http-cache — format of http-cache component configuration


General syntax rules of Kernun Firewall configuration files are described in configuration(7). This man page describes types, sections and items specific for the http-cache component configuration.

Repeatable sections/items are marked by the '*' before section/item name.


Configuration directives have attributes of several value-types. For the basic types description, see configuration(7).

Enumeration is a list of words (names) representing integer values. Some enumerations accept both names and direct integer values; in this case, enumeration description contains values for every name (in parenthesis next to name). For other enumerations, using of names is obligatory.

The following enumerations are used in http-cache configuration directives:

ip-version (see common(5))

osi4-proto (see common(5))

listen-on-sock (see listen-on(5))


Configuration of http-cache library component consists of following prototypes:

  http-cache { ... }


http-cache {

  phase ... ;
* tag ... ;
  listen-on { ... }
  hand-off ... ;
  cache-size ... ;
  max-object-size ... ;
* raw ... ;


HTTP Cache Daemon configuration.

Currently, the Squid daemon is used for Kernun caching.


Addresses to listen on must be specified.

HTTP cache size must be specified.

Items & subsections:

phase [number];

Application Startup Phase.

number (type: uint8, optional, default: 40)

Phase number; the lower one, the earlier start.

tag value;

Configuration factorization tag.

This feature allows admin to create groups of Kernun applications (specially proxies and servers) according to various aspects (belonging to one customer, applications of particular network traffic etc.).

Each application can have several tag attributes and the KAT tool can run some commands (like 'ps', 'start' atc.) for applications with or without given tag.

value (type: str)


Tag must contain letters, digits, hyphens and dots, only.

listen-on {

* socket ... ;


The listen-on section is derived from listen-on section prototype. For detail description of it, see listen-on(5).

Changes to the listen-on section:

Item non-transparent used as socket.

Item transparent is not valid.

At least one address to listen on must be specified.

Item socket (see listen-on(5))

Element proto is optional, default: tcp.

hand-off addr;

Next-hop proxy.

See CACHE_PEER configuration item of squid.conf.

addr (type: sock)

cache-size size;

Disc cache size.

See CACHE_DIR configuration item of squid.conf.

size (type: uint64)

max-object-size size;

Maximum object size to be kept in cache.

See MAX_OBJECT_SIZE configuration item of squid.conf.

size (type: uint64)

raw line;

Raw line to be written to squid.conf configuration file.

line (type: str)

[End of section http-cache description.]


configuration(7), common(5), listen-on(5), squid(8)