Centos5上Squid3.0的安装部署

5imobi · 发表于 2015-11-19 11:45:42

　　 1、准备Centos环境
　　    groupadd squid
　　    useradd -s /sbin/nologin -d /dev/null -g squid squid
　　    mkdir /dev/shm/tmp
　　    chmod 1777 /dev/shm/tmp
　　    mount --bind /dev/shm/tmp
　　2、安装squid
　　
　　./configure --prefix=/usr/squid /
--enable-debug-cbdata /
--enable-async-io=100 /
--with-pthreads /
--enable-storeio="aufs,diskd,ufs" /
--enable-removal-policies="heap,lru" /
--enable-icmp /
--enable-delay-pools /
--enable-useragent-log /
--enable-referer-log /
--enable-kill-parent-hack /
--enable-arp-acl /
--enable-default-err-language=Simplify_Chinese /
--enable-err-languages="Simplify_Chinese English" /
--disable-poll /
--disable-wccp /
--disable-wccpv2 /
--disable-ident-lookups /
--disable-internal-dns /
--enable-basic-auth-helpers="NCSA" /
--enable-stacktrace /
--with-large-files /
--disable-mempools /
--with-filedescriptors=65535 /
--enable-ssl /
--enable-x-accelerator-var
make
make install
　　
　　3、配置squid
　　http_port 3128 accel vhost vport

#accel domain
cache_peer 127.0.0.1 parent 80 0 no-query originserver no-digest name=www
#cache_peer_domain www 192.168.56.2

#acl
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80 3128
acl Safe_ports port 8080 3128
acl LanSrc src 192.168.56.0/24
acl LanDst dst 192.168.56.0/24
#acl LanDstDM dstdomain

acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow LanSrc
http_access allow LanDst
#http_access allow LanDstDM
http_access deny all

#base
visible_hostname 192.168.56.2
cache_mgr cache@126.com
cache_effective_user squid
cache_effective_group squid

#error_directory /usr/squid/share/error/Simplify_Chinese
　　icon_directory /usr/squid/share/icons
mime_table /usr/squid/etc/mime.conf

cache_replacement_policy lru
#cache_dir
cache_dir aufs /tmp 32768 64 64
cache_mem 128 MB
max_open_disk_fds 0
maximum_object_size 20 MB
maximum_object_size_in_memory 8 MB

#keepalived
client_persistent_connections off
server_persistent_connections on
#persistent_request_timeout 60 seconds

#memory_pools on
#memory_pools_limit 64 MB

forwarded_for on
log_icp_queries off

via off
httpd_suppress_version_string off

ie_refresh off
tcp_recv_bufsize 32 KB

#acl webservices rep_header Server -i ^lzzWS ^Apache ^nginx
#broken_vary_encoding allow webservices

#hiddeen the squid header
　　#reply_header_access Server deny all
#reply_header_access X-Cache deny all
#reply_header_access Warning deny all
#reply_header_access Expires deny all
#reply_header_access Cache-Control deny all
#reply_header_access age deny all
#reply_header_access All deny all

ipcache_size 1024
ipcache_low 90
ipcache_high 95

memory_replacement_policy lru

hosts_file /etc/hosts
request_header_max_size 128 KB

#deny cache
hierarchy_stoplist cgi-bin ?/.php
acl QUERY urlpath_regex cgi-bin /?/.php
acl DIRECT url_regex -i ^http://192.168.56.2
cache deny QUERY
cache deny DIRECT

#request_body_max_size 0 KB

refresh_pattern ^ftp: 60 20% 10080
refresh_pattern ^gopher: 60 0% 1440
　　refresh_pattern ^gopher: 60 0% 1440
refresh_pattern . 0 20% 1440
refresh_pattern -i /.css$    360    50%    2880    reload-into-ims
refresh_pattern -i /.js$       1440 50%    2880    reload-into-ims
refresh_pattern -i /.html$    720    50%    1440    reload-into-ims
refresh_pattern -i /.jpg$    1440 90%    2880    ignore-reload
refresh_pattern -i /.gif$    1440 90%    2880    ignore-reload
refresh_pattern -i /.swf$    1440 90%    2880    ignore-reload
refresh_pattern -i /.jpg$    1440 50%    2880    ignore-reload
refresh_pattern -i /.png$    1440 50%    2880    ignore-reload
refresh_pattern -i /.bmp$    1440 50%    2880    ignore-reload

refresh_pattern -i /.doc$    1440 50%    2880    ignore-reload
refresh_pattern -i /.ppt$    1440 50%    2880    ignore-reload
refresh_pattern -i /.xls$    1440 50%    2880    ignore-reload
refresh_pattern -i /.pdf$    1440 50%    2880    ignore-reload
refresh_pattern -i /.rar$    1440 50%    2880    ignore-reload
refresh_pattern -i /.zip$    1440 50%    2880    ignore-reload
refresh_pattern -i /.txt$    1440 50%    2880    ignore-reload

quick_abort_min 20 KB
quick_abort_max 20 KB
quick_abort_pct 95

connect_timeout 1 minute
negative_ttl 0 minutes
read_timeout 30 seconds
pconn_timeout 120 seconds
shutdown_lifetime 5 seconds
strip_query_terms off
　　#snmp
#snmp_port 3401
#acl snmppublic snmp_orgmunity snsimg
#snmp_access allow snmppublic localhost
#snmp_access deny all

icp_port 0

# logfile
emulate_httpd_log on
#logformat combined %{X-Forwarded-For}>h %ui %un [%tl] /"%rm %ru HTTP/%rv/" %Hs %<st /"%{Referer}>h/" /"%{User-Agent}>h/" %Ss:%Sh
#access_log none
#access_log /data/logs/access.log combined
logformat squid  %ts.%03tu %6tr %>a %Ss/%03Hs %<st %rm %ru %un %Sh/%<A %mt
access_log /usr/squid/log/access.log squid
#cache_store_log /var/log/squid3/store.log
cache_store_log /dev/null
cache_log /usr/squid/log/cache.log
logfile_rotate 12

# MISCELLANEOUS
store_objects_per_bucket 15
client_db off

账号		自动登录	找回密码
密码			立即注册

zabbix3.4中文手册，官网完整COPY（2019042

最新rhel8官方手册三本PDF

winhex数据恢复教程（非常巨大，内容丰富）

KMSpico10.2.0 免费激活Win10/Office2016（

zabbix3.4.1安装部署+微信推送信息+大屏显

VMware vcenter+vSphere 6.5 U2共享

CentOS6.5下redis-3.2.6的安装与配置

[经验分享] Centos5上Squid3.0的安装部署

浏览过的版块

扫码加入运维网微信交流群