fix misspells and minor cleanup

docs/ConfigExamples/Authenticate/Bypass.md

@@ -143,7 +143,7 @@ This can be accomplished by using 6 configuration files:
 This example configuration will allow any user access to whitelisted
 sites without asking for identification, users in group A will be able
 to access sites in list A, users in group B will be able to access sites
-from group B and noone will be able to access anything else.
+from group B and no one will be able to access anything else.
 
 ## Advanced configuration
 

docs/ConfigExamples/Authenticate/Kerberos.md

@@ -208,7 +208,7 @@ If squid_kerb_ldap is used the following steps are happening
 1. Squid "login" to Windows Active Directory or Unix kdc as user
     \<HTTP/\<fqdn-squid\>@DOMAIN.COM\>. This requires Active Directory
     to have an attribute userPrincipalname set to
-    \<HTTP/\<fqdn-squid\>@DOMAIN.COM\> for the associated acount. This
+    \<HTTP/\<fqdn-squid\>@DOMAIN.COM\> for the associated account. This
     is usaully done by using msktutil.
 
     ![Squid-4.jpeg](/assets/images/squid-4.jpg)

docs/ConfigExamples/Authenticate/Ntlm.md

@@ -9,7 +9,7 @@ Winbind is a Samba component providing access to Windows Active Directory
 authentication services on a Unix-like operating system
 
 ## Supported Samba Releases
-Samba 3 and later provide a squid-compatible authenitcation helper named
+Samba 3 and later provide a squid-compatible authentication helper named
 `ntlm_auth`
 
 ## Samba Configuration

docs/ConfigExamples/Authenticate/WindowsActiveDirectory.md

@@ -78,7 +78,7 @@ authentication may fail.
 
 ## NTP Configuration
 
-Time needs to be syncronised with Windows Domain Controllers for
+Time needs to be synchronised with Windows Domain Controllers for
 authentication, configure the proxy to obtain time from them and test to
 ensure they are working as expected.
 
@@ -165,7 +165,7 @@ use it to create our kerberos computer object in Active directory.
 
     kinit administrator
 
-It should return without errors. You can see if you succesfully obtained
+It should return without errors. You can see if you successfully obtained
 a ticket with:
 
     klist
@@ -227,7 +227,7 @@ users will not be able to authenticate with Squid.
 Add the following to cron so it can automatically updates the computer
 account in active directory when it expires (typically 30 days). Pipe it
 through logger so I can see any errors in syslog if necessary. As stated
-msktutil uses the default `/etc/krb5.conf` file for its paramaters so be
+msktutil uses the default `/etc/krb5.conf` file for its parameters so be
 aware of that if you decide to make any changes in it.
 
     00 4  *   *   *     msktutil --auto-update --verbose --computer-name squidproxy-k | logger -t msktutil
@@ -263,7 +263,7 @@ Now join the proxy to the domain.
 ```
 net ads join -U Administrator
 ```
-Start samba and winbind and test acces to the domain.
+Start samba and winbind and test access to the domain.
 ```
 wbinfo -t
 ```
@@ -324,7 +324,7 @@ chgrp proxy /etc/squid3/ldappass.txt
 ## Install negotiate_wrapper
 
 Firstly we need to install negotiate_wrapper. Install the necessary
-build tools on Debian intall `build-essential linux-headers-$(uname -r)`
+build tools on Debian install `build-essential linux-headers-$(uname -r)`
 Then compile and install.
 
 ```bash

docs/ConfigExamples/Chat/Skype.md

@@ -15,7 +15,7 @@ then the mentioned in the article to make it so skype clients will be
 able to run smooth with squid in the picture. Else then that skype in
 many cases will require direct access to the Internet and will not work
 in a very restricted networks with allow access only using a proxy. I
-belive that NTOP have some more details on how to somehow make skype
+believe that NTOP have some more details on how to somehow make skype
 work or be blocked in some cases. I recommend peeking at theri at:
 <https://github.com/ntop/nDPI/search?utf8=✓&q=skype>
 

docs/ConfigExamples/ClusteringTproxySquid.md

@@ -14,7 +14,7 @@ What is good about WCCP? WCCP allows web cache clustering with built in
 fail-over mechanism and semi auto configuration management.
 
 It gives the Network administrator quiet in mind that if something in
-the cache cluster is not functioning the clients wont suffer from it.
+the cache cluster is not functioning the clients won't suffer from it.
 
 WCCP can be implemented for http and other protocols. many Network
 administrator will implement the Web cache infrastructure close to the

docs/ConfigExamples/ContentAdaptation/C-ICAP.md

@@ -163,7 +163,7 @@ Then adjust squidclamav.conf as follows:
     logredir 1
 
     # Enable / disable DNS lookup of client ip address. Default is enabled '1' to
-    # preserve backward compatibility but you must desactivate this feature if you
+    # preserve backward compatibility but you must deactivate this feature if you
     # don't use trustclient with hostname in the regexp or if you don't have a DNS
     # on your network. Disabling it will also speed up squidclamav.
     dnslookup 0
@@ -175,7 +175,7 @@ Then adjust squidclamav.conf as follows:
     safebrowsing 0
 
     #
-    # Here is some defaut regex pattern to have a high speed proxy on system
+    # Here is some default regex pattern to have a high speed proxy on system
     # with low resources.
     #
     # Abort AV scan, but not chained program
@@ -468,7 +468,7 @@ Adjust srv_url_check.conf as follows:
 
 > :information_source:
     Note: Using whitelist is good idea for performance reasons. It is
-    plain text file with 2nd level domain names. All hostnames beyong
+    plain text file with 2nd level domain names. All hostnames beyond
     this domains will be pass. Also setup DNS cache is also great idea
     to improve performance.
 
@@ -671,7 +671,7 @@ Here is also Munin plugins for C-ICAP monitoring (performance-related
 
 > :information_source:
     When upgrading c-icap server, you also need (in most cases) to
-    rebuild squidclamav to aviod possible API incompatibility.
+    rebuild squidclamav to avoid possible API incompatibility.
 
 > :information_source:
     In case of c-icap permanently restarts, increase DebugLevel in

docs/ConfigExamples/ContentAdaptation/EcapForExifStripping.md

@@ -104,7 +104,7 @@ First, build and install dependencies:
     make -j8
     make install
 
-Make shure all shared libraries are installed.
+Make sure all shared libraries are installed.
 
 > :information_source:
     Note: Use correct compiler full path, depending your setup. Commands
@@ -145,7 +145,7 @@ Supported configuration parameters:
         Files with size greater than limit will be stored in temporary
         disk storage, otherwise processing will be done in RAM.
     exclude_types
-        List of semicolon seprated MIME types which shouldn't be
+        List of semicolon separated MIME types which shouldn't be
         handled by adapter.
 
 ## Squid Configuration File

docs/ConfigExamples/DynamicContent/Coordinator.md

@@ -43,15 +43,15 @@ some of the reasons for that:
 - The result of a live content feed based or not on argument supplied
     by end user.
 - a CMS(Content Management System) scripts design.
-- bad programing.
+- bad programming.
 - Privacy policies.
 
 ## File De-Duplication/Duplication
 
 - two urls that result the same identical resource ( many to one ).
     Some of the reasons for that:
     - a temporary URL for content access based on credentials
-    - bad programing or fear from caching
+    - bad programming or fear from caching
     - Privacy policies
 
 There is also the problem of content copying around the web. For
@@ -89,7 +89,7 @@ just a longer url. many CMS like Wordpress use question mark to identify
 a specific page/article stored in the system. ("/wordpress/?p=941")
 
 
-but insted exploting this convention the script authur can just add
+but instead exploting this convention the script authur can just add
 Cache specific headers to allow or disallow caching the resource.
 
 ## HTTP and caching

docs/ConfigExamples/FullyTransparentWithTPROXY.md

@@ -31,7 +31,7 @@ the tproxy include file needs to be placed in
 /usr/include/linux/netfilter_ipv4/ip_tproxy.h or
 include/netfilter_ipv4/ip_tproxy.h in the squid src tree).
 
-TThe iptables rule needs to use the TPROXY target (instead of the
+The iptables rule needs to use the TPROXY target (instead of the
 REDIRECT target) to redirect the port 80 traffic to the proxy. Ie:
 
     iptables -t tproxy -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j TPROXY --on-port 80
@@ -175,7 +175,7 @@ balabit for kernel & iptables tproxy
 * check-up access.log --\> yes it is increments log check-up my pc by
 * opening whatismyipaddress.com --\> yes it is my pc's ip
 
-Now, I will try tuning-up my box & squid.conf tommorow
+Now, I will try tuning-up my box & squid.conf tomorrow
 
 ## Another Example
 

docs/ConfigExamples/Intercept.md

@@ -8,7 +8,7 @@ using any two devices the configurations have been separated into
 endpoint configurations.
 
 L2 forwarding is best suited for when the proxy is directly connected to
-the router, i.e. presists in the same L2-segment of LAN. Since Layer-2
+the router, i.e. persists in the same L2-segment of LAN. Since Layer-2
 is a level below TCP/IP it can be treated as equivalent to *Policy
 Routing* at the IP layer (the difference is PBR is executes on CPU,
 against true L2 WCCP forwarding, which often executes on control plane

docs/ConfigExamples/Intercept/CiscoIOSv15Wccp2.md

@@ -26,7 +26,7 @@ Router has both router/switch functionality, so we can use both GRE/L2
 redirection methods.
 
 > :information_source:
-    Note: Beware - you must have NAT configuted on your squid's box, and
+    Note: Beware - you must have NAT configured on your squid's box, and
     you must have squid built with OS-specific NAT support.
 
 > :information_source:
@@ -109,7 +109,7 @@ and passthrough default route to next hop (or last resort gateway).
 
 #### Security
 
-To avoid denial-of-service attacks, you can enforce authentification
+To avoid denial-of-service attacks, you can enforce authentication
 between proxy(proxies) and router. To do that you need to setup WCCP
 services on router using passwords:
 
@@ -158,7 +158,7 @@ interception.
 
 > :information_source:
     Note: **Performance** is more better against PBR (route-map), WCCP
-    uses less CPU on Cisco's devices. So, WCCP is preferrable against
+    uses less CPU on Cisco's devices. So, WCCP is preferable against
     route-map. Also note, l2 redirection has hardware support and less
     overhead, than gre, which has only software processing (on CPU).
 

docs/ConfigExamples/Intercept/LinuxBridge.md

@@ -21,7 +21,7 @@ implement transparent caching or content filtering.
 ## ebtables DROP vs iptables DROP
 
 In iptables which in most cases is being used to filter network traffic
-the DROP target means "packet disapear".
+the DROP target means "packet disappear".
 
 In ebtables a "-j redirect --redirect-target DROP" means "packet be gone
 from the bridge into the upper layers of the kernel such as

docs/ConfigExamples/Intercept/SslBumpExplicit.md

@@ -110,7 +110,7 @@ For example, in FireFox:
 2. Go to the 'Advanced' section, 'Encryption' tab
 3. Press the 'View Certificates' button and go to the 'Authorities' tab
 4. Press the 'Import' button, select the .der file that was created
-    previously and pres 'OK'
+    previously and press 'OK'
 
 In theory, you must either import your root certificate into browsers or
 instruct users on how to do that. Unfortunately, it is apparently a

docs/ConfigExamples/MultiplePortsWithWccp2.md

@@ -8,7 +8,7 @@ categories: [ConfigExample]
 ## Outline
 
 The Squid WCCPv2 implementation can intercept more than TCP port 80. The
-currrent implementation can create multiple arbitrary TCP and UDP ports.
+current implementation can create multiple arbitrary TCP and UDP ports.
 
 There are a few caveats:
 

docs/ConfigExamples/SquidAndWccp2.md

@@ -198,7 +198,7 @@ loosely sorted so that rules with more hits are higher up:
     -A INPUT -s ! 10.15.128.0/255.255.192.0 -p tcp -m tcp --sport 8080 -j ACCEPT
     # TCP DNS replies. Just in case
     -A INPUT -p tcp -m tcp --sport 53 -j ACCEPT
-    # SSH conection from admin server
+    # SSH connection from admin server
     -A INPUT -s 10.15.138.45 -p tcp -m tcp --dport 22 -j ACCEPT
     # Reject other SSH connections (optional)
     -A INPUT -s ! 10.15.128.0/255.255.192.0 -p tcp -m tcp --dport 22 -j REJECT --reject-with icmp-port-unreachable
@@ -210,10 +210,10 @@ loosely sorted so that rules with more hits are higher up:
     # Accept some traceroute. 3 per second
     -A INPUT -p udp -m udp --dport 33434:33445 -m limit --limit 3/sec --limit-burst 3 -j ACCEPT
     # Log everything else, maybe add explicit rules to block certain traffic.
-    # Unnecesary but useful monitoring
+    # Unnecessary but useful monitoring
     -A INPUT -j LOG
     # Accept forwarded requests.
-    # Totally unnecesary, but allows for basic monitoring.
+    # Totally unnecessary, but allows for basic monitoring.
     -A FORWARD -s 10.15.128.0/255.255.192.0 -d ! 10.15.128.0/255.255.192.0 -p tcp -m tcp --dport 80 -j ACCEPT
     -A FORWARD -s 10.15.128.0/255.255.192.0 -d ! 10.15.128.0/255.255.192.0 -p tcp -m tcp --dport 3128 -j ACCEPT
     -A FORWARD -s 10.15.128.0/255.255.192.0 -d ! 10.15.128.0/255.255.192.0 -p tcp -m tcp --dport 8000 -j ACCEPT

docs/ConfigExamples/TorrentFiltering.md

@@ -7,7 +7,7 @@ categories: [ConfigExample]
 
 ## Outline
 
-Torrent filtering is a diffucult problem. which can't be solved easily.
+Torrent filtering is a difficult problem. which can't be solved easily.
 To difficult this for users you can first deny download .torrent files.
 
 ## Usage

docs/ConfigExamples/UbuntuTproxy4Wccp2.md

@@ -10,18 +10,18 @@ by *Eliezer Croitoru*
 WCCP stands for ["Web Cache Communication Protocol"](http://en.wikipedia.org/wiki/Web_Cache_Communication_Protocol)
 
 What is good about WCCP? WCCP allows separation of duties between the
-network and the application and there for Auto redundency.
+network and the application and there for Auto redundancy.
 
 the router has couple junctions that it can intercept on routing level
-dynamicly packets. on every interface/vlan there is a "IN" and "OUT".
+dynamically packets. on every interface/vlan there is a "IN" and "OUT".
 IN stands for incoming packets and OUT stands for OUTGOING packets. the
 WCCP daemon on the cisco router gets information about the Cache
 supplier and service. then on the cisco router we can define ACLs to
 apply the service on besides the Cache settings supplied by the cache.
 
 the Cache supplier can interact in two ways with cisco devices: GRE
 tunnel and Layer 2 SWITCHING forwarding. when used with a GRE tunnel all
-the traffic that comes and goes to the client are transfered to the
+the traffic that comes and goes to the client are transferred to the
 proxy on the GRE tunnel instead
 
 the cisco router forwards packets to "hijack" encapsulated in the gre
@@ -39,7 +39,7 @@ loop. so instead of applying regulare WCCP ACLs we are applying another
 ACL built in WCCP and this is the EXLUDE.
 
 the EXCLUDE applies only on Interface (or vlan interface) so we need to
-separte the traffic of the clients and the proxy. in our case we use
+separate the traffic of the clients and the proxy. in our case we use
 another interface. on the router we use interface f1/0 for clients, f1/0
 for the proxy and f0/0 to the internet.
 
@@ -69,7 +69,7 @@ you do know basic Networking and cisco cli basics.
 
 you do know what a GRE tunnel is.
 
-## Toplogy
+## Topology
 
 ![wccp2_vlan.png](/assets/images/wccp2-vlan.png)
 

docs/CookiePolicy.md

@@ -8,7 +8,7 @@ way to connect this information to the user's identity or to track
 users' behaviors. This cookie is randomly created the first time the
 user visits the website and is only used for technical purposes. Users
 are free to use their browsers' technical features and not to accept
-this cookie; apart from a slight degradation in useability of the site,
+this cookie; apart from a slight degradation in usability of the site,
 there will be no adverse effects for non-registered users.
 
 This website might be hosted on [Github Pages](https://pages.github.com/)

docs/DeveloperResources/ClientStreams.md

@@ -17,7 +17,7 @@ organised...
 14:49 < nicholas> Ok, that's client streams.
 14:49 < lifeless> the fwdState api is on the wrong side of the store
 14:49 < nicholas> doh!
-14:49 < lifeless> so it doesn't have any of the required logic - cachability, vary handling, updates of existing opbjects...
+14:49 < lifeless> so it doesn't have any of the required logic - cachability, vary handling, updates of existing objects...
 14:50 < lifeless> things like store digests just haven't been updated to use client streams yet.
 14:50 < nicholas> What, concisely, is a store digest?
 14:51 < lifeless> a bitmap that lossilly represents the contents of an entire squid cache, biased to hits.
@@ -49,7 +49,7 @@ organised...
 15:02 < lifeless> well you don't want that.
 15:02 < lifeless> because you don't want to parse requests.
 15:02 < lifeless> ClientSocketContext is likely to be the closest thing to what you want though.
-15:03 < lifeless> so your readfunc needs to eat all the data it recieves.
+15:03 < lifeless> so your readfunc needs to eat all the data it receives.
 15:04 < lifeless> you can throw it away.
 15:04 < lifeless> your detach function can just call clientStreamDetach(node, http);
 15:04 < nicholas> so do I add my function into ClientSocketContext's read function?
@@ -85,7 +85,7 @@ organised...
 15:13 < nicholas> stream.getRaw() is a pointer to the node, yes? I could the code around that confusing.
 15:14 < lifeless> stream is a ESIStreamContext which is a clientStream node that pulls data from a clientstream, instances of which are
                   used by both the master esi document and includes
-15:14 < lifeless> (different instances, but hte logic is shared by composition)
+15:14 < lifeless> (different instances, but the logic is shared by composition)
 15:14 < lifeless> that is pased into ESIInclude::Start because ESI includes have a primary include and an 'alternate' include.
 15:16 < lifeless> so all you need to start the chain is:
 15:16 < nicholas> I see. I won't need to worry about any of that.
@@ -130,7 +130,7 @@ organised...
 15:25 < lifeless> and likewise for the Detach static method
 15:26 < lifeless> is this making sense ?
 15:27 < nicholas> yes, but just let me reread a litt.e
-15:27 < lifeless> ok, theres one more important thing :)
+15:27 < lifeless> ok, there's one more important thing :)
 15:27 < nicholas> "static_cast<myStream *>(node->data)->bufferData(node, ...)" calls myStream::BufferData doesn't it? So why am I calling
                   myself?
 15:28 < lifeless> lowercase bufferData :)
@@ -189,7 +189,7 @@ organised...
 15:38 < lifeless> so right before that #if ESI line.
 15:39 < nicholas> Oh, I see it has the body at this point already?
 15:39 < nicholas> Or does it just have a partial body?
-15:39 < lifeless> it may have some body, but it definately has the reply metadata
+15:39 < lifeless> it may have some body, but it definitely has the reply metadata
 15:39 < nicholas> Because my code is rigged to work with partial data.
 15:39 < nicholas> ok, good.
 15:39 < nicholas> Then that's *exactly* right.