the server changes # before accessing files, if the server was started as root. # # Default: nobody # Syntax: UserId <user name/number> # UserID wesadmin # GroupId directive: # # Specify the group name/number the server changes to # before accessing files, if the server was started as root. # # Default: nobody # Syntax: GroupId <group name/number> GroupId wesadmin # Both UserID and GroupId will be the values you enter during # WES install # NoBG directive: # # Normally, when the server is started, the process forks to go # into the background, and the first process exits. If you turn on # NoBG, the main process will not go to the background. If you're # using init to start the server, it may be useful to set this # to ON (and then init can respawn the server if it fails). # # Note that this directive will be ignored if the server is started # through SRC. # # Default: off # Syntax: NoBG <on | off> NoBG off # PidFile directive: # # When the server process starts, it will record its process id # ("pid") in a file, for use by the "ibmproxy -restart" command. This # directive specifies the location for that file. If you are # running multiple instances of the server on a single system, each # should have its own PidFile. # # Default: <server-root>/ibmproxy-pid # If no ServerRoot directive is given, then the default for # the PidFile is /tmp/ibmproxy-pid # Syntax: PidFile <path-to-pid-file-into> # ===================================================================== # # # Logging directives # # ===================================================================== # # ============================== # *** log file directives *** # ============================== # If you want logging, specify locations for your logs: # # AccessLog - used for logging local document requests # ProxyAccessLog - used for logging proxy requests # CacheAccessLog - used for logging hits on proxy cache # ErrorLog - used for logging any errors # EventLog - used for logging initialization events # # NOTE: To enable logging of requests to the proxy cache, the # following must be defined: # # Caching MUST be turned ON (default is OFF) # CacheAccessLog MUST be defined # # Defaults: AccessLog /opt/IBMWTE/usr/internet/server_root/logs/local # ProxyAccessLog /opt/IBMWTE/usr/internet/server_root/logs/proxy # CacheAccessLog /opt/IBMWTE/usr/internet/server_root/logs/cache # ErrorLog /opt/IBMWTE/usr/internet/server_root/logs/error # EventLog /opt/IBMWTE/usr/internet/server_root/logs/event # Syntax: <directive> <fullpath-filename> AccessLog /opt/IBMWTE/usr/internet/server_root/logs/ap_local ProxyAccessLog /opt/IBMWTE/usr/internet/server_root/logs/ap_proxy CacheAccessLog /opt/IBMWTE/usr/internet/server_root/logs/ap_cache ErrorLog /opt/IBMWTE/usr/internet/server_root/logs/ap_error EventLog /opt/IBMWTE/usr/internet/server_root/logs/ap_event TraceLog /opt/IBMWTE/usr/internet/server_root/logs/ap_tracelog # LogFileFormat: # # Specify the format of the access log files. # By default, logs are displayed in the NCSA Common Log Format. # Specify "combined" to get the NCSA Combined Log Format instead. # Entries in the combined format are the same as those in the # common format with the addition of fields for the referring URL, # User Agent, and Cookie (if present in the request). Certain site # analysis tools, such as IBM's Site Analyzer, require proxy logs # to be in Combined format. # # Default: common # Syntax LogFileFormat <common | combined> # # LogFileFormat common # LogToSyslog directive: # # In addition to logging access request information to the server logs, # you can send log entries to the UNIX syslog daemon. # # Default: off # Syntax: LogToSyslog <on | off> # # NOTE: Please reference online documentation/help for a more extensive # explanation of how to use this function. # LogToSyslog off # NoLog directive: # # Suppress access log entries for host matching a given IP address # or hostname. Wild cards "*" may be used. This directive may be used # multiple times within the configuration file. # # Default: <none> # Syntax: NoLog <hostnames and IP addresses> # # NOTE: DNS-Lookup may need to be turned ON. # # Example: # NoLog 128.141.*.* # NoLog *.location.company.com # Nolog *.*.*.com # ============================== # *** log archive directives *** # ============================== # LogArchive directive # # Specify the type of archive processing to use. # # Default: Purge # Syntax: LogArchive <Compress | Purge | none> # LogArchive Purge # Compress directives # # If you specified "Compress" for LogArchive, specify: # - the age at which the log files should be compressed # - the age at which the log files should be deleted # - the compress command you want executed against the # log archive files # # Default: 0 # Syntax: CompressAge <num> # Syntax: CompressDeleteAge <num> # # Default: <none> # Syntax: CompressCommand <commpress-command> # CompressAge 1 CompressDeleteAge 7 # CompressCommand tar -cf /logarchs/log%%DATE%%.tar %%LOGFILES%% ; gzip /logarchs/log%%DATE%%.tar # CompressCommand tar -cf /logarchs/log%%DATE%%.tar %%LOGFILES%% ; compress /logarchs/log%%DATE%%.tar # CompressCommand zip -q /logarchs/log%%DATE%%.tar %%LOGFILES%% # Purge directives # # If you specified "Purge" for LogArchive, # specify the age and size(in Megabytes) limits # at which time the files should be purged. # # Syntax: PurgeAge <num> # Default: PurgeAge 7 # Syntax: PurgeSize <num> # Default: PurgeSize 0 # PurgeAge 7 PurgeSize 0 # ==================================== # *** log filtering directives *** # ==================================== # AccessLogExcludeUserAgent directive # # A filter to exclude request URLs from user-agents that match a # given template. # # Default: Requests from Network Dispatcher's HTTP and WTE advisors # will not be logged # Syntax: AccessLogExcludeUserAgent <User-Agent template> # AccessLogExcludeUserAgent IBM_Network_Dispatcher_HTTP_Advisor AccessLogExcludeUserAgent IBM_Network_Dispatcher_WTE_Advisor # AccessLogExcludeURL, AccessLogExcludeMethod, # AccessLogExcludeReturnCode and AccessLogExcludeMimeType directive: # # Access log entries may be filtered to exclude requests by: # * requests matching a given URL template # * requests of a given method # * requests with a given return code range (200s, 300s, 400s, 500s) # * requests for files of a given mime type # # Default: <none> # Syntax: AccessLogExcludeURL <URL template> # AccessLogExcludeMethod <GET | PUT | POST | DELETE> # AccessLogExcludeReturnCode <200 | 300 | 400 | 500> # AccessLogExcludeMimeType <text/html | text/plain | # text/other | image/gif | # image/jpeg | image/(other) | # application/* | # audio/* | video/* | # (other)/(other)> # # Example: # AccessLogExcludeURL *.gif # AccessLogExcludeURL /Freebies/* # AccessLogExcludeMethod PUT # AccessLogExcludeMethod POST # AccessLogExcludeReturnCode 300 # AccessLogExcludeReturnCode 400 # AccessLogExcludeMimeType text/html # AccessLogExcludeMimeType text/plain # ===================================================================== # # # Method directives # # ===================================================================== # # # HTTP Methods that you do or don't want your server to accept. # # NOTE: Please reference online documentation/help to specify or # create other methods. # # Default: Enable GET # Enable HEAD # Enable POST # Enable TRACE # Enable OPTIONS # Enable CONNECT # Disable PUT # Disable DELETE # Syntax: Enable <method> # Disable <method> # Enable GET Enable HEAD Enable POST Enable TRACE Enable OPTIONS Enable CONNECT Disable PUT Disable DELETE # ===================================================================== # # # Content presentation directives # # ===================================================================== # # ============================== # *** Welcome pages *** # ============================== # Welcome directive: # # Specifies the default file name to use when only a directory name is # specified in the URL. Many Welcome directives may be defined, with the # one defined earliest having precedence. # # Multi-homed servers can use the IP-address_template parameter to # specify an address template which restricts the server to displaying # a specific welcome page based on which address template matches. # # NOTE: the address of the servers network connection is compared # to the template, not the address of the requesting client. # # Defaults: Welcome.html, welcome.html, index.html, Frntpage.html # Syntax: Welcome file-name [IP-address-template] # # Example: # Welcome letsgo.html # Welcome CustomerA.html 9.67.106.79 Welcome Welcome.html Welcome welcome.html Welcome index.html Welcome Frntpage.html # ===================================== # *** Directory browsing directives *** # ===================================== # These directives control directory listings as follows: # * Enable/disable or selective directory browsing # * Configure/disable readme feature for directory browsing # * Control the appearance of the directory listing # * Define the maximum width of the description text # * Define the maximum & minimum width of the filename field # # Default: DirShowIcons on # DirShowDate on # DirShowSize on # DirShowDescription on # DirShowCase on # DirShowHidden on # DirShowBytes off # Syntax: <directive> <on | off> # # Default: DirShowMaxDescrLength 25 # DirShowMaxLength 25 # DirShowMinLength 15 # Syntax: <directive> <num> DirShowIcons on DirShowDate on DirShowSize on DirShowDescription on DirShowCase on DirShowHidden on DirShowBytes off DirShowMaxDescrLength 25 DirShowMaxLength 25 DirShowMinLength 15 # FTPDirInfo directive: # # FTP servers may generate a welcome or description message for # a directory. This can optionally be displayed as part of FTP # directory listings; in addition, you can control where it will # be displayed. The following options are available: # # FTPDirInfo top - display welcome message at the top of the page, # before the listing of files in the directory. # FTPDirInfo bottom - display welcome message at the bottom of the page, # after the listing of files in the directory. # FTPDirInfo off - do not display the welcome message from the # FTP server. # # Note that this directive gives no control over the content of the # message itself; that message will be generated by the FTP server # being contacted. # # Default: FTPDirInfo top # Syntax: FTPDirInfo <top | bottom | off> # # Example: don't display welcome messages from FTP servers # FTPDirInfo off FTPDirInfo top # DirBackgroundImage # # This directive allows applying a background image to directory # listings generated by the proxy. Directory listings are generated # when browsing FTP sites through the proxy. # # The background image should be given as an absolute path. If the # image is located at another server, the background image must # be specified as a full URL. # # If no background image is specified, a plain white background will # be used. # # Default: no background image specified # Syntax: DirBackgroundImage /some/image.jpg # # Example: use /images/corplogo.png as background graphic # DirBackgroundImage /images/corplogo.png # # Example: use /graphics/embossed.gif on Web server www.somehost.com as # background graphic # DirBackgroundImage http://www.somehost.com/graphics/embossed.gif # ===================================== # *** CGI program directives *** # ===================================== # InheritEnv and DisInheritEnv directives: # # InheritEnv - Specify which environment variables are # inherited by CGI programs. # # DisInheritEnv - Specify which environment variables are # disinherited by CGI programs. # # By default, all environment variables are inherited by # CGI programs. If you include any InheritEnv directive, # only those environment variables specified on InheritEnv # directives will be inherited. You can exclude individual # environment variables from being inherited with the # DisInheritEnv directive. # # NOTE: Refer to the Web Programming Guide for a list # of the CGI-specific environment variables. # # Default: <none> # Syntax: InheritEnv <variable> # Syntax: DisInheritEnv <variable> # Example: # InheritEnv PATH # InheritEnv LANG=ENUS # DisInheritEnv PATH # DisInheritEnv LANG # ===================================== # *** Content type directives *** # ===================================== # imbeds directive: # # Controls Server Side Include processing for output that has # Content-type: text/x-ssi-html. # # NOTE: Please reference online documentation/help for a more extensive # explanation of how to use this function. # # Default: off SSIOnly # Syntax: imbeds <on/off/files/cgi/noexec> <html/SSIOnly> # parm1: on process files, CGIs and SSI #exec CGI # off never use SSI # files process files and SSI #exec CGI # cgi process CGIs and SSI #exec CGI # noexec process files, CGIs but not SSI #exec CGI # # parm2: html also process Content-type: text/html # SSIOnly process Content-type: text/x-ssi-html only # # imbeds on SSIOnly # SuffixCaseSense directive: # # Specify whether case sensitivity for suffixes is on or off. # # Default: off # Syntax: SuffixCaseSense <on | off> # # NOTE: This directive should be BEFORE any AddType or AddEncoding # directives. # SuffixCaseSense off # AcceptAnything directive: # # If this is set to ON, documents will be served to the client even # if the MIME type of the document does not match an Accept: # header sent by the client. If this is OFF, documents with a MIME type # which the client doesn't not state that they understand will cause # the client to see an error page instead. # # Default: ON # Syntax: AcceptAnything <on | off> # # AcceptAnything on # Map suffixes to the content-type of a file. # # Defaults: see list below # Syntax: Addtype <.suffix><representation><encoding><quality> # where <quality> is optional # # Application-specific types AddType .bcpio application/x-bcpio binary 1.0 # Old binary CPIO AddType .cpio application/x-cpio binary 1.0 # POSIX CPIO AddType .gtar application/x-gtar binary 1.0 # Gnu tar AddType .bin application/octet-stream binary 1.0 # Uninterpreted binary AddType .class application/octet-stream binary 1.0 # Java applet or application AddType .dms application/octet-stream binary 1.0 # AddType .exe application/octet-stream binary 0.8 # MSDOS/OS2/WIN executables AddType .dll application/octet-stream binary 0.8 # OS2/WIN executables AddType .lha application/octet-stream binary 0.8 # LHArc AddType .lzh application/octet-stream binary 0.8 # Compressed data AddType .oda application/oda binary 1.0 AddType .pdf application/pdf binary 1.0 AddType .ai application/postscript 8bit 0.5 # Adobe Illustrator AddType .PS application/postscript 8bit 0.8 # PostScript AddType .eps application/postscript 8bit 0.8 AddType .ps application/postscript 8bit 0.8 AddType .rtf application/rtf 7bit 1.0 # RTF AddType .sit application/stuffit binary 1.0 # Mac StuffIt compressor AddType .csh application/x-csh 7bit 0.5 # C-shell script AddType .dvi application/x-dvi binary 1.0 # TeX DVI AddType .hdf application/x-hdf binary 1.0 # NCSA HDF data file AddType .latex application/x-latex 8bit 1.0 # LaTeX source AddType .nc application/x-netcdf binary 1.0 # Unidata netCDF data AddType .cdf application/x-netcdf binary 1.0 AddType .js application/x-javascript binary 1.0 # Java script AddType .sh application/x-sh 7bit 0.5 # Shell-script AddType .shar application/x-shar 8bit 1.0 # Shell archive AddType .sv4cpio application/x-sv4cpio binary 1.0 # SVR4 CPIO AddType .sv4crc application/x-sv4crc binary 1.0 # SVR4 CPIO with CRC AddType .tcl application/x-tcl 7bit 0.5 # TCL-script AddType .tex application/x-tex 8bit 1.0 # TeX source AddType .texi application/x-texinfo 7bit 1.0 # Texinfo AddType .texinfo application/x-texinfo 7bit 1.0 AddType .t application/x-troff 7bit 0.5 # Troff AddType .roff application/x-troff 7bit 0.5 AddType .tr application/x-troff 7bit 0.5 AddType .man application/x-troff-man 7bit 0.5 # Troff with man macros AddType .me application/x-troff-me 7bit 0.5 # Troff with me macros AddType .ms application/x-troff-ms 7bit 0.5 # Troff with ms macros AddType .src application/x-wais-source 7bit 1.0 # WAIS source AddType .prs application/x-freelance binary 1.0 # Lotus Freelance AddType .pre application/vnd.lotus-freelance binary 1.0 # Lotus Freelance AddType .prz application/vnd.lotus-freelance binary 1.0 # Lotus Freelance AddType .lwp application/vnd.lotus-wordpro binary 1.0 # Lotus Word Pro AddType .sam application/vnd.lotus-wordpro binary 1.0 # Lotus Word Pro AddType .apr application/vnd.lotus-approach binary 1.0 # Lotus Approach AddType .vew application/vnd.lotus-approach binary 1.0 # Lotus Approach AddType .123 application/vnd.lotus-1-2-3 binary 1.0 # Lotus 1-2-3 AddType .wk1 application/vnd.lotus-1-2-3 binary 1.0 # Lotus 1-2-3 AddType .wk3 application/vnd.lotus-1-2-3 binary 1.0 # Lotus 1-2-3 AddType .wk4 application/vnd.lotus-1-2-3 binary 1.0 # Lotus 1-2-3 AddType .org application/vnd.lotus-organizer binary 1.0 # Lotus Organizer AddType .or2 application/vnd.lotus-organizer binary 1.0 # Lotus Organizer AddType .or3 application/vnd.lotus-organizer binary 1.0 # Lotus Organizer AddType .scm application/vnd.lotus-screencam binary 1.0 # Lotus Screencam AddType .ppt application/vnd.microsoft-powerpoint binary 1.0 # MS PowerPoint AddType .pac application/x-ns-proxy-autoconfig binary 1.0 # Netscape proxy Autoconfig files AddType .hqx application/mac-binhex40 binary 1.0 # Macintosh BinHex format AddType .bsh application/x-sh 7bit 0.5 # Bourne shell script AddType .ksh application/x-ksh 7bit 0.5 # K-shell script AddType .pcl application/x-pcl 7bit 0.5 # AddType .wk1 application/x-123 binary 1.0 # # Audio files AddType .snd audio/basic binary 1.0 # Audio AddType .au audio/basic binary 1.0 AddType .mid audio/midi binary 1.0 AddType .midi audio/midi binary 1.0 AddType .kar audio/midi binary 1.0 AddType .mpga audio/mpeg binary 1.0 AddType .mp2 audio/mpeg binary 1.0 AddType .mp3 audio/mpeg binary 1.0 AddType .aiff audio/x-aiff binary 1.0 AddType .aifc audio/x-aiff binary 1.0 AddType .aif audio/x-aiff binary 1.0 AddType .ra audio/x-realaudio binary 1.0 AddType .ram audio/x-pn-realaudio binary 1.0 AddType .rpm audio/x-pn-realaudio-plugin binary 1.0 AddType .wav audio/x-wav binary 1.0 # Windows+ WAVE format AddType .pdb chemical/x-pdb binary 0.8 AddType .xyz chemical/x-pdb binary 0.8 # Graphic (image) types AddType .bmp image/bmp binary 1.0 # OS/2 bitmap format AddType .ras image/x-cmu-raster binary 1.0 AddType .gif image/gif binary 1.0 # GIF AddType .ief image/ief binary 1.0 # Image Exchange fmt AddType .jpg image/jpeg binary 1.0 # JPEG AddType .JPG image/jpeg binary 1.0 AddType .JPE image/jpeg binary 1.0 AddType .jpe image/jpeg binary 1.0 AddType .JPEG image/jpeg binary 1.0 AddType .jpeg image/jpeg binary 1.0 AddType .png image/png binary 1.0 # Portable Network Graphics AddType .tif image/tiff binary 1.0 # TIFF AddType .tiff image/tiff binary 1.0 AddType .pnm image/x-portable-anymap binary 1.0 # PBM Anymap format AddType .pbm image/x-portable-bitmap binary 1.0 # PBM Bitmap format AddType .pgm image/x-portable-graymap binary 1.0 # PBM Graymap format AddType .ppm image/x-portable-pixmap binary 1.0 # PBM Pixmap format AddType .rgb image/x-rgb binary 1.0 AddType .xbm image/x-xbitmap binary 1.0 # X bitmap AddType .xpm image/x-xpixmap binary 1.0 # X pixmap format AddType .xwd image/x-xwindowdump binary 1.0 # X window dump (xwd) # "Multipart" (containers) AddType .tar multipart/x-tar binary 1.0 # 4. 3BSD tar AddType .ustar multipart/x-ustar binary 1.0 # POSIX tar AddType .zip multipart/x-zip binary 1.0 # PKZIP # Text file types AddType .css text/css 8bit 1.0 # W3C Cascading Style Sheets AddType .html text/html 8bit 1.0 # HTML AddType .htm text/html 8bit 1.0 # HTML on PCs AddType .c text/plain 7bit 0.5 # C source AddType .h text/plain 7bit 0.5 # C headers AddType .C text/plain 7bit 0.5 # C++ source AddType .cc text/plain 7bit 0.5 # C++ source AddType .hh text/plain 7bit 0.5 # C++ headers AddType .java text/plain 7bit 0.5 # Java source AddType .m text/plain 7bit 0.5 # Objective-C source AddType .f90 text/plain 7bit 0.5 # Fortran 90 source AddType .txt text/plain 7bit 0.5 # Plain text AddType .cxx text/plain 7bit 0.5 # C++ AddType .for text/plain 7bit 0.5 # Fortran AddType .mar text/plain 7bit 0.5 # MACRO AddType .log text/plain 7bit 0.5 # logfiles AddType .com text/plain 7bit 0.5 # scripts AddType .sdml text/plain 7bit 0.5 # SDML AddType .list text/plain 7bit 0.5 # listfiles AddType .lst text/plain 7bit 0.5 # listfiles AddType .def text/plain 7bit 0.5 # definition files AddType .conf text/plain 7bit 0.5 # definition files AddType . text/plain 7bit 0.5 # files with no extension AddType .rtx text/richtext 7bit 1.0 # MIME Richtext format AddType .tsv text/tab-separated-values 7bit 1.0 # Tab-separated values AddType .etx text/x-setext 7bit 0.9 # Struct Enchanced Txt AddType .asm text/x-asm 7bit 1.0 # ASM source AddType .sgm text/x-sgml 8bit 1.0 # SGML source AddType .sgml text/x-sgml 8bit 1.0 # SGML source AddType .htmls text/x-ssi-html 8bit 1.0 # Server-side includes AddType .shtml text/x-ssi-html 8bit 1.0 # Server-side includes AddType .uil text/x-uil 8bit 1.0 # AddType .uu text/x-uuencode 8bit 1.0 # # Video formats AddType .mpg video/mpeg binary 1.0 AddType .mpe video/mpeg binary 1.0 AddType .mpeg video/mpeg binary 1.0 AddType .qt video/quicktime binary 1.0 # QuickTime AddType .mov video/quicktime binary 1.0 AddType .avi video/x-msvideo binary 1.0 # MS Video for Windows AddType .movie video/x-sgi-movie binary 1.0 # SGI movieplayer AddType .mjpg video/x-motion-jpeg binary 1.0 # # "WWW" - internal - types AddType .mime www/mime binary 1.0 # Internal -- MIME is not recursive # Extension types AddType .ice x-conference/x-cooltalk binary 1.0 AddType .wrl x-world/x-vrml binary 1.0 # VRML # When all else fails... AddType *.* application/octet-stream binary 0.1 # Try to guess AddType * application/octet-stream binary 0.1 # Try to guess # Map suffixes to MIME content-encodings. # These are usually extra suffixes that modify the base file. # # Defaults: <none> # Syntax: AddEncoding <.suffix><encoding> AddEncoding .Z x-compress 1.0 # Compressed data AddEncoding .gz x-gzip 1.0 # Compressed data # ===================================================================== # # # Error Message directives # # ===================================================================== # # ErrorPage directive: # # Specifies the html file name to be returned by the server to the # client when a specific error occurs. # # NOTE: Please see "Error Conditions, Causes, and Default Messages" # in the online documentation for a list keywords. # # Default: <none> # Syntax: ErrorPage <keyword> </path/filename.html> # # Example: # ErrorPage scriptstart /errorpages/scriptstart.html # ErrorPage badrange /errorpages/badrange.htmls ErrorPage badredirect /errorpages/badredirect.htmls ErrorPage badrequest /errorpages/badrequest.htmls ErrorPage badscript /errorpages/badscript.htmls ErrorPage baduser /errorpages/baduser.htmls ErrorPage blocked /errorpages/blocked.htmls ErrorPage byrule /errorpages/byrule.htmls ErrorPage cacheexp /errorpages/cacheexp.htmls ErrorPage cachenoconn /errorpages/cachenoconn.htmls ErrorPage cachenotopened /errorpages/cachenotopened.htmls ErrorPage cacheonly /errorpages/cacheonly.htmls ErrorPage connectfail /errorpages/connectfail.htmls ErrorPage deletefailed /errorpages/deletefailed.htmls ErrorPage dirbrowse /errorpages/dirbrowse.htmls ErrorPage dirnobrowse /errorpages/dirnobrowse.htmls ErrorPage dotdot /errorpages/dotdot.htmls ErrorPage expectfailed /errorpages/expectfailed.htmls ErrorPage ftpanonloginrej /errorpages/ftpanonloginrej.htmls ErrorPage ftpauth /errorpages/ftpauth.htmls ErrorPage ftpbad220 /errorpages/ftpbad220.htmls ErrorPage ftphpanonloginrej /errorpages/ftphpanonloginrej.htmls ErrorPage ftphpbad220 /errorpages/ftphpbad220.htmls ErrorPage ftphploginrej /errorpages/ftphploginrej.htmls ErrorPage ftphpnoconnect /errorpages/ftphpnoconnect.htmls ErrorPage ftphpnoresponse /errorpages/ftphpnoresponse.htmls ErrorPage ftphpnosocket /errorpages/ftphpnosocket.htmls ErrorPage ftphpunreshost /errorpages/ftphpunreshost.htmls ErrorPage ftploginrej /errorpages/ftploginrej.htmls ErrorPage ftploginreq /errorpages/ftploginreq.htmls ErrorPage ftpnoconnect /errorpages/ftpnoconnect.htmls ErrorPage ftpnodata /errorpages/ftpnodata.htmls ErrorPage ftpnoresponse /errorpages/ftpnoresponse.htmls ErrorPage ftpnosocket /errorpages/ftpnosocket.htmls ErrorPage ftpunrechost /errorpages/ftpunrechost.htmls ErrorPage ftpunreshost /errorpages/ftpunreshost.htmls ErrorPage hpforbidden /errorpages/hpforbidden.htmls ErrorPage httpnodata /errorpages/httpnodata.htmls ErrorPage httpnoforward /errorpages/httpnoforward.htmls ErrorPage httpnosend /errorpages/httpnosend.htmls ErrorPage httpunreshost /errorpages/httpunreshost.htmls ErrorPage ipmask /errorpages/ipmask.htmls ErrorPage ipmaskproxy /errorpages/ipmaskproxy.htmls ErrorPage methoddisabled /errorpages/methoddisabled.htmls ErrorPage multifail /errorpages/multifail.htmls ErrorPage noaccess /errorpages/noaccess.htmls ErrorPage noacl /errorpages/noacl.htmls ErrorPage nocachenoconn /errorpages/nocachenoconn.htmls ErrorPage noentry /errorpages/noentry.htmls ErrorPage noformat /errorpages/noformat.htmls ErrorPage nohostheader /errorpages/nohostheader.htmls ErrorPage noopen /errorpages/noopen.htmls ErrorPage nopartner /errorpages/nopartner.htmls ErrorPage norep /errorpages/norep.htmls ErrorPage notallowed /errorpages/notallowed.htmls ErrorPage notauthorized /errorpages/notauthorized.htmls ErrorPage notfound /errorpages/notfound.htmls ErrorPage notmember /errorpages/notmember.htmls ErrorPage olproxnocontact /errorpages/olproxnocontact.htmls ErrorPage openfailed /errorpages/openfailed.htmls ErrorPage originbadresp /errorpages/originbadresp.htmls ErrorPage preconfail /errorpages/preconfail.htmls ErrorPage proxybadurl /errorpages/proxybadurl.htmls ErrorPage proxyfail /errorpages/proxyfail.htmls ErrorPage proxynotauth /errorpages/proxynotauth.htmls ErrorPage proxynotmember /errorpages/proxynotmember.htmls ErrorPage putfailed /errorpages/putfailed.htmls ErrorPage rchunkerror /errorpages/rchunkerror.htmls ErrorPage rchunkmemory /errorpages/rchunkmemory.htmls ErrorPage scriptinterr /errorpages/scriptinterr.htmls ErrorPage scriptio /errorpages/scriptio.htmls ErrorPage scriptnocomm /errorpages/scriptnocomm.htmls ErrorPage scriptnotfound /errorpages/scriptnotfound.htmls ErrorPage scriptnovari /errorpages/scriptnovari.htmls ErrorPage scriptstart /errorpages/scriptstart.htmls ErrorPage servermaperror /errorpages/servermaperror.htmls ErrorPage setuperror /errorpages/setuperror.htmls ErrorPage throttled /errorpages/throttled.htmls ErrorPage unknownmethod /errorpages/unknownmethod.htmls # ===================================================================== # # # API directives: # # ===================================================================== # # ServerInit directive: # # Specify a customized application function you want the server # to call during the server's initialization routines. This code # will be executed before any client requests are read. # # Default: <none> # Syntax: ServerInit </path/file:function_name> # # Example: # ServerInit /www/api/bin/icsext05.so:svr_init # # #WES # ********R E A D T H I S********************************** # The Everyplace Suite installer program should create the following file. # If you are running in a SecureWay Directory environment, the values from this file # will be overridden by the values in the SecureWay Directory table. ServerInit /usr/bin/wesauth.so:InitAS /usr/lpp/IBMEPS.Auth/ibmwesas.conf # PreExit directive: # # Specify a customized application function you want the server to # call during the User PreExit step. This code will be executed after # a client request has been read but before any other processing # occurs. You can call the goserve module during this step. # # Default: <none> # Syntax: PreExit </path/file:function_name> # # Example: # PreExit /www/api/bin/icsext05.so:pre_exit # Authentication directive: # # Specify a customized application function you want the server to # call during the Authentication step. This code will be executed based # on the authentication scheme. Currently, only Basic authentication # is supported. # # Default: <none> # Syntax: Authentication <type> </path/file:function_name> # # Example: # Authentication BASIC /www/api/bin/icsextpgm.so:basic_authen # NameTrans directive: # # Specify a customized application function you want the server # to call during the Name Translation step. This code would supply # the mechanism for translating the virtual path in the request to # the physical path on the server, mapping URLs to specific objects. # # Default: <none> # Syntax: NameTrans </URL> </path/file:function_name> <IP_address_template> # # Example: # NameTrans /index.html /www/api/bin/icsextpgm.so:trans_url # Authorization directive: # # Specify a customized application function you want the server # to call during the Authorization step. This code would verify # that the requested object can be served to the client. # # Default: <none> # Syntax: Authorization </URL> </path/file:function_name> # # Example: # Authorization /index.html /www/api/bin/icsextpgm.so:trans_url # #WES # The following line requires authorization for every page, including http and https: #Authorization * /usr/bin/wesauth.so:AuthAS Authorization http://servicewes1:15080/* /usr/bin/wesauth.so:AuthAS ###################################### # # UNPROTECTED ALIASES # ###################################### Proxy /tsm-enroll/* http://servicewes1:18080/* Proxy /enroll/* http://servicewes1:18080/enroll/* Proxy /art/* http://servicewes1:18080/art/* # ObjectType directive: # # Specify a customized application function you want the server # to call during the Object Type step. This code would locate the # requested object in the file system and identify its MIME type. # # Default: <none> # Syntax: ObjectType </URL> </path/file:function_name> # # Example: # ObjectType /index.html /www/api/bin/icsextpgm.so:obj_type # Service directive: # # Specify a customized application function you want the server # to call during the Service step. This code would service the client # request. For example, it sends the file or runs the CGI program. # # Default: <none> # Syntax: Service </URL> </path/file:function_name> <IP_address_template> # # Example: # Service /index.html /www/api/bin/icsext05.so:serve_req # Transmogrifier directive: # # Specify a customized application function you want the server # to call during the Transmogrifier step. This code would provide four # application functions: an open function, a write function, a close # function, and an error function. # # Default: <none> # Syntax: Transmogrifier </path/file:open_function_name:write_function_name:close_function_name:error_function_name> # # Example: # Transmogrifier /www/api/bin/icsext05.so:my_open:my_write:my_close:my_error # Log directive: # # Specify a customized application function you want the server # to call during the Log step. This code would supply logging and # other processing you want performed after the connection has # been closed. # # Default: <none> # Syntax: Log </URL> </path/file:function_name> # # Example: # Log /index.html /www/api/bin/icsextpgm.so:trans_url # Error directive: # # Specify a customized application function you want the server # to call during the Error step. This code would execute only when # an error is encountered to provide customized error routines. # # Default: <none> # Syntax: Error </URL> </path/file:function_name> # # Example: # Error /index.html /www/api/bin/icsext05.so:error_rtns # PostExit directive: # # Specify a customized application function you want the server # to call during the Post-exit step. This code will be executed # regardless of the return codes from previous steps. It allows # you to clean up any resources allocated to process the request. # # Default: <none> # Syntax: PostExit </path/file:function_name> # # Example: # PostExit /www/api/bin/icsext05.so:post_exit # ServerTerm directive: # # Specify a customized application function you want the server # to call during the Server Termination step. This code would # execute when an orderly shutdown occurs and allows you to # release resources allocated by a PreExit application function. # # Default: <none> # Syntax: ServerTerm </path/file:function_name> # # Example: # ServerTerm /www/api/bin/icsext05.so:shut_down ServerTerm /usr/bin/wesauth.so:TermAS # Midnight directive: # # Specify a customized application function you want the server # to call at midnight. # # Default: Midnight /usr/lib/archive.so:begin # Syntax: Midnight </path/file:function_name> Midnight /usr/lib/archive.so:begin # See also the 'Service' directive, which is an API directive, but # comes after the document protection directives. # ===================================================================== # # # User authentication and document protection # # ===================================================================== # # Within the configuration file, there are three directives that # define file access protection: # Protect, DefProt, and Protection. # # A Protection setup contains subdirectives that define how a set # of resources is to be protected. The protection setup is used on # a DefProt or Protect directive. The subdirectives can be coded # * on a preceding Protection directive # * in-line on the DefProt or Protect directive # * in a separate protection file # # The Protect and DefProt directives define the association of a # Protection setup with a set of resources to be protected. # * The DefProt statement associates a Protection setup with a URL # template but does not activate protection. # * The Protect statement associates a Protection setup with a URL # template and activates the protection. # # If your server has multiple network connections, you can optionally # specify an address template on either the DefProt or Protect directive # to restrict the server to using the directive only for requests that # come to the server on a connection with an address matching the # template. # # NOTE: The address of the server's network connection is compared to # the template, NOT the address of the requesting client. # # You can specify a complete IP address (for example, FOR 9.67.106.79), # or you can use a wildcard(*) character and specify a template # (for example, FOR 9.83.*). # # # Protection directive: # # Default: <none> # Syntax: Protection setup-name { directives } # # Within the braces, any combination of twelve(12) possible # protection subdirectives can be defined: # UserID, GroupID, ServerID, AuthType, # GetMask, PutMask, PostMask, DeleteMask, Mask, # PasswdFile, GroupFile # # # Protect directive: # # Default: <none> # Syntax for a Protect directive pointing to a Protection directive: # Protect request-template setup-name [FOR IP-address-label] # # Syntax for a Protect directive with protection settings defined # inline: # Protect request-template [IP-address-label] { # protection setting # protection setting # . # . # . # } # Example: # Protect /secret/* CustomerA-PROT # Protect /secret/* { # ServerID ServerName # AuthType Basic # PasswdFile /docs/www/restricted.pwd # GroupFile /docs/www/restricted.grp # GetMask authors # } # Protect /secret/* CustomerA-PROT FOR 9.67.106.79 # Protect /secret/* 9.83.* { # ServerID ServerName # AuthType Basic # PasswdFile /docs/www/restricted.pwd # GroupFile /docs/www/restricted.grp # GetMask authors # } # # # DefProt directive: # # Syntax for a DefProt directive pointing to a Protection directive: # DefProt request-template setup-name [FOR IP-address-label] # # Syntax for a Protect directive with protection settings defined # inline: # DefProt request-template [IP-address-label] { # protection setting # protection setting # . # . # . # } # # Example: # DefProt /secret/* CustomerA-PROT # DefProt /secret/* { # ServerID ServerName # AuthType Basic # PasswdFile /docs/www/restricted.pwd # GroupFile /docs/www/restricted.grp # GetMask authors # } # DefProt /secret/* CustomerA-PROT FOR 9.67.106.79 # DefProt /secret/* 9.83.* { # ServerID ServerName # AuthType Basic # PasswdFile /docs/www/restricted.pwd # GroupFile /docs/www/restricted.grp # GetMask authors # } # # # Example DefProt and Protect and Protection directives: # # Protection setup by usernames; specify groups in the group # file, if you need groups; create and maintain password files # with the htadm program. # # Protection PROT-SETUP-USERS { # ServerId YourServersFancyName # AuthType Basic # PasswdFile /where/ever/passwd # GroupFile /where/ever/group # GET-Mask user, user, group, group, user # } # # # Protection setup by hosts; you can use both domain name # templates and IP number templates # # Protection PROT-SETUP-HOSTS { # ServerId YourServersFancyName # AuthType Basic # PasswdFile /where/ever/passwd # GroupFile /where/ever/group # GET-Mask @(*.cern.ch, 128.141.*.*, *.ncsa.uiuc.edu) # } # DefProt /very/secret/URL/* # Protect /very/secret/URL/* PROT-SETUP-USERS # Protect /another/secret/URL/* PROT-SETUP-HOSTS # Protection PROT-ADMIN { ServerId Private_Authorization AuthType Basic GetMask All@(*) PutMask All@(*) PostMask All@(*) Mask All@(*) PasswdFile /opt/IBMWTE/usr/internet/server_root/protect/webadmin.passwd } #WES #********You can change the ServerID line to suit your needs********** # The ServerID line determines what name will be shown in the authentication dialog box # on the client machine. Protection PROT-AS { ServerId WES_Support AuthType Basic Mask All@(*) } Protect /admin-bin/* PROT-ADMIN Protect /reports/* PROT-ADMIN Protect /Usage* PROT-ADMIN # Added for Authentication server #Protect /* PROT-AS Protect /tsm_sc/* PROT-AS Protect /selfcare/* PROT-AS # # Service directive: # # Default: <none> # Syntax: service <URL> <program> # Service /ndadvisor INTERNAL:NDAdvisor service /Usage* INTERNAL:UsageFn service /admin-bin/trace* INTERNAL:TraceFn # ===================================================================== # # # Mapping rules # # ===================================================================== # # The Pass, Fail, Exec, Map, Redirect, and Proxy rules are used for # mapping a request URL to another URL or a physical file. # # The rules specify templates and a file directory or new URL to replace # the template in the request. If a request comes in and the URL of the # request matches one of the mapping rules, the rule is applied. Asterisks # are used as wild cards and must appear in both the request template and # the replacement template. The Fail rule does not have a replacement template. # # The Pass, Fail, and Exec rules are used for mapping from a request URL # to a physical file. The Map rule is used for mapping from one url to # another. The Proxy rule is used for mapping from a request URL to a URL # which will be passed on to another server and requires a full URL in the # replacement template. Redirect will direct the client to pass the request # on to another server and requires a full URL in the replacement template. # # The rules are applied in the order they appear in the configuration file # until a request template has been matched or until there are no more rules # to apply. The Map rule will modify the request as defined by the replacement # template and then will continue processing the remaining rules against the # mapped request. All other rules will stop applying rules once one of the # rules has been matched. # # If your server has multiple network connections, you can optionally # specify an address template to restrict the server to using the # directive only for requests that come to the server on a connection # with an address matching the template. # # NOTE: the address of the servers network connection is compared # to the template, not the address of the requesting client. # # You can specify a complete IP address (for example, 9.67.106.79). # # Default: <none> # Syntax: rule request-template result [IP-address-template] # # # Example: # Exec /cgi-bin/* /CGI-BIN/CustomerA/* 9.67.109.79 # Map /data/* /www/data/* # Map /mess/* /www/junk/* # Map /books/stuff/* /www/docs/* # Fail /bogus/* 9.67.105.79 # Fail /ddd/eee/* # Redirect /old/server/* http://new.server.loc/newpath/* # Proxy /hosta/* http://hosta/* # Pass /buck/* /diskx/bin/* # # Added for Authentication Server TPSM enrollment # The enrollment server config is only for Auth Servre testing # as this server should be out the WES domain. Change to the # correct TPSM machine. The http request is # http://wesaix04:8001/tsm-enroll/enroll.html # You should change the machine names in the example to match those # of your TPSM machine. # #WES # An example of how to use a proxy statement is as follows: # Proxy /ibm/* http://www.ibm.com/* # From the client browser, you would access the URL # http://server:port/ibm/ # This statement makes it appear that the remote page is actually contained on the # local machine. Remember that proxy statements work best on pages that you maintain # because absolute links will not work. # If a link references www.ibm.com/images/logo.gif, it will not access the image # correctly. In this situation, you should create a relative link to the # image. An example would be /images/logo.gif. # For this example, you need to add another proxy line in order to correctly proxy # the images directory. Example: Proxy /images/* http://www.ibm.com/images/* # The correct way to access the image is as follows: http://server:port/images/logo.gif. # Here are some examples we have added for Tivoli Personalized Services Manager. #Proxy /tsm-enroll/* http://servicewes1:18080/* #Proxy /enroll/* http://servicewes1:18080/enroll/* #Proxy /art/* http://servicewes1:18080/art/* # Tivoli Personalized Services Manager Personal (Personal has links to the selfcare appls) # It shoud be accessed by # http://wteserver:port/perso/samples/welcome.jsp # However, the welcome.jsp in /usr/TivTSM/personal/content/samples contains some gif # files that reside on www.tivoli.com, which results in blank image under AP # Proxy /perso/* http://servicewes1:16080/perso/* Proxy /images/* http://servicewes1:16080/images/* # # Tivoli Personalized Services Manager Selfcare # For selfcare access, use # http://wteserver:port/tsm_sc/selfcare # Proxy /tsm_sc/* http://servicewes1:15080/* Proxy /selfcare/* http://servicewes1:15080/selfcare/* # If there is any back-end original server, say backserver-1, other than the TPSM # machine, that you don't want the request be transformed by WTP, in which case, # you still a Proxy directive for this specific server Proxy /bs-1/* http://backserver-1:port/* # # and the request would be # http://wte-server:port/* # and later on, the no_proxy line need to be specified--see "no_proxy" for details #WES # For testing purposes, you may choose to add the following line at the # bottom of your proxy statements. Adding this line will map everything that # does not match another proxy statement to the specified site. Again, this is # for testing and should probably not be used in the real world. # For example http://wteserver:port/www.yahoo.com # is mapped to http://www.yahoo.com # #Proxy /* http://* # # Scripts; URLs starting with /cgi-bin/ will be understood as # script calls in the directory /opt/IBMWTE/usr/internet/server_root/cgi-bin/ # # URLs starting with /admin-bin/ will be understood as # script calls in the directory /opt/IBMWTE/usr/internet/server_root/admin-bin/ # Pass /admin-bin/webexec/*.style /opt/IBMWTE/usr/internet/server_root/admin-bin/webexec/*.style Pass /admin-bin/webexec/*.NLS /opt/IBMWTE/usr/internet/server_root/admin-bin/webexec/*.NLS Pass /admin-bin/webexec/*.props /opt/IBMWTE/usr/internet/server_root/admin-bin/webexec/*.props Pass /admin-bin/webexec/*.class /opt/IBMWTE/usr/internet/server_root/admin-bin/webexec/*.class Pass /admin-bin/webexec/*.gif /opt/IBMWTE/usr/internet/server_root/admin-bin/webexec/*.gif Pass /admin-bin/webexec/*.jar /opt/IBMWTE/usr/internet/server_root/admin-bin/webexec/*.jar Pass /admin-bin/webexec/*.html /opt/IBMWTE/usr/internet/server_root/admin-bin/webexec/*.html Pass /Docs/arrow*.gif /opt/IBMWTE/usr/internet/server_root/Docs/arrow*.gif Pass /Docs/up-arrow.gif /opt/IBMWTE/usr/internet/server_root/Docs/up-arrow.gif Pass /Docs/*.jar /opt/IBMWTE/usr/internet/server_root/Docs/*.jar Pass /Docs/*.class /opt/IBMWTE/usr/internet/server_root/Docs/*.jar #Pass /admin-bin/webexec/images/* /opt/IBMWTE/usr/internet/server_root/admin-bin/webexec/images* Pass /admin-bin/webexec/* /opt/IBMWTE/usr/internet/server_root/admin-bin/webexec/* Exec /cgi-bin/* /opt/IBMWTE/usr/internet/server_root/cgi-bin/* Exec /admin-bin/* /opt/IBMWTE/usr/internet/server_root/admin-bin/* Exec /Docs/admin-bin/* /opt/IBMWTE/usr/internet/server_root/admin-bin/* # # URL translation rules; If your documents are under # /opt/IBMWTE/usr/internet/server_root/pub/ then this single rule does the job: # Pass /icons/statusSB.gif /opt/IBMWTE/usr/internet/server_root/icons/statusSB.gif Pass /icons/* /opt/IBMWTE/usr/internet/server_root/icons/* Pass /Admin/* /opt/IBMWTE/usr/internet/server_root/Admin/* Pass /Docs/* /opt/IBMWTE/usr/internet/server_root/Docs/* Pass /htmldocs/* /opt/IBMWTE/usr/internet/server_root/Docs/htmldocs/* Pass /wsApplet/* /opt/IBMWTE/usr/internet/server_root/Applets/* Pass /errorpages/* /opt/IBMWTE/usr/internet/server_root/pub/errorpages/* # *** ADD NEW MAPPING RULES HERE *** Pass /* /opt/IBMWTE/usr/internet/server_root/pub/* # ===================================================================== # # # Performance directives # # ===================================================================== # # MaxActiveThreads directive: # # Defines the number of threads in system thread pool. # # Default: 100 # Syntax: MaxActiveThreads <num> MaxActiveThreads 100 # MaxPersistRequest directive: # # Maximum number of request to receive on a persistent connection. # # Default: 5 # Syntax: MaxPersistRequest <num> MaxPersistRequest 5 # DNS-Lookup directive: # # Instruct the server to look up hostnames of clients by # setting DNS-Lookup to "on". # NOTE: Turning DNS-Lookup "on" decreases server performance. # # Default: off # Syntax: DNS-Lookup <on | off> DNS-Lookup off # PureProxy directive: # # Specifies if the server is to be run purely as a proxy server. # # Default: on # Syntax: PureProxy <on | off> PureProxy on # MaxContentLengthBuffer directive: # # The server normally gives a content-length header line for every # document it returns. For dynamically-generated documents, the server # must buffer the document to compute the content length. This directive # can be used to set the size of this buffer. If it is exceeded the # document will be returned without a content-length header field (and # the connection will be forced closed: persistent connections cannot # be used unless the response has a content length). # # Default: 100 K # Syntax: MaxContentLengthBuffer <size> <K|M> # (Only one keyword/value pair allowed.) # MaxContentLengthBuffer 100 K # ProxyPersistence directive: # # Allows persistent connections, which will significantly reduce # latency for users and reduce CPU load on the proxy server. # # NOTE: Supporting persistent connections requires more threads, # and thus more memory, on the proxy server. In addition, # if you have a multi-level proxy server setup, and you # have any old (HTTP/1.0) proxies in the network, then you # MUST NOT use persistent connections at the proxy. # # Default: on # Syntax: ProxyPersistence <on | off> ProxyPersistence on # ===================================================================== # # # Timeout directives # # ===================================================================== # # Use these directives to: # * limit the time to wait for the client to send a request # after connecting to the server before cancelling the connection. # * limit the time allowed without network activity before # cancelling the connection. # * limit the time to allow for sending output to the client. # * limit the time to allow for CGI programs to finish. # (If the program does not finish within allotted time, the server # will kill the CGI program.) # * limit the time to wait for the client to send a request # after establishing a persistent connection to the server # before cancelling the connection. # # Default: InputTimeout 2 minutes # Default: ReadTimeout 5 minutes # Default: OutputTimeout 12 hours # Default: ScriptTimeout 5 minutes # Default: PersistTimeout 4 seconds # # Syntax: <directive> <time-spec> # InputTimeout 2 minutes ReadTimeout 5 minutes OutputTimeout 12 hours ScriptTimeout 5 minutes PersistTimeout 4 seconds # ===================================================================== # # # Proxy directives # # ===================================================================== # # Proxy server protection and caching directives # # Proxy protections; if you want only certain domains to # use your proxy, uncomment these lines and specify the Mask # with hostname templates or IP number templates: # # Protection PROXY-PROT { # ServerId YourProxyName # Mask @(*.cern.ch, 128.141.*.*, *.ncsa.uiuc.edu) # } # Protect * PROXY-PROT # # Protect http:* PROXY-PROT # Protect ftp:* PROXY-PROT # Protect gopher:* PROXY-PROT # Specify the protocols that this proxy server will forward: # Proxy http:* Proxy ftp:* Proxy gopher:* # SSLTunneling directive: # # Enable SSL Tunneling to any port. You must also make sure that # the CONNECT method is enabled; use the directive "Enable" to # do this. # # Default: on # Syntax: SSLTunneling <on | off> SSLTunneling on # Proxy-to-Proxy directives: # Also known as Proxy Chaining # # ftp_proxy directive: # # Use this directive to specify the name of another proxy web server # this server should contact for FTP requests rather than contacting # the FTP Server named in the request URL directly. # # Default: <none> # Syntax: ftp_proxy <outer_proxy_server_URL> # # Example: # ftp_proxy http://outer.proxy.name/ # gopher_proxy directive: # # Use this directive to specify the name of another proxy web server # this server should contact for Gopher requests rather than contacting # the Gopher Server named in the request URL directly. # # Default: <none> # Syntax: gopher_proxy <outer_proxy_server_URL> # # Example: # gopher_proxy http://outer.proxy.name/ # http_proxy directive: # # Use this directive to specify the name of another proxy web server # this server should contact for HTTP requests rather than contacting # the HTTP Server named in the request URL directly. # # Default: <none> # Syntax: http_proxy <outer_proxy_server_URL> # # Example: # http_proxy http://outer.proxy.name/ # # Added for Authentication Server, this will be the WTP #http_proxy http://brooktrout.raleigh.ibm.com:8088/ # no_proxy directive: # # Specify the domains to which the server should directly connect. # This is ONLY used when doing proxy chaining (i.e., when an # http_proxy, ftp_proxy, and/or gopher_proxy is defined). This # directive does NOT apply when the proxy goes through a SOCKS server; # use socks.conf for that purpose. Also, if you are using neither # proxy chaining nor SOCKS, then this directive is not needed. # # Specify the value as a string of domain names or domain name # templates. Separate each entry in the string with a comma. # # Do NOT put any spaces in the string. # You CANNOT use the wildcard character (*). # You CAN specify a template by including only the last part of a domain # name. # # Default: <none> # Syntax: no_proxy <non-proxy domain specification> # # Example: # no_proxy www.someco.com,.raleigh.ibm.com,.some.host.org:8080 # # this is to send traffic around the WTP to go to backserver-1 directly no_proxy raleigh.ibm.com # ===================================================================== # # # Proxy caching directives # # ===================================================================== # # Caching directive: # # Turn on proxy caching here. To enable proxy caching, you must: # 1) set the Caching directive to ON, and # 2) specify at least one CacheDev (raw partition or file), or # specify CacheMemory (if no CacheDev, then memory cache is used) # # There are three different types of caches: # - memory cache - fastest, but limited by amount of RAM # - raw disk cache - fast, only limited by disk space # - file cache - slowest, but convenient # # For raw disk and file caches, the htcformat utility must be used # to set up the devices and/or files. The CacheDev and BlockSize # directives need to be specified. Multiple CacheDev directives can be # specified, mixing both file caches and raw disk caches if needed, # and the total space from those devices will be used as single # cache. For disk (rather than memory) caches, the CacheMemory # directive can still be used to tell the proxy how much memory it # can use to efficiently manage the disk cache. CacheMemory should # be set to at least 1% of the total size of the disk cache. # # For a memory cache, simply specify the CacheMemory directive for the # desired cache size, and do not specified any CacheDev directives. # # The minimum cache size allowed is 16392 K (16 M + 1 block), which # can be either 16392 K of a memory cache, or a single cache device # of 16392 K. This value is also the minimum size for a single cache # device, so you cannot specify two devices that add up to only # 16392 K. # # Default: OFF # Syntax: Caching <ON | on | OFF | off> #WES #************R E A D T H I S********************** #For our testing purposes, caching has been turned off. For real world #applications, you will probably want to utilize caching. Caching OFF # CacheDev directive: # # Specify the cache device(s) to be used for the cache. The minimum # size for an individual cache device is 16392 K. # # Default: none # Syntax: CacheDev <raw disk partition | file> # # Examples: CacheDev /dev/rwtecache # CacheDev /wtecache/filecache1 #CacheDev /dev/rwtecache # CacheMemory directive: # # Specify the amount of RAM associated with the cache. See the # explanations in the Caching section above for more information # about the use of this directive. If the proxy needs more memory # than is specified for this directive, it will use what it needs # and send a warning message indicating this to the EventLog when # the proxy starts up and initializes the cache. There is more # memory overhead per cache device, so memory utilization is more # efficient for fewer cache devices. As a guideline, memory # utilization is also better for larger caches (1 G and up) than # for smaller caches. With a cache device over 1 G in size, the # amount of memory used will be approximately 1% of the total cache # size. Each cache device uses a minimum of about 8.5 M of memory. # # The unit specified can be B (bytes), K (kilobytes), M (megabytes), # or G (gigabytes). If you do not specify a unit, it assumes M. # # Minimum for a memory cache: 16392 K # Minimum for a non-memory cache: 1 K # Default: there is no default value, this must be specified # Syntax: CacheMemory <size> B | K | M | G CacheMemory 16392 K # BlockSize directive: # # Specify the size (in bytes) of the blocks within the cache. # The same BlockSize value will be used for all devices specified # via the CacheDev directives. # # Default: 8192 (the only supported BlockSize is 8192 bytes) # Syntax: BlockSize <size> #BlockSize 8192 # CacheDefaultExpiry directive: # # Specify the expiry date for files which do not include an explicit # expiry date and do not have a last-modified date that would allow us # to compute an expiry based on the CacheLastModifiedFactor. This is # most useful for protocols that do not have any way to transmit this # information, such as FTP or Gopher. # # NOTE: The default expiration for HTTP is 0. HTTP should be kept at 0 # because many script programs don't give an expiration date, yet # their output expires immediately. A value other than zero may # cause problems. # # Defaults: http:* 0 days # ftp:* 1 day # gopher:* 2 days # Syntax: CacheDefaultExpiry <URL pattern> <time period> # # Example: set default expiration for all FTP files to 14 days # CacheDefaultExpiry ftp:* 1 fortnight CacheDefaultExpiry http:* 0 days CacheDefaultExpiry ftp:* 1 day CacheDefaultExpiry gopher:* 2 days # CacheRefreshInterval directive: # # This directive specifies when to revalidate - check with the # origin to see if they've changed - documents. The difference # between this directive and CacheClean (below) is that CacheClean # will cause documents to be removed from the cache after a # given period of time, while CacheRefreshInterval will just # force the proxy to revalidate them before using them. # # Defaults: 2 weeks for all documents # Syntax: CacheRefreshInterval <URL pattern> <time period> # - This form specifies the refresh interval for # and URLs matching <URL pattern> # CacheRefreshInterval pattern> <time period> # - This specifies the refresh interval for any # documents NOT matching a <URL pattern> in # another CacheRefreshInterval directive - in # other words, the default refresh interval. # # Example: refresh all .gif images after 8 hours, and all other documents # after a week. # CacheRefreshInterval *.gif 8 hours # CacheRefreshInterval 1 week CacheRefreshInterval 2 weeks # CacheUnused directive: # # Specify how long the proxy cache should keep files which have not # been used (requested by a client). Unused files which have been in # the cache longer than this will be removed during garbage collection. # # Default: 2 days for http:* # 3 days for ftp:* # 12 hours for gopher:* # Syntax: CacheUnused <URL pattern> <time period> CacheUnused http:* 2 days CacheUnused ftp:* 3 days CacheUnused gopher:* 12 hours # CacheExpiryCheck directive: # # Normally, a caching proxy will check that the files in its cache # have not expired. In special circumstances (such as a network outage) # you may want to disable this check; the proxy will then serve files # from its cache even if they're out of date. # # Default: on # Syntax: CacheExpiryCheck <on | off> CacheExpiryCheck on # CacheNoConnect directive: # # In normal situations, the proxy server will contact the content # server to fetch pages. However, in special situations (such as # a demonstration at a trade show), you may not want the proxy server # to try to contact the origin server. Setting CacheNoConnect "on" # prevents the proxy from contacting the origin server. # # Default: off # Syntax: CacheNoConnect <on | off> CacheNoConnect off # CacheTimeMargin directive: # # The proxy server will not cache documents which are due to expire # 'soon'. This directive defines what 'soon' is. In other words, a # document's expiry date must be further in the future than the # CacheTimeMargin when WTE receives it in order for it to be cached. # # Default: 10 minutes # Syntax: CacheTimeMargin <time period> CacheTimeMargin 10 minutes # CacheLastModifiedFactor directive: # # Use this directive to have the server set expirations for files which # have a Last-Modified date, but no Expires date. The server uses the # Last-Modified date to determine how long it has been since the file # was modified, then multiplies that time by the fraction specified by # the value on this directive to determine the proportion of a file's # age (LastModified) to be used as the expiry time. The assumption # is that files that have changed recently are probably changing # frequently, while files that have not been modified in some time have # stablizied and do not need to be refreshed as frequently. # # The higher this value is set, the longer these files will reside in # the cache without being checked for freshness. Setting this value too # high may cause stale (out-of-date) files to be served from cache. # # For example, if a file was last modified 1 month ago and # CacheLastModifiedFactor was set to 0.5, the file would expire in # approximately 15 days (half a month). If the file was changed 4 days # ago, and CacheLastModifiedFactor was set to 0.25, the file would # expire in 1 day. # # If a CacheLastModifiedFactor of -1 is specified, the file # last-modified date will not be used to calculate the file expiry time. # This setting is not suggested for normal operation, as it will result # in very few files being cached. # # Default: Numerous factors, based on file extensions. The defaults # reflect the fact that certain types of files - like # graphics - tend to have longer lifetimes. # Syntax: CacheLastModifiedFactor <URL pattern> <fraction> # # Example: # CacheLastModifiedFactor http://* 0.14 # CacheLastModifiedFactor ftp://* 0.25 CacheLastModifiedFactor http://*/ 0.10 CacheLastModifiedFactor http://*.htm* 0.20 CacheLastModifiedFactor http://*.gif 1.00 CacheLastModifiedFactor http://*.jpg 1.00 CacheLastModifiedFactor http://*.jpeg 1.00 CacheLastModifiedFactor http://*.png 1.00 CacheLastModifiedFactor http://*.tar 1.00 CacheLastModifiedFactor http://*.zip 1.00 CacheLastModifiedFactor http:* 0.15 CacheLastModifiedFactor ftp:* 0.50 CacheLastModifiedFactor * 0.10 # CacheMaxExpiry directive: # # Specify the maximum lifetime allowed for objects matching a given # request template. An object may still be kept longer than its # maximum lifetime, but it must be revalidated with the origin # server when its lifetime has been reached. A maximum lifetime # of 0 is interpreted as no maximum - the lifetime will not have # an upper limit. # # Note that it doesn't make much sense to set this higher than # CacheClean, as CacheClean specifies the maximum time an object can # remain in the cache before it is deleted. # # Default: 1 month for all objects # Syntax: CacheMaxExpiry <URL request template> <time spec> # # Example: .gif files may not have a lifetime longer than 2 weeks. # CacheMaxExpiry http://*.gif 2 weeks CacheMaxExpiry 1 month # CacheClean directive: # # Specify how long you want the server to keep cached files with URLs # matching a given request template. The server deletes cached files # whose URLs match a given request template after they have been cached # for the specified time, regardless of their expiration date. # # Default: 1 month for all objects # Syntax: CacheClean <URL request template> <time spec> # Example: # CacheClean http:* 2 weeks CacheClean 1 month # CacheFileSizeLimit directive: # # CacheFileSizeLimit specifies the maximum size for any file that will # be cached. The value can be specified in bytes (B), kilobytes (K), # megabytes (M), or gigabytes (G). # # Note that in previous releases, this directive was called # CacheLimit_2. The syntax of the directive remains unchanged. # # Default: CacheFileSizeLimit 4000 K # Syntax: CacheFileSizeLimit <bytes> <B|K|M|G> # # Example: Don't cache any files larger than 512 K. # CacheFileSizeLimit 512 K CacheFileSizeLimit 4000 K # CacheOnly and NoCaching directives: # # The server allows control over the files to be cached in two ways. # # CacheOnly - specifies a set of URLs which will be considered for # caching (URLs not in that list will never be cached) # NoCaching - specifies a set of URLs which must never be cached, # (all other URLs are candidates for caching) # # Default: <none> (for both CacheOnly and NoCaching) # Syntax: CacheOnly <URL pattern> # NoCaching <URL pattern> # # Example: # CacheOnly http://www.ibm.com/* # NoCaching http://never.cache.me.net/* # ContinueCaching directive: # # Specifies the point at which a file being received from a content # server will continue to be received from the content server and # stored in the cache even if the connection to the client which # requested the file has been terminated. The value specified # represents a percentage of the size of the file being transferred. # If less than this percentage of the file has been transferred from # the content server at the time the client connection is terminated, # file transfer from the content server will be terminated and the cache # file containing the partial file will be removed from the cache. # # Default: 75 # # Syntax: ContinueCaching <percent of file already transferred> # # Example: # ContinueCaching 75 # ===================================================================== # # # Proxy cache garbage collection directives # # ===================================================================== # # Gc (Garbage Collection) directive: # # In order for a caching proxy server to function efficiently, it # needs to sweep through the cache and remove out-of-date files on a # regular basis. This is called 'garbage collection'. It should only # be turned "off" in special circumstances, such as during an extended # network outage. # # Default: on # Syntax: Gc <on | off> Gc on # CacheAlgorithm directive: # # Specifies which cache algorithm the server will use. Choices # include: bandwidth, responsetime, and blend. Specifying # bandwidth will rate cache files to minimize network bandwidth. # Choosing responsetime will rank cached files to minimize response # time. The blend option will do a combination of the two. # # Default: bandwidth # Syntax: CacheAlgorithm <string> # where string is "bandwidth" | "responsetime" | "blend" # CacheAlgorithm bandwidth # GcHighWater directive: # # When the cache fills up to the high-water mark, garbage collection # will begin. The high-water mark is specified as a percentage of the # total cache capacity. Garbage collection will continue until the # low-water mark has been reached - see GcLowWater to set this. # The high-water mark must not be set above 95%, and normally should # not be set below 50%. # # Default: 90 (percent) # Syntax: GcHighWater <percentage> # # Example: Start garbage collection when cache utilization reaches 85% # GcHighWater 85 GcHighWater 90 # GcLowWater directive: # # Once cache garbage collection has begun, it will continue until # cache utilization reaches the low-water mark. The low-water mark is # specified as a percentage of the total cache capacity. The low-water # mark must be below the high-water mark; see the GcHighWater directive # for setting the high-water mark. # # Default: 60 (percent) # Syntax: GcLowWater <percentage> # # Example: End garbage collection when the cache reaches 75% full. # GcLowWater 75 GcLowWater 60 # ===================================================================== # # # Advanced proxy and caching directives # # ===================================================================== # # ProxyIgnoreNoCache directive: # # Allows the proxy server to ignore the "Pragma: no-cache" header # (usually sent by browsers when the user hits the "Reload" button) # and serve the content from cache (if available) in defiance of # the client's request. # # NOTE: This should ONLY be used in unusual circumstances. # # Default: off # Syntax: ProxyIgnoreNoCache <on | off> ProxyIgnoreNoCache off # AggressiveCaching directive: # # Allows the proxy server to cache responses which might not # ordinarily be cached, for example responses which contain # the "cache-control: no-cache" header. # # Default: <none> # Syntax: AggressiveCaching <URL pattern> # Example: # AggressiveCaching http://www.hosta.com/* # ProxySendClientAddress directive: # # Instructs the proxy to forward an HTTP header containing the # client's IP address. If ProxySendClientAddress is not defined, # client IP addresses are NOT forwarded. # # Default: <none> # Syntax: ProxySendClientAddress <HTTP header name> # # NOTE: The Remote Configuration forms only support 2 options: # (1) client IP addresses NOT forwarded # ProxySendClientAddress directive is removed # (2) client IP addresses ARE forwarded with Client-IP: header # ProxySendClientAddress Client-IP: # # Example: # ProxySendClientAddress Client-IP: # ProxyUserAgent directive: # # Substitute a different User-agent string for the one that the client # sends. This helps make the clients more anonymous when surfing the web. # User-agent strings may include spaces. # # NOTE: Some Web sites automatically generate different pages # for certain Web browsers (by looking at the User-Agent header), # so if you mask the identity of the browser, you won't be able # to see the pages that are customized for certain browsers. # # Default: <none> # Syntax: ProxyUserAgent <string> (in the form "ProductName/Version") # # Example: # ProxyUserAgent Mozilla/4.0 (emulation; Javelin/2.0) # ProxyFrom directive: # # Specifies the "From:" header to send on all requests that # go through this proxy. # # NOTE: Replaces the "From:" header sent by the client # # Default: <none> # Syntax: ProxyFrom <string> # # Example: # ProxyFrom webmaster@www.ibm.com # NoProxyHeader directive: # # Allows the proxy to block certain headers that clients send. # # NOTE: Any HTTP header (even required headers) can be blocked # with this directive, so extreme care should be used. # # Default: <none> # Syntax: NoProxyHeader <header> # # Example: # NoProxyHeader Referer: # CacheMinHold directive: # # Overrides the "Expires" tag on documents from certain sites. # These sites routinely force documents to expire immediately # even when they have a longer lifetime. # # Default: <none> # Syntax: CacheMinHold <URL pattern> <time spec> # # Example: # CacheMinHold http://www.cachebusters.com/* 1 hour # CacheLocalDomain directive: # # Allows local domain sites to be cached, when set "on". # # NOTE: Assumes hostnames without a domain name are local. # # Default: on # Syntax: CacheLocalDomain <on | off> CacheLocalDomain on # appendCRLFtoPost directive: # # Some Origin servers require a Carriage Return and Line Feed to # be appended at the end of the content body on a POST request. # Use the appendCRLFtoPost directive to specify sites which should # have the CRLF appended at the end of the content body when sending # a POST request to the site. # # Default: <none> # Syntax: appendCRLFtoPost <URL pattern> # # Example: # appendCRLFtoPost http://www.hosta.com/* # SendHTTP10outbound directive: # # Specifies the HTTP version to be used on requests sent outbound # to the origin server or to the next proxy in a chain of proxies. # SendHTTP10outbound should only be used if the origin server # or next downstream proxy have known problems handling HTTP/1.1 requests. # # Default: <none> # Syntax: SendHTTP10outbound <URL pattern> # #SendHTTP10outbound http://www.hosta.com/* #SendHTTP10Outbound http://*.mail.yahoo.com/* # CacheQueries directive: # # Specifies whether or not responses to queries should be cached. # If ALWAYS is specified, responses to queries will be cached as # long as the response is otherwise cacheable. # If PUBLIC is specified, responses to queries will be cached if # the response is marked as "public" by containing a # "cache-control: public header, or if the response contains # cache-control headers which will force re-validation on every request, and the # response is otherwise cacheable. # # Default: <none> # Syntax: CacheQueries <ALWAYS | PUBLIC> <URL Pattern> # # Example: # CacheQueries ALWAYS http://www.hosta.com/* # CacheQueries PUBLIC http://www.hostb.com/* # CacheByIncomingUrl directive: # # Specifies whether to use the incoming URL or the outgoing URL as # the basis for generating cache file names. # If ON is specified, the incoming URL will be used to generate the # cache file name. If OFF is specified, All applicable Name Translation # plug-ins and Map and Proxy rules will be applied to the incoming URL and # the resulting URL will be used to generate the cache name. # # Default: OFF # Syntax: CacheByIncomingUrl <on | off> CacheByIncomingUrl off # ===================================================================== # # # RCA (Remote Cache Access) directives # # ===================================================================== # # Version directive: # # Specify the protocol name and version. # # Default: <RCA/1.0> # Syntax: Version <protocol/major.minor> Version RCA/1.0 # ArrayName directive: # # Specify the name of this array. # # NOTE: This is an administrative aid. # Spaces are not allowed in the array name. # This directive is required. # # Default: <none> # Syntax: ArrayName <array name> # Example: # ArrayName mastiff # Member directive: # # Specify a member this array. # # Default: <none> # Syntax: Member Name { subdirectives } # # Name required; the hostname this member is known to # clients by # # subdirectives are one of: # RCAAddr required; IP address or hostname for RCA # communication # RCAPort required; port for RCA communication # Timeout ( milliseconds ) # optional; how long to wait for this member # before deciding rigor mortis has occured; # must be positive; default is 1000 ms # BindSpecific ( On | Off ) # optional; allows communications to occur on a # private subnet, providing a measure of security; # default is ON # ReuseAddr ( On | Off ) # optional; allows faster rejoining of the array; # "on" would allow other processes to steal the # port, causing undefined behaviour; # default is OFF # # Example: # Member bittersweet.chocolate.ibm.com { # RCAAddr 127.0.0.1 # RCAPort 6294 # Timeout 1000 milliseconds # BindSpecific On # ReuseAddr Off # } # ===================================================================== # # # SNMP directives # # ===================================================================== # # SNMP directive: # # Set SNMP communication on or off. # # Default: off # Syntax: SNMP <on | off> SNMP off # SNMPCommunity directive: # # The community name which is used by the server to communicate # with the SNMP agent. # # Default: public # Syntax: SNMPCommunity <public | community name> SNMPCommunity public # WebMasterEMail directive: # # The E-mail address of the person who should get communications # about this server # # Default: webmaster # Syntax: WebMasterEMail bigguy@mybox.com WebMasterEMail webmaster # ===================================================================== # # # Icon directives # # ===================================================================== # # AddIcon, AddDirIcon, AddBlankIcon, AddUnknownIcon and AddParentIcon # directives: # # AddIcon - Bind icon URL to a MIME content-type or # content-encoding. # AddDirIcon - Specify directory icon URL for directory listing # AddBlankIcon - Specify blank icon URL for directory listing # AddParentIcon - Specify parent directory icon URL for directory # listing # AddUnknownIcon - Specify unknown icon URL for directory listing # # Default: <default set of icons shown below> # Syntax: AddIcon <icon URL> <ALT text> <MIME-type template> # Syntax: AddDirIcon <icon URL> <ALT text> # Syntax: AddBlankIcon <icon URL> <ALT text> # Syntax: AddParentIcon <icon URL> <ALT text> # Syntax: AddUnknownIcon <icon URL> <ALT text> # # If the <icon URL> does not include a path, the server will prepend # the directory /icons/ to the icon filename. Note that the icon URL # is a virtual path; it will be sent through the mapping rules # (Map, Pass, etc) to find the real path in the filesystem. AddIcon app-123.gif 123 application/x-123 AddIcon app-compress.gif Z x-compress AddIcon app-compress.gif gz x-gzip AddIcon app-fl.gif FL application/x-freelance AddIcon app-pcl.gif PCL application/x-pcl AddIcon app-pdf.gif PDF application/pdf AddIcon app-ps.gif PS application/postscript AddIcon app-shar.gif shar application/x-shar AddIcon app-bsh.gif sh application/x-bsh AddIcon app-csh.gif csh application/x-csh AddIcon app-ksh.gif ksh application/x-ksh AddIcon mp-tar.gif tar multipart/x-tar AddIcon mp-tar.gif tar multipart/x-ustar AddIcon mp-zip.gif zip multipart/x-zip AddIcon audio.gif au audio/basic AddIcon audio.gif aiff audio/x-aiff AddIcon audio.gif wav audio/x-wav AddIcon audio.gif audio audio/* AddIcon image-gif.gif GIF image/gif AddIcon image-jpeg.gif JPEG image/jpeg AddIcon image-pixmap.gif pixmap image/x-xpixmap AddIcon image-tif.gif TIFF image/tiff AddIcon image.gif img image/* AddIcon text-assem.gif asm text/x-asm AddIcon text-c.gif c text/x-c AddIcon text-html.gif HTML text/html AddIcon text-html.gif HTML text/x-ssi-html AddIcon text-uu.gif UU text/x-uuencode AddIcon text.gif text text/* AddIcon video-avi.gif avi video/x-msvideo AddIcon video-avi.gif qt video/quicktime AddIcon video-jpeg.gif mjpg video/x-motion-jpeg AddIcon video-mpeg.gif mpeg video/mpeg AddIcon video.gif video video/* AddIcon binary.gif bin application/octet-stream AddIcon binary.gif bin binary AddBlankIcon blank.gif AddParentIcon dir-up.gif UP AddDirIcon dir.gif DIR AddUnknownIcon unknown.gif ??? # ===================================================================== # # # Cache agent directives # # ===================================================================== # # UpdateProxy directive: # # Specify which proxy server the cache agent should update. # # NOTE: This directive is required for the cache agent to function on # on AIX, Solaris, and Linux systems. This directive is also # required when the cache agent needs to update a proxy server # other than the local proxy server on which it is running. # # Default: <host on which the cache agent is running> # Syntax: UpdateProxy <fully-qualified host name of the proxy server> # Example: # UpdateProxy www.raleigh.ibm.com # LoadURL directive: # # Specify URLs to be loaded into the cache. # # NOTE: These URLs are placed at the top of the cache agent's queue. # # Default: <none> # Syntax: LoadURL <URL to load> # Example: # LoadURL http://www.ibm.com/ # LoadTopCached directive: # # Specify that the cache agent should load the specified number of # most popular URLs to the cache. # # NOTE: These URLs are queued below the URLs loaded by the # LoadURL directive # # Default: 100 # Syntax: LoadTopCached <num to load> # # NOTE: In order to use this directive, the server configuration # file MUST specify Caching "on" and have a valid values # for the cache location and size # LoadTopCached 100 # IgnoreURL directive: # # Specify URLs that are NOT to be retrieved by the cache agent. # This directive applies only to delving performed by the cache # agent. If you wish for the proxy server not to cache certain # URLs, then see the NoCache directive. # This directive may be specified multiple times. # # NOTE: Wild cards "*" may be used. # # Default: */cgi-bin/* (Ignore URLs containing /cgi-bin/) # Syntax: IgnoreURL <URL to ignore> # Example: # IgnoreURL http://www.yahoo.com/* # IgnoreURL http://www.yahoo.com/*.html # IgnoreURL */cgi-bin/* # DelveInto directive: # # Specify whether or not the cache agent should load pages # linked off of cached URLs. # # Default: always # Syntax: DelveInto <always | never | admin | topn> # # always - the cache agent will parse the HTML of cached # URLs and retrieve linked pages. # never - the cache agent will not parse the HTML of # cached URLs. # admin - the cache agent will only parse HTML documents that # originated from one of the LoadURL directives. # topn - the cache agent will only parse HTML documents that # were chosen from the server's cache. DelveInto always # DelveDepth directive: # # Specify the number of link levels to follow when searching # for pages to load into the cache. # # NOTE: Applicable when DelveInto "always" is specified. # # Default: 1 # Syntax: DelveDepth <num> DelveDepth 1 # DelveAcrossHosts directive: # # Specify whether the cache agent will only retrieve pages # found on this server, or if the cache agent will retrieve # pages from other hosts. # # NOTE: Applicable when DelveInto "never" is NOT specified. # # Default: off # Syntax: DelveAcrossHosts <on | off> DelveAcrossHosts off # DelayPeriod directive: # # Specify whether the cache agent should wait between sending # requests to destination servers. # # Default: on # Syntax: DelayPeriod <on | off> # # on - reduces the load on the proxy machine and your # network link, as well as being kinder to the # destination servers. # off - allows the cache agent to run at maximum speed. # # NOTE: When DelayPeriod off, certain sites will be # accessed very often in rapid succession. DelayPeriod on # # LoadInlineImages directive: # # Indicate whether inline images should be retrieved by the # cache agent. # # Default: on # Syntax: LoadInlineImages <on | off> LoadInlineImages on # NumClients directive: # # Specify the number of worker threads to use to request pages. # # NOTE: Increase this number for a fast machine and a fast # Internet link. Use a smaller number for a slow # machine or a slow Internet link. # # Default: 4 # Syntax: NumClients <num> (maximum of 100) NumClients 4 # MaxQueueDepth directive: # # Specify the maximum depth of the cache agent's queue of # outstanding page retrieval requests. Specifying a larger # number creates a larger queue. # # NOTE: Only applicable when DelveInto "always" is specified, # otherwise, MaxQueueDepth will be set equal to the # value specified on the MaxUrls directive. # # Default: 250 # Syntax: MaxQueueDepth <num of queue entries> # Example: # MaxQueueDepth 500 MaxQueueDepth 250 # MaxUrls directive: # # Specify the maximum number of URLs the cache agent will # request during a particular run. # # Default: 2000 # Syntax: MaxUrls <num> MaxUrls 2000 # MaxRuntime directive: # # Specify the maximum amount of time that the cache agent # will continue requesting URLs. # # NOTE: A value of 0 means "no limit" - the request runs # until completion. # # Default: 2 hours # Syntax: MaxRuntime 0 | [<num> hours [<num> minutes]] # Example: # MaxRuntime 4 hours # MaxRuntime 4 hours 10 minutes MaxRuntime 2 hours # AutoCacheRefresh directive: # # Specify whether or not cache content will be refreshed # automatically. If this is set to OFF, the cache agent # will not be invoked (and all its settings will be ignored). # # Default: on # Syntax: AutoCacheRefresh <on | off> AutoCacheRefresh on # CacheRefreshTime directive: # # Specify when the cache agent should be started. # # Default: 3:00 AM # Syntax: CacheRefreshTime <HH:MM> # # Example: Begin cache refresh at 3:50 AM # CacheRefreshTime 03:50 CacheRefreshTime 03:00 # ===================================================================== # # # PICS Filtering directives # # ===================================================================== # # PICS Filtering using PICSRules # # For a complete specification of PICSRules, see the URL # http://www1.raleigh.ibm.com/pics/PICSRules_1.0.html. # # Default: "See Example below" # Syntax: DefinePicsRule "filterName" { # (PicsRule-1.0 # ( # ...subdirectives...(not required) # serviceinfo (name "serviceURL" # shortname "shortName" # bureau "bureauURL" # ratfile "ratFile" # available-with-content "NO" # ) # passURL () # failURL () # ) # ) # } # # NOTE: Be sure to specify only one rule per DefinePicsRule {...} # Each rule should begin with a DefinePicsRule "filterName" { # and end with a closing "}". # # Example: DefinePicsRule "RSAC Example" { (PicsRule-1.0 ( serviceinfo ( name "http://www.rsac.org/ratingsv01.html" shortname "RSAC" available-with-content "YES" ) name ( rulename "RSAC Example" description "Example rule using the RSAC system to block naughty pictures." ) passURL ("http://www.ibm.com/*") optextension (extension-name "http://www1.raleigh.ibm.com/pics/PICSRules_1.0.html") ibm-javelin-extensions ( active "no" ) Filter ( Pass '((RSAC.v < 3) && (RSAC.s < 3) && (RSAC.n < 3) && (RSAC.l < 3))' ) ) ) } # HTTPSCheckRoot directive: # # Whether or not to check the unsecure homepage for self-labels and # apply them to a secure request for the same host. # # Default: on # Syntax: HTTPSCheckRoot <on | off> HTTPSCheckRoot on # ===================================================================== # # # SSL Directives # # ===================================================================== # #WES #******** R E A D T H I S F O R S S L*********************** #For an explanation of how to set up the Reverse Proxy for use with SSL, please refer to #the SSL documentation located at #http://www.ibm.com/software/webservers/perfpack/doc2/wtewg/wtewgssl.htm # #To setup SSL with reverse proxy (AP mode) you need to check for the following: # SSL Enable is on # KeyRing is set to the .kdb file containing your certificates # KeyRingStash is set to the keystash # Enable CONNECT line is present # # To access an SSL page when using reverse proxy (AP mode) # refer to the page as follows: # https://proxyserver/secure/page.html # This example assumes that you have a proxy statement set to point # /secure/* to the real secure page. # # From the client browser, accessing an outside secure page, you should see # the certificate from the Reverse Proxy machine, not the certificate from the remote site. # The Reverse Proxy machine must trust the certificate of the remote site. This is # done in the gsk4ikm program and is addressed in the documentation referenced # above. # SSLEnabled directive: # # Specifies to listen on Port 443 for secure requests. # # Default: OFF # Syntax: SSLEnable <ON | on | OFF | off> SSLEnable OFF #SSLEnable ON # SSLCaching directive: # # In a reverse proxy scenario, attempt to cache content on # a secure request. Caching must be enabled for this # directive to be effective. # # Default: off # Syntax: SSLCaching <on | off> SSLCaching off # SSL Version Specification # # Specifies the SSL Version to use - Either SSLV3 or SSLV2. # Syntax: SSLVersion <SSLV2> | <SSLV3> | <ALL> # Default: <ALL> # SSLVersion SSLV3 # SSLV3Timeout # # The time in seconds allowed before an SSL V3 session will expire. # # Default: 100 # Valid range: 1 - 86400 seconds (1 day) # Syntax: SSLV3Timeout <seconds> SSLV3Timeout 100 # SSLV2Timeout # # The time in seconds allowed before an SSL V2 session will expire. # # Default: 100 # Valid range: 1 - 100 seconds # Syntax: SSLV2Timeout <seconds> #SSLV2Timeout 100 # KeyRing directive: # # Specifies the file path to the Key Ring Database the server will # use for SSL requests. Key Ring Files are generated via the # IKeyman utility. # # Default: none # Syntax: KeyRing <filename> # # Example: # KeyRing /etc/key.kdb # KeyRingStash directive: # # Specifies the file path to the Key Ring Database's password file. # The password file is generated via the IKeyman utility when building # a Key Ring Database File. # # Default: none # Syntax: KeyRingStash <filename> # # Example: # KeyRingStash /etc/key.sth # SSL V3 Cipherspecs # The Cipherspecs allowed for SSL V3 # # Syntax: # V3CipherSpecs <cipherspec string> # Default: US: "0A09060564620403020100" Export: "0906646203020100" # #V3CipherSpecs 0A0605 # SSL V2 Cipherspecs # The Cipherspecs allowed for SSL V2 # # Syntax: # V2CipherSpecs <cipherspec string> # Default: US: "137624" Export: "246" # #V2CipherSpecs 176 # ===================================================================== # # # Miscellaneous directives # # ===================================================================== # # ConfigFile directive: # # Specifies the name of an additional configuration file. Directives # found in the specified configuration file will be processed after # processing the current configuration file. # # For backwards compatability, the directive 'RCAConfigFile' is # supported as an alias for ConfigFile. # # Default: none # Syntax: ConfigFile <filename> # # Example: # ConfigFile /etc/rca.conf # FTPUrlPath directive: # # Specifies whether FTP url paths should be treated as absolute # paths (specified in relation to the root directory) or as # relative paths (specified in relation to the home directory) # # Default: absolute # # Syntax: FTPUrlPath <absolute | relative> # # Example: # FTPUrlPath absolute # flexibleSocks directive: # # Whether or not to use a socks conifiguration file to specify # hosts for direct connections or connections to a socks server. # # Default: on # Syntax: flexibleSocks <on | off> flexibleSocks on # TransparentProxy directive: # # Specifies if the server is to be run as a transparent proxy server. # # Default: off # Syntax: TransparentProxy <on | off> TransparentProxy off # ListenBacklog directive: # # Specifies the size of the listen backlog to use for the socket # the proxy server listens with. # # Default: 128 # Syntax: ListenBacklog <value> ListenBacklog 128 # PacFilePath directive: # # Specifies the directory containing the PAC files # generated using the remote config PAC file form. # # Default: /opt/IBMWTE/usr/internet/server_root/pub/pacfiles # Syntax: PacFilePath <filepath> PacFilePath /opt/IBMWTE/usr/internet/server_root/pub/pacfiles