接上篇文章《配置squid透明代理》,配置文件缓存。
|
0 1 2 3 4 |
acl taobao url_regex -i \.taobao$ acl forcecache urlpath_regex -i \.jpg$ \.gif$ \.png$ \.bmp$ \.jpeg$ \.css$ \.js$ \.xml$ no_cache allow forcecache no_cache allow taobao refresh_pattern -i \.css$ 360 50% 2880 ignore-reload #其他参考此条配置 |
修改默认输出:
|
0 |
[root@squid zh-cn]# ll /usr/share/squid/errors/zh-cn/ERR_CONNECT_FAIL |
普通代理模式:
|
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 |
[root@squid /]# yum install gcc gcc-c++ openssl openssl-devel -y [root@squid /]# mkdir /byrd/tools/ -p [root@squid /]# cd /byrd/tools/ [root@squid tools]# wget http://www.squid-cache.org/Versions/v3/3.0/squid-3.0.STABLE20.tar.gz [root@squid tools]# tar zxf squid-3.0.STABLE20.tar.gz [root@squid tools]# cd squid-3.0.STABLE20 [root@squid squid-3.0.STABLE20]# ./configure --prefix=/byrd/service/squid3.0 --enable-async-io=100 --with-pthreads --enable-storeio="aufs,diskd,ufs" --enable-removal-policies="heap,lru" --enable-icmp --enable-delay-pools --enable-useragent-log --enable-referef-log --enable-kill-parent-hack --enable-cachemgr-hostname=localhost --enable-arp-acl --enable-default-err-language=English --enable-err-languages="Simplify_Chinese English" --disable-poll --disable-wccp --disable-wccpv2 --disable-ident-lokups --disable-internal-dns --enable-basic-auth-helpers="NCSA" --enable-stacktrace --with-large-files --disable-mempools --with-filedescriptors=64000 --enable-ssl --enable-x-accelerator-vary --disable-snmp -with-aio --enable-linux-netfilter -enable-linux-tproxy [root@squid squid-3.0.STABLE20]# make && make install [root@squid squid-3.0.STABLE20]# ln -s /byrd/service/squdi3.0 /usr/local/squid [root@squid ~]# egrep -v "^#|^$" /usr/local/squid/etc/squid.conf acl manager proto cache_object acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 acl localnet src 10.0.0.0/8 # RFC1918 possible internal network acl localnet src 172.16.0.0/12 # RFC1918 possible internal network acl localnet src 192.168.0.0/16 # RFC1918 possible internal network acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localnet http_access deny all icp_access allow localnet icp_access deny all htcp_access allow localnet htcp_access deny all http_port 3128 hierarchy_stoplist cgi-bin ? cache_dir ufs /byrd/service/squdi3.0/var/cache 100 16 256 access_log /byrd/service/squdi3.0/var/logs/access.log squid cache_log /byrd/service/squdi3.0/var/logs/cache.log cache_store_log /byrd/service/squdi3.0/var/logs/store.log refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern (cgi-bin|\?) 0 0% 0 refresh_pattern . 0 20% 4320 cache_mgr webmaster@qq.com cache_effective_user squid cache_effective_group squid visible_hostname images.t4x.org icp_port 3130 coredump_dir /byrd/service/squdi3.0/var/cache [root@squid etc]# /usr/local/squid/sbin/squid -k parse #检查配置文件 [root@squid etc]# /usr/local/squid/sbin/squid -z #初始化 [root@squid etc]# /usr/local/squid/sbin/squid -N -d1 #测试启动 [root@squid etc]# /usr/local/squid/sbin/squid -D #后台运行 [root@squid conf.d]# cat 1.conf #http://domain/squid访问,如果提示403,请关闭selinux{setenforce 0} ScriptAlias "/squid" "/byrd/tools/squid-3.0.STABLE20/tools/cachemgr.cgi" <Location "/squid"> Order deny,allow Allow from all Deny from all </location> |
参考文档:
1:http://www.squid-cache.org/Doc/
2:http://zyan.cc/book/squid/
申明:本文由BYRD原创(yum基于squid-3.1.10,编译基于3.0版本),未经许可禁止转载! SourceByrd's Weblog-https://note.t4x.org/system/squid-cache-config/
申明:除非注明Byrd's Blog内容均为原创,未经许可禁止转载!详情请阅读版权申明!
