Index: includes/bootstrap.inc
===================================================================
RCS file: /cvs/drupal/drupal/includes/bootstrap.inc,v
retrieving revision 1.222
diff -u -F^f -r1.222 bootstrap.inc
--- includes/bootstrap.inc	6 Sep 2008 15:20:09 -0000	1.222
+++ includes/bootstrap.inc	7 Sep 2008 03:28:26 -0000
@@ -629,6 +629,8 @@ function drupal_page_header() {
  *
  */
 function drupal_page_cache_header($cache) {
+  global $user;
+
   // Set default values:
   $last_modified = gmdate('D, d M Y H:i:s', $cache->created) . ' GMT';
   $etag = '"' . md5($last_modified) . '"';
@@ -650,9 +652,24 @@ function drupal_page_cache_header($cache
   header("Last-Modified: $last_modified");
   header("ETag: $etag");
 
-  // The following headers force validation of cache:
-  header("Expires: Sun, 19 Nov 1978 05:00:00 GMT");
-  header("Cache-Control: must-revalidate");
+  if (variable_get('reverse_proxy', 0)) {
+    // If cache_lifetime is not set, then assume 5 minutes
+    $cache_lifetime = variable_get('cache_lifetime', 300);
+
+    // Set a cookie if the user is logged in, so the reverse proxy would pass through the request
+    if ($user->uid && !isset($_COOKIE['DRUPAL_LOGGED_IN'])) {
+      setcookie('DRUPAL_LOGGED_IN', 'Y', $_SERVER['REQUEST_TIME'] + $cache_lifetime, '/');
+    }
+    
+    // The following headers makes for better caching for anonymous users when using reverse proxies such as Squid
+    header('Expires: ' . gmdate("D, d M Y H:i:s", $_SERVER['REQUEST_TIME'] + $cache_lifetime) . ' GMT');
+    header('Cache-Control: public, max-age=' . $cache_lifetime);
+  }
+  else {
+    // Use the old header which does not get cached 
+    header('Expires: Sun, 19 Nov 1978 05:00:00 GMT');
+    header('Cache-Control: must-revalidate');
+  }
 
   if (variable_get('page_compression', TRUE)) {
     // Determine if the browser accepts gzipped data.
Index: modules/user/user.pages.inc
===================================================================
RCS file: /cvs/drupal/drupal/modules/user/user.pages.inc,v
retrieving revision 1.16
diff -u -F^f -r1.16 user.pages.inc
--- modules/user/user.pages.inc	6 Sep 2008 08:36:22 -0000	1.16
+++ modules/user/user.pages.inc	7 Sep 2008 03:28:26 -0000
@@ -133,6 +133,9 @@ function user_logout() {
 
   watchdog('user', 'Session closed for %name.', array('%name' => $user->name));
 
+  // Unset the logged in session cookie, used for reverse proxies
+  setcookie('DRUPAL_LOGGED_IN', '', $_SERVER['REQUEST_TIME'] - 42000, '/');
+
   // Destroy the current session:
   session_destroy();
   module_invoke_all('user', 'logout', NULL, $user);
Index: sites/default/default.settings.php
===================================================================
RCS file: /cvs/drupal/drupal/sites/default/default.settings.php,v
retrieving revision 1.14
diff -u -F^f -r1.14 default.settings.php
--- sites/default/default.settings.php	21 Aug 2008 19:36:39 -0000	1.14
+++ sites/default/default.settings.php	7 Sep 2008 03:28:27 -0000
@@ -268,6 +268,22 @@
  * logging, statistics and access management systems; if you are unsure
  * about this setting, do not have a reverse proxy, or Drupal operates in
  * a shared hosting environment, this setting should remain commented out.
+ *
+ * Configuration for Squid
+ *   acl cookie_logged_in_set rep_header Set-Cookie DRUPAL_LOGGED_IN=Y
+ *   cache deny cookie_logged_in
+ *   acl cookie_logged_in     req_header     Cookie DRUPAL_LOGGED_IN=Y
+ *   cache deny cookie_logged_in_set
+ *
+ * Configuration for Varnish
+ *
+ *    sub vcl_recv {
+ *      ...
+ *      if (req.http.Cookie && req.http.Cookie ~ "DRUPAL_LOGGED_IN=Y") {
+ *        pass;
+ *      }
+ *    }
+ *
  */
 #   'reverse_proxy' => TRUE, // Leave the comma here.
 /**