squid3.0编译安装和详细配置

浙江雁荡山 · 发表于 2018-12-26 13:24:59

　　1、目的
使用squid加速图片的访问
2、架构
squid:192.168.0.200
web(www.gangpao.com):192.168.0.201 图片服务器
web(shop.gangpao.com):192.168.0.201  图片服务器
3、安装

#wget wget http://www.squid-cache.org/Versions/v3/3.0/squid-3.0.STABLE15.tar.gz
#tar xzvf squid-3.0.STABLE15.tar.gz
#cd squid-3.0.STABLE15
#./configure --prefix=/usr/local/squid --enable-dlmalloc --enable-debug-cbdata --enable-async-io=100 --with-pthreads --enable-storeio="aufs,diskd,ufs" --enable-removal-policies="heap,lru" --enable-icmp --enable-delay-pools --enable-useragent-log --enable-referer-log --disable-wccp --disable-wccpv2 --enable-kill-parent-hack --enable-arp-acl --enable-snmp --enable-default-err-language=Simplify_Chinese --enable-err-languages="Simplify_Chinese English" --disable-poll --enable-epoll --disable-ident-lookups --disable-internal-dns --enable-truncate --enable-underscores --enable-basic-auth-helpers="NCSA" --enable-stacktrace --with-winbind-auth-challenge --enable-large-cache-files --with-large-files --with-maxfd=65535 --enable-ssl --enable-x-accelerator-vary
#make
#make install
　　4、配置

#vim /usr/local/squid/etc/squid.conf
####base######
visible_hostname localhost
cache_mgr yuangang@shopex.cn
cache_effective_user squid
cache_effective_group squid
####cache#####
cache_mem 600 MB
cache_swap_low 90
cache_swap_high 95
maximum_object_size 12000 KB
maximum_object_size_in_memory 1024 KB
cache_dir ufs /usr/local/squid/var/cache 10000 16 256
cache_access_log /usr/local/squid/var/logs/access.log
cache_log /usr/local/squid/var/logs/cache.log
cache_store_log /usr/local/squid/var/logs/store.log
#####no-cache##########
hierarchy_stoplist cgi-bin ?/.php
acl QUERY urlpath_regex cgi-bin /?/.php
#acl DIRECT url_regex -i ^http://192.168.0.201
cache deny QUERY
#cache deny DIRECT
#####refresh_pattern####
refresh_pattern ^ftp: 60 20% 10080
refresh_pattern ^gopher: 60 0% 1440
refresh_pattern ^gopher: 60 0% 1440
refresh_pattern . 0 20% 1440
refresh_pattern -i /.css$    360    50%    2880    reload-into-ims
refresh_pattern -i /.js$       1440 50%    2880    reload-into-ims
refresh_pattern -i /.html$    720    50%    1440    reload-into-ims
refresh_pattern -i /.jpg$    1440 90%    2880    ignore-reload
refresh_pattern -i /.gif$    1440 90%    2880    ignore-reload
refresh_pattern -i /.swf$    1440 90%    2880    ignore-reload
refresh_pattern -i /.jpg$    1440 50%    2880    ignore-reload
refresh_pattern -i /.png$    1440 50%    2880    ignore-reload
refresh_pattern -i /.bmp$    1440 50%    2880    ignore-reload

refresh_pattern -i /.doc$    1440 50%    2880    ignore-reload
refresh_pattern -i /.ppt$    1440 50%    2880    ignore-reload
refresh_pattern -i /.xls$    1440 50%    2880    ignore-reload
refresh_pattern -i /.pdf$    1440 50%    2880    ignore-reload
refresh_pattern -i /.rar$    1440 50%    2880    ignore-reload
refresh_pattern -i /.zip$    1440 50%    2880    ignore-reload
refresh_pattern -i /.txt$    1440 50%    2880    ignore-reload
######proxy agent###
http_port 80 accel vhost vport
cache_peer 192.168.0.201 parent 80 0 no-query originserver name=www
cache_peer_domain www www.gangpao.com
cache_peer 192.168.0.202 parent 80 0 no-query originserver name=shop
cache_peer_domain shop shop.gangpao.com
######alc#####
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8
acl localnet src 10.0.0.0/8    # RFC1918 possible internal network
acl localnet src 172.16.0.0/12  # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl LanSrc src 192.168.0.0/24
acl LanDst dst 192.168.0.0/24
acl SSL_ports port 443
acl Safe_ports port 80       # http
acl Safe_ports port 21       # ftp
acl Safe_ports port 443       # https
acl Safe_ports port 70       # gopher
acl Safe_ports port 210       # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280       # http-mgmt
acl Safe_ports port 488       # gss-http
acl Safe_ports port 591       # filemaker
acl Safe_ports port 777       # multiling http
acl CONNECT method CONNECT
acl LanDstDM dstdomain .gangpao.com
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports       #拒绝代理除acl 定义Safe_ports 以外的端口
http_access deny CONNECT !SSL_ports
http_access allow LanDstDM       #允许访问.gangpao.com域
http_access allow LanSrc          #允许源地址为192.168.0.0访问
http_access allow LanDst          #允许去往目的地址192.168.0.0
http_access allow localnet       #允许内网访问
http_access deny all             #拒绝所有
　　5、初始化及启动squid

#useradd -s /sbin/nologin squid          #创建squid用户
#mkdir -p /usr/local/squid/var/cache    #创建缓存目录
#chown -R squid:squid /usr/local/squid/var/cache #授权给squid
#chown -R squid:squid /usr/local/squid/var/logs
#vim /etc/hosts
192.168.0.201 www.gangpao.com             #绑定hosts文件指定图片服务器ip
192.168.0.202 shop.gangpao.com
#/usr/local/squid/sbin/squid -zX       #初始化缓存目录
#/usr/local/squid/sbin/squid -s          #启动squid
#ps aux|grep squid                      #检查squid是否启动，出现下面进程，表示启动成功！
root    3437  0.0  0.6 6240 424 ?       Ss 21:42 0:00 /usr/local/squid/sbin/squid -s
squid    3439  0.0  9.7  24032  5888 ?       S 21:42 0:01 (squid) -s
squid    3440  0.0  0.6 2932 420 ?       S 21:42 0:00 (unlinkd)
root    3922  0.0  1.1 3912 676 pts/0 S+ 22:40 0:00 grep squid
　　6、测试

在客户端绑定hosts域名指向squid服务器
#vim /etc/hosts
192.168.0.200 www.gangpao.com
192.168.0.200 shop.gangpao.com
#curl -I http://www.gangpao.com/6.jpg
HTTP/1.0 200 OK
Server: nginx/1.0.4
Date: Wed, 20 Jul 2011 13:44:09 GMT
Content-Type: image/jpeg
Content-Length: 78763
Last-Modified: Mon, 18 Jul 2011 17:33:23 GMT
Accept-Ranges: bytes
Age: 275 X-Cache: HIT from localhost             表示缓存命中
Via: 1.0 localhost (squid/3.0.STABLE15)
Connection: close
测试时注意iptables设置
待续....
　　爱慕尔商城欢迎您的光临！
穿衣打扮
城市物语

账号		自动登录	找回密码
密码			立即注册

wirelessnetview好用的无线分析工具

亿图图示专家(EDraw Max) V7.9 中文破解版

zabbix3.4.1安装部署+微信推送信息+大屏显

Red Hat OpenShift I: Containers & Kubern

2025 年，C++ 还能“硬核”多久？

RH199 RHCSA Rapid Track

Red Hat RHCE 8 (EX294) Cert Guide

[经验分享] squid3.0编译安装和详细配置

浏览过的版块

扫码加入运维网微信交流群