Squid3.0缓存服务器配置全记录

31 01月

作者:admin|分类:应用管理

Squid3.0缓存服务器配置全记录

Squid3.0缓存服务器配置一台缓存服务器对多台虚拟主机
第一步：

wget http://www.squid-cache.org/Versions/v3/3.0/squid-3.0.STABLE25.tar.gz
tar zxvf squid-3.0.STABLE25.tar.gz
cd squid-3.0.STABLE25

./configure --prefix=/usr/local/squid3 \
--enable-async-io=100 \
--with-pthreads \
--enable-storeio="aufs,diskd,ufs" \
--enable-removal-policies="heap,lru" \
--enable-icmp \
--enable-delay-pools \
--enable-useragent-log \
--enable-referer-log \
--enable-kill-parent-hack \
--enable-arp-acl \
--enable-default-err-language=Simplify_Chinese \
--enable-err-languages="Simplify_Chinese English" \
--disable-poll \
--disable-wccp \
--disable-wccpv2 \
--disable-ident-lookups \
--disable-internal-dns \
--enable-basic-auth-helpers="NCSA" \
--enable-stacktrace \
--with-large-files \
--disable-mempools \
--with-filedescriptors=65536 \
--enable-ssl \
--enable-x-accelerator-var
make
make install

第二步：nginx.conf 位置在：/usr/local/squid3/etc

#accel listen port
http_port 80 accel vhost vport
#accel domain
cache_peer 202.109.187.122 parent 80 0 no-query originserver no-digest name=a
cache_peer_domain a www.haojifang.cn
 
#acl
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80       # http
acl Safe_ports port 8080
acl LanSrc src all
acl LanDst dst all
acl LanDstDM dstdomain www.haojifang.cn
 
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow LanSrc
http_access allow LanDst
http_access allow LanDstDM
http_access deny   all
 
#base
visible_hostname www.haojifang.cn
cache_mgr admin@banyue.net
cache_effective_user squid
cache_effective_group squid
 
error_directory /usr/local/squid3/share/errors/Simplify_Chinese
icon_directory /usr/local/squid3/share/icons
mime_table /usr/local/squid3/etc/mime.conf
 
cache_replacement_policy lru
#cache_dir
cache_dir aufs /data/cache1 32768 64 64
cache_dir aufs /data/cache2 32768 64 64
cache_mem 2048 MB
max_open_disk_fds 0
#maximum_object_size 512 KB
#maximum_object_size_in_memory 256 KB
maximum_object_size 20 MB
maximum_object_size_in_memory 8 MB
 
#keepalived
client_persistent_connections off
server_persistent_connections on
#persistent_request_timeout 60 seconds
 
#memory_pools on
#memory_pools_limit 64 MB
 
forwarded_for on
log_icp_queries off
 
via off
httpd_suppress_version_string off
 
ie_refresh off
tcp_recv_bufsize 32 KB
 
#acl webservices rep_header Server -i ^linuxtoneWS ^Apache ^nginx
#broken_vary_encoding allow webservices
 
#hidden the squid3 header
#reply_header_access Server deny all
#reply_header_access X-Cache deny all
#reply_header_access Warning deny all
#reply_header_access Expires deny all
#reply_header_access Cache-Control deny all
#reply_header_access age deny all
#reply_header_access All deny all
 
ipcache_size 1024
ipcache_low 90
ipcache_high 95
 
memory_replacement_policy lru
 
hosts_file /etc/hosts
request_header_max_size 128 KB
 
#deny cache
hierarchy_stoplist cgi-bin ? \.php
acl QUERY urlpath_regex cgi-bin\? \.php
cache deny QUERY
 
#request_body_max_size 0 KB
 
refresh_pattern ^ftp:           60      20%     10080
refresh_pattern ^gopher:        60      0%      1440
refresh_pattern .               0       20%     1440
refresh_pattern -i \.css$       360    50%     2880    reload-into-ims
refresh_pattern -i \.js$        1440    50%     2880    reload-into-ims
refresh_pattern -i \.html$        720   50%     1440    reload-into-ims
refresh_pattern -i \.jpg$       1440    90%     2880    ignore-reload
refresh_pattern -i \.gif$       1440    90%     2880    ignore-reload
refresh_pattern -i \.swf$       1440    90%     2880    ignore-reload
refresh_pattern -i \.jpg$       1440      50%     2880    ignore-reload
refresh_pattern -i \.png$       1440      50%     2880      ignore-reload
refresh_pattern -i \.bmp$       1440      50%     2880      ignore-reload
 
refresh_pattern -i \.doc$ 1440    50%     2880      ignore-reload
refresh_pattern -i \.ppt$ 1440    50%     2880      ignore-reload
refresh_pattern -i \.xls$ 1440    50%     2880      ignore-reload
refresh_pattern -i \.pdf$ 1440    50%     2880      ignore-reload
refresh_pattern -i \.rar$       1440    50%     2880      ignore-reload
refresh_pattern -i \.zip$ 1440    50%     2880      ignore-reload
refresh_pattern -i \.txt$ 1440    50%     2880      ignore-reload
 
quick_abort_min 20 KB
quick_abort_max 20 KB
quick_abort_pct 95
 
connect_timeout 1 minute
negative_ttl 0 minutes
read_timeout 30 seconds
pconn_timeout 120 seconds
shutdown_lifetime 5 seconds
strip_query_terms off
 
#snmp
#snmp_port 3401
#acl snmppublic snmp_orgmunity snsimg
#snmp_access allow snmppublic localhost
#snmp_access deny all
 
icp_port 0
 
# logfile
emulate_httpd_log on
#logformat combined %{X-Forwarded-For}>h %ui %un [%tl] “%rm %ru HTTP/%rv” %Hs %<st “%{Referer}>h” “%{User-Agent}>h” %Ss:%Sh
#access_log none
#access_log /data/logs/access.log combined
logformat squid  %ts.%03tu %6tr %>a %Ss/%03Hs %<st %rm %ru %un %Sh/%<A %mt
access_log /data/logs/access.log squid
#cache_store_log /var/log/squid3/store.log
cache_store_log /dev/null
cache_log /data/logs/cache.log
logfile_rotate 12
 
# MISCELLANEOUS
store_objects_per_bucket 15
client_db off

第三步：设定目录权限

/usr/sbin/groupadd squid
/usr/sbin/useradd -g squid squid
mkdir -p /data/logs
chown squid:squid /data/logs
mkdir -p /data/cache1
chown squid:squid /data/cache1
mkdir -p /data/cache2
chown squid:squid /data/cache2

第四步：
启动squid测试

cd /usr/local/squid3/sbin
./squid -z
./squid

第五步：
配置开机自动启动squid

1	`vi` `/etc/rc.local`

在末尾增加以下内容：

1	`/usr/local/squid3/sbin/squid`

新增：
不重启squid服务，重载配置文件：

1 2	`cd` `/usr/local/squid3/sbin` `./squid` `-k reconfigure`

Squid3.0缓存服务器配置全记录

Squid3.0缓存服务器配置全记录

更多文章推荐

历史上的今天

« 2024年11月 »
一	二	三	四	五	六	日
				1	2	3
4	5	6	7	8	9	10
11	12	13	14	15	16	17
18	19	20	21	22	23	24
25	26	27	28	29	30