Quick Installation Guide for server squid2.5stable

Quick Installation Guide for server squid2.5stable-Linux Enterprise Application-Linux server application information. For details, refer to the following section. Quick Installation Guide for squid 2.5 stable


ATU/Aborigen Yin

Http://www.bsdbase.com



Objective: To provide common proxy and transparent proxy services for the Intranet on the gateway. IP addresses are used as access control conditions and no other access control is required.


# Installation


# For FreeBSD, we recommend that you install the following ports:

Cd/usr/ports/devel/autoconf

Make clean

Make install clean


Cd/usr/ports/devel/automake

Make clean

Make install clean


# First, configure your network to ensure that the host with squid installed can access the Internet normally;

Ping www.163.com

# Use a domain name to test DNS resolution;


# Run the following command as root.

# Obtain the latest stable source code

Http://www.squid-cache.org


Mkdir-p/usr/local/src/distfiles

Cd/usr/local/src/distfiles

# FreeBSD

Fetch http://www.squid-cache.org/Versi... -2.5.STABLE1.tar.gz

# Linux

Wget http://www.squid-cache.org/Versi... -2.5.STABLE1.tar.gz


Tar xfz squid-2.5.STABLE1.tar.gz-C ..


Cd./squid-2.5.STABLE1

./Configure -- prefix =/usr/local/squid

Make

Make install


# Permission change is necessary. Refer to squid. conf

# Cache_inclutive_user nobody

# Cache_inclutive_group nobody

# Default usage

Chown-R nobody: nobody/usr/local/squid/var


# Configure as needed;

# Vi/usr/local/squid/etc/squid. conf

# TAG: http_port

# Usage: port

# Hostname: port

#1.2.3.4: port

# Default:

# Http_port 3128

Http_port 60080

# Escape unwanted proxy scans by using a custom port;


# Set URLs without proxy, and some dynamic web pages, such as rivers and lakes and chat rooms.

# TAG: no_cache

# A list of ACL elements which, if matched, cause the request

# Not be satisfied from the cache and the reply to not be cached.

# In other words, use this to force certain objects to never be cached.

#

# You must use the word 'deny' to indicate the ACL names which shold

# NOT be cached.

#

# We recommend you to use the following two lines.

Acl QUERY urlpath_regex cgi-bin \? Asp php shtml php3 cgi

No_cache deny QUERY



# ACCESS CONTROLS

#-----------------------------------------------------------------------------


# TAG: acl

# Defining an Access List

#

# Acl aclname acltype string1...

# Acl aclname acltype "file "...

#

# When using "file", the file shoshould contain one item per line

# Define the Intranet (assume there are 172.16.0.0/16; 192.168.0.0/16; 10.0.0.0/8 );

Acl lan-a src 172.16.0.0/16

Acl lan-B src 192.168.0.0/16

Acl lan-c src 10.0.0.0/8


# By default, squid rejects all connections;

# Default:

# Http_access deny all

#

# Open to the above Intranet addresses

Http_access allow lan-

Http_access allow lan-B

Http_access allow lan-c


# Recommended minimum configuration:

#


# Set transparent proxy as follows. skip this step if you do not need transparent proxy.

# Set redirection on the firewall of the gateway to redirect the Intranet access requests to 80 to squid:

# Ipfilter rules

# Rdr $ LAN_NIC 0/0 port 80->; $ SQUID_HOST_ADDR port $ SQUID_PROXY_PORT tcp

# Iptables rules

# Iptables-t nat-a prerouting-I $ LAN_NIC-p tcp-m tcp -- dport 80-j DNAT -- to $ SQUID_HOST_ADDR: $ SQUID_PROXY_PORT

# Restrict redirection of requests from a specified source;

# Iptables-t nat-a prerouting-I $ LAN_NIC-p tcp-m tcp-s $ INTERNAL_NETWORK/$ INTERNAL_MASK -- dport 80-j DNAT -- to $ SQUID_HOST_ADDR: $ SQUID_PROXY_PORT

# Enable transparent proxy

Httpd_accel_host virtual

Httpd_accel_port 80

Httpd_accel_with_proxy on

# Cache when used as a transparent proxy

# Note that the following line is off by default.

Httpd_accel_uses_host_header on



# Initialize the buffer directory

/Usr/local/squid/sbin/squid-z


# Startup/shutdown management script

# Vi/usr/local/sbin/squid. sh


#! /Bin/sh

Case "$1" in


Start)

If [-x/usr/local/squid/sbin/squid]; then

/Usr/local/squid/sbin/squid & echo. & echo 'squid proxy server started .'

Fi

;;


Stop)

Killall squid & echo. & echo 'squid proxy server stopped .'

;;

Restart)

Echo.

Echo "Restart Squid proxy server ......"

$0 stop

Sleep 30

$0 start

;;

*)

Echo "$0 start | stop | restart"

;;


Esac

# End of/usr/local/sbin/squid. sh


Chmod 700/usr/local/sbin/squid. sh


# Automatic startup

# FreeBSD

Ln-s/usr/local/sbin/squid. sh/usr/local/etc/rc. d

# Linux

Ln-s/usr/local/sbin/squid. sh/etc/rc. d/rc3.d/S99Squid-prxoy