squid安装笔记
---- 安装 ----
wget http://www.squid-cache.org/Versions/v2/2.5/squid-2.5.STABLE13.tar.gz
tar zxf squid-2.5.STABLE13.tar.gz
cd squid-2.5.STABLE13
./configure --prefix=/usr/local
make
make install
vi /usr/local/squid/etc/squid.conf
mkdir /var/squid/cache
chown -R nobody:nobody /var/squid/cache
chmod 0777 /var/squid/cache -R
/usr/local/squid/sbin/squid -z
/usr/local/squid/sbin/squid -NCd1
---- 配置文件 ----
# 默认端口
http_port 80
# 缓存暂用内存大小
cache_mem 512 MB
maximum_object_size_in_memory 4128 KB
# 缓存目录,及其大小
cache_dir ufs /var/squid/cache 2048 16 256
# 关闭访问日志
cache_access_log none
cache_log none
cache_store_log none
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
#hierarchy_stoplist cgi-bin admin
# 禁止缓存策略
acl nocache urlpath_regex cookie.*\.php
no_cache deny nocache
# 缓存更新策略
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i \.xml 60 20% 440 ignore-reload
refresh_pattern -i \.jpg 60 20% 440 ignore-reload
refresh_pattern -i \.css 60 20% 440 ignore-reload
refresh_pattern -i \.js 60 20% 440 ignore-reload
refresh_pattern -i \.gif 60 20% 440 ignore-reload
refresh_pattern -i \.png 60 20% 440 ignore-reload
refresh_pattern -i \.html 5 20% 60 ignore-reload
refresh_pattern -i \.exe 60 20% 440 ignore-reload
refresh_pattern -i \.mp3 60 20% 440 ignore-reload
refresh_pattern -i \.php 5 20% 440 ignore-reload
refresh_pattern . 5 20% 30
# 访问策略
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80
acl Self referer_regex -i ^http://blog\.yening\.cn$
acl has_referer referer_regex .
acl purge method PURGE
acl CONNECT method CONNECT
acl www_visitor dstdomain .win .yening.cn .verycd.com
acl OverConnLimit maxconn 30
acl Purge method PURGE
http_access allow Purge
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny OverConnLimit
http_access allow www_visitor
http_access allow Self
http_access deny !has_referer
http_access deny all
http_reply_access allow all
icp_access allow all
visible_hostname onion
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_uses_host_header on
coredump_dir /var/squid/cache
---- 其它 ----
linux有同时打开文件数限制,在访问量比较大的网站需要使用ulimit 增加同时打开文件数数.
ulimit 65533
/usr/local/sbin/squid -V
重新读取配置文件而不关闭squid.
/usr/local/sbin/squid -k reconfigure
评论
发表评论