Ziproxy
Ziproxy, the HTTP traffic compressor for slow links
OverviewNewsDownloadsRequirementsPerformance optimizations
FAQ/Known bugsSupport informationAuthorsSF project page
NEWS
SourceForge.net Logo
3.1.2009
Ziproxy 2.7.9_BETA2 released.

Lots of changes in this version:
  • Improvements:
    • Added full support for files >2GB.
      This affects AccessLog mostly, and fixes two very specific situations where downloads were limited to 2GB.
      The limit now is (worst case) >81 PB.
    • Changed the time measurement system.
      File transfers >35 minutes had their time incorrectly reported.
      The limit now is (worst case) >290000 years.
    • New error/waning reporting subsystem.
      Added messages to situations previously unreported.
      Added more verbosity to such messages.
      Added support for obsolete/deprecated/conflict/etc options from config file.
      More uniform error messages.
      Added support for logging errors into a file instead of simply dumping them to stderr.
      New option: LogError
    • New lossless Content-Type configuration system.
      Now it's possible to specify the full mime-type instead of just "application/" subtypes.
      Now also possible to specify pattern-matches (such as "text/*blah")
      New option: LosslessCompressCT
      New related options: TOSMarkAsDiffCTAlsoXST, URLReplaceDataCTListAlsoXST, LosslessCompressCTAlsoXST.
      Deprecated option: Compressible (still functional)
    • Added "G" flag support to AccessLog.
  • Bug fixes:
    • Under certain circumstances, PNG pictures were not recompressed. Fixed.
      This bug typically affected non-x86-32 architectures.
  • Other changes:
    • Changed default value of MinUncompressedGzipStreamEval from 250000 (~250kB) to 10000000 (~10MB).
      This avoids trigging of MaxUncompressedGzipRatio if ISO9660 images are compressed while streaming.
    • Obsoleted LogPipe option.
    • Obsoleted MSIETest option.
    • Obsoleted LogFile option
      See new option: DebugLog option
    • Removed all Russian translations.
      Note: That due to lack of maintainer.
    • Deprecated AccessLogFileName (still works).
      See new option: AccessLog.
For more detailed information on the changes made, see the ChangeLog file.


Ziproxy 2.7.9_BETA2 is available at the files' section.

14.12.2009
Ziproxy 2.7.9_BETA released.

This release brings a major - and exciting - new feature: IP ToS marking support.
With this provision you may now do Level-7 traffic shaping based on certain (configurable) characteristics of the HTTP traffic, thus ensuring HTTP QoS (that is, decent browsing experience) even during massive and concurrent downloads of video, ISO images and other bulk data.

The new ToS-related options are: TOSMarking, TOSFlagsDefault, TOSFlagsDiff, TOSMarkAsDiffURL, TOSMarkAsDiffCT, TOSMarkAsDiffSizeBT.
Note: Marking packets is only part of the job, you still need a a router/traffic shaper aware of the different TOSes in order to priorize the traffic accordingly.

This beta version adds only ToS capability, more changes/features will appear in next beta releases.
As always, feedback from testers is appreciated.

Ziproxy 2.7.9_BETA is available at the files' section.

30.9.2009
Ziproxy 2.7.2 released.

Really minor fixes this time:

  • LogFile timer was not properly initialized and the first measurement was always wrong. Fixed.
  • Fixed minor mistakes in acknowledgment texts.

Ziproxy 2.7.2 is available at the files' section.

28.9.2009
Ziproxy is 7 years old

Considering the official project birthday, 2002-09-24, Ziproxy is now 7 years old, alive and kicking.
Nowadays Ziproxy provides acceleration for a variety of situations, being that ISPs, private WAN networks, generic acceleration services or simply people who need some extra speed for their network connections.

Ziproxy is a honest solution, providing what it claims to: realistic HTTP acceleration.
Certain commercial software (I won't mention the names, but you probably know who they are) claim absurd numbers such as "up to 200x acceleration" obviously using unrealistic metrics (such as raw bitmap size divided by compressed size). Funny to know that such software even hide the fact they use JPEG 2000 for their "extra quality algorithm" (as if they invented the algorithm themselves).

In real world, when compared to Ziproxy, such software offer either lower image quality or lower compression. Everyone is free to do the test themselves.
So here we are: debunking the myth that commercial software is necessarily better than free (FOSS) software!

yours,
the current Ziproxy maintainer, D.M.C.


13.9.2009
New download section

A download section was created, including instructions on how you may download/install precompiled packages for your favorite OS (if available, that is).

Click here to access the download section.

12.9.2009
Ziproxy 2.7.1 released.

Minor fixes this time:

  • Fixed HTTP/0.9 simple response support (which was broken for aeons and nobody noticed).
  • Gunzipped data smaller than the compressed was being treated as corruped and data was simply forwarded as is.
    But that's not necessarily true (a certain website thought it was a good idea to gzip jpegs, for example) and in certain cases processing was not applied because of that.
    Fixed.
  • Implemented workaround for buggy sites which send:
    Content-Encoding: ISO-8859-1 (violates RFC 2616).
    Fixes certain pages which appeared as binary garbage in the browser.

Ziproxy 2.7.1 is available at the files' section.

13.4.2009
Ziproxy 2.7.0 released.

This version suffered a major cleanup and contains a number of bugfixes (incluing security ones) and extra features.
The changes are listed below (relative to 2.6.0 version).

New security fixes/features:
  • Added provision for outgoing port restrictions.
    New options: RestrictOutPortHTTP, RestrictOutPortCONNECT
    This provision mitigates the transparent proxy vulnerability US-CERT VU#435052
  • Added feature against "image bomb" DoS.
    New option: MaxUncompressedImageRatio

Other features:
  • Added support for custom 403 error pages.
  • Added Lanczos component upsampler support to JP2k.
    New option: JP2Upsampler
  • Added provision for crash (signal) interception and logging (see new access log flags).
    New option: InterceptCrashes
  • Added support for content substitution by matching URL + content-type.
    New options: URLReplaceDataCT, URLReplaceDataCTList
  • Added support for URL blocking.
    New option: URLDeny
  • Added support for "ICY" SHOUTcast headers. Now icecasts from such servers are playable.

Bugfixes:
  • Fixed a bug which caused crashes in certain, rare, specific situations while compressing to jp2k.
  • Fixed bug in rgb2yuv converter. In certain cases jp2 pictures had some very wrong colors (like deep red turned into strong pink etc).
  • Fixed the type/signedness mess with outgoing Port vars. Ports >= 32768 were not accessible.
    Non-standard HTTP/HTTPS ports (non-80/443) were not accessible in big-endian architectures.
  • Changed JPG and JP2K default settings to (hopefully) better values.
  • Bug which prevented recompression to jp2k when more aggressive parameters were set to color components, original image was forwarded instead. Fixed.
  • Encoding/decoding jp2 images with alpha channel always fails. Fixed.

Other:
  • Obsoleted ModifySuffixes. It was buggy and lost its usefulness a long ago.
    The following config options are obsolete:
    ModifySuffixes, MinTextStream
  • Flex is no longer required for building Ziproxy.
  • Test programs were obsolete and were removed (imgtest, modifytest, cfgtest) and no longer are a build option.

Ziproxy 2.7.0 is available at the files' section.

15.3.2009
Ziproxy 2.6.9_BETA2 released.

New features:
  • Added provision for crash (signal) interception and logging (see new access log flags).
    New option: InterceptCrashes
  • Added feature against "image bomb" DoS.
    New option: MaxUncompressedImageRatio
  • Added support for content substitution by matching URL + content-type.
    New options: URLReplaceDataCT, URLReplaceDataCTList
  • Added support for URL blocking.
    New option: URLDeny
  • Added support for "ICY" SHOUTcast headers. Now icecasts from such servers are playable.

Bugfixes:
  • Fixed a bug which caused crashes in certain, rare, specific situations while compressing to jp2k.
  • Fixed bug in rgb2yuv converter. In certain cases jp2 pictures had some very wrong colors (like deep red turned into strong pink etc).

Other:
  • Obsoleted ModifySuffixes. It was buggy and lost its usefulness a long ago.
    The following config options are obsolete:
    ModifySuffixes, MinTextStream
  • Flex is no longer required for building Ziproxy.
  • Test programs were obsolete and were removed (imgtest, modifytest, cfgtest) and no longer are a build option.
  • Miscellaneous code cleanup.

Ziproxy 2.6.9_BETA2 is available at the files' section.

26.2.2009
Ziproxy 2.6.9_BETA released.

New features:
  • Added provision for outgoing port restrictions.
    New options: RestrictOutPortHTTP, RestrictOutPortCONNECT
    This provision mitigates the transparent proxy vulnerability US-CERT VU#435052
  • Added support for custom 403 error pages.
  • Added Lanczos component upsampler support to JP2k.
    New option: JP2Upsampler

Bugfixes/changes:
  • Fixed the type/signedness mess with outgoing Port vars. Ports >= 32768 were not accessible.
    Non-standard HTTP/HTTPS ports (non-80/443) were not accessible in big-endian architectures.
  • Changed JPG and JP2K default settings to (hopefully) better values.
  • Bug which prevented recompression to jp2k when more aggressive parameters were set to color components, original image was forwarded instead. Fixed.
  • Encoding/decoding jp2 images with alpha channel always fails. Fixed.

Ziproxy 2.6.9_BETA is available at the files' section.

23.2.2009
Security warning - US-CERT VU#435052

US-CERT published today the security warning VU#435052 about a vulnerability concerning transparent HTTP proxies.
The report is available at http://www.kb.cert.org/vuls/id/435052.
Ziproxy-specific information may be accessed from that same page or directly at http://www.kb.cert.org/vuls/id/MAPG-7N9GN8.

23.2.2009
Implementing a WAN accelerator with JPEG 2000 + Squid.

Instructions on how to implement a WAN accelerator using Ziproxy and Squid are now available here.
This information is based on a production scenario and includes specificities relevant to that case. It's just a suggestion on how to do it, and it is possible to adapt that to a more specific case.

27.11.2008
Ziproxy is > 6 years old.
or a tentative of birthday announcement

Ok, that's a strange birthday but all the previous ones (including the major 5yo one) were not announced.
So that's it: Ziproxy is over 6 years now. Unfortunately I cannot provide a precise date of creation, so let's use the earliest known public release: the 1.1 version from 2002-09-24.

Ziproxy started as a simple, humble project. It was not meant be used by ISPs, nor to provide the features it currently does.
When I took over the development back in 2005 (because it was the only free-open-source software which provided what I wanted) I was not expecting to do much more than a number of bugfixes and perhaps some optimizations -- perhaps to work on that during 6 months and just releasing one bugfix or another afterwards.
But Ziproxy grew up, much more than I've expected, for the benefit of everyone who use this software nowadays.
About the future... I don't know. Ziproxy never had a development plan and it seems to be fine without one.

I would like to thank everyone who directly or indirectly contributed to the project (see the "CREDITS" file in the sourcecode), specially Juraj for creating Ziproxy in the first place.

Enough sentimentalism. Let's go back to work.

yours,
the current Ziproxy maintainer, D.M.C.

27.11.2008
Ziproxy 2.6.0 released.

New features (compared to 2.5.2):
  • Ad-blocker, by the means of content substitution. New option: URLReplaceData
  • Now a authenticated connection also logs the username alongside its IP (username@X.X.X.X).
  • Added support for host exception list when using the BindOutgoing option.
    May solve problems with certain hosts which do not like IP rotation.
    New options: BindOutgoingExList, BindOutgoingExAddr
  • Added support for custom 407 and 409 error pages.
  • Added Russian translation of manpages, README and other docs.

Bugfixes:
  • Under random conditions or unrelated configuration changes the pictures were not recompressed. Fixed.

Ziproxy 2.6.0 is available at the files' section.


FOR OLDER NEWS CLICK HERE
DOWNLOADS
Sourceforge.net
Download Source Code

Precompiled packages
Downloading and installing
OVERVIEW

Ziproxy is forwarding, non-caching, compressing HTTP proxy server.
Basically it squeezes images by converting them to lower quality JPEGs or JPEG 2000 and compresses (gzip) HTML and other text-like data.
It also provides other features such as: HTML/JS/CSS optimization, preemptive hostname resolution, transparent proxying and more.

Ziproxy does not require a client software and provides acceleration for any web browser, any operational system.

Ziproxy is an option when dealing with low-bandwidth cases like:

Ziproxy may be called a "web accelerator", although it is not the best name, considering the number of snake oil products advertised as such.

Ziproxy operates in daemon mode. It also may be invoked by (x)inetd if desired (not recommended for performance reasons).
It is HTTP/1.1-aware and compatible with HTTPS.

Currently it is known to be usable under the following OSes: Linux (Red Hat, Conectiva, Debian), FreeBSD and Cygwin (there were reports on Mac OS X and Solaris compatibility aswell).
It ran successfully under the following architectures: x86, x86-64, SPARC(sun4u, 32), PowerPC(32), MIPS(big-endian, 32).
And it was successfully compiled under GNU GCC and Intel's ICC.

Ziproxy is available as a free (FOSS) software under the GNU GPL (version 2 or higher) license.



example of web compression


original image
vs standard JPEG
vs JPEG 2000


using Ziproxy - typical setups


example of customized error


example of output by log tools

REQUIREMENTS

Ziproxy requires libraries which are pretty much standard nowadays, thus the chances are that your OS already offer them pre-packaged.
The latest Ziproxy version requires:
  • libungif
  • libpng
  • libjpeg-6b
  • zlib
  • libjasper
    (required if JPEG2000 support is to be enabled)
PERFORMANCE OPTIMIZATIONS

If you have a scenario with many concurrent users, consider the following options:
  • Run Ziproxy with a machine with at least 1 MB of L2 CPU cache per core, 2 MB (or more) the better.
    Many MHz won't save a CPU with 256kB L2 cache and performance will suffer, badly.
  • Run Ziproxy in daemon mode.
    Running under (x)inetd is (naturally) much slower and only viable for personal use.
  • If you have considerable latency in your main (fast) data link to the Internet, you may want to disable HTMLopt and PreemptDNS so the HTML pages will be streamed directly to the user while being loaded by Ziproxy (Gzip may be applied during streams, no problem).
    This way you will lower the latency experienced by the user since you cannot start loading the pictures in parallel before the HTML page arrives.
  • If you have a lot of users sharing the same compressed data link, it might be a good idea to use a caching proxy at their side.
    That's quite obvious, but worth remembering anyway.
  • Seriously consider installing a good DNS caching system serving Ziproxy if it has a very high number of users.
    Ziproxy does not have an internal DNS caching system, it tries to resolve the hostname of each request received.
FAQ / KNOWN BUGS

Ziproxy output to my browser is interleaved with logging output, i.e. things like "[1234] Finished." appear in some web pages!

Are you using xinetd with ziproxy? Then disable LogPipe option in ziproxy.conf. Or disable both LogPipe and LogFile options to turn off the logging completely. Piping the logging output through other program is supported only if you use netd. It's my mistake I kept these options on in default ziproxy.conf, with too terse disclaimer.

MSIE setup for ziproxy

To get IE accepting gzipped data, under Internet Options/Advanced tab check option ``Use HTTP/1.1 extensions when using proxy''.

Some pictures have inapropriate background color

Some transparent GIFs/PNGs are displayed with incorrect background. It's because JPEG can't store transparency information, and background color information is "out there" in HTML. With AllowLookChange option you can make ziproxy avoid these images.

ziproxy seems running, but I can't login/run other programs on that remote machine!

For every HTTP request, new ziproxy process is started. In case of intensive parallel downloading/mirroring (for example, with HTTrack or wwwoffle -fetch), number of processes may reach maximal user processes limit set by administrator. To avoid the problem, set subsequent limit for netd using limit(csh) or ulimit(bash) shell command.

SUPPORT INFORMATION

The standard way of asking questions, requesting features, reporting bugs or receiving announcements. is using one of our mailing lists:
  • ziproxy-users: discussion about ziproxy compilation and usage, usage questions, feature requests, bug reports
  • ziproxy-announce: ziproxy announcements (read-only)
  • ziproxy-devel: developers' discussion, submitting patches

If you encounter problem with this webpage (broken link, information missing here, errors etc), you may contact the maintainer directly.

AUTHORS

Current Ziproxy maintainer (since v1.4.0):
Daniel Mealha Cabrita
dancab(a)gmx.net

For support on Ziproxy usage please use the ziproxy-users mailing list.

Ziproxy's original maintainer: Juraj Variny