Installation article:
This tutorial application environment is clean CentOS 5.5, pre-divided and load/data partition, and close SELinux and iptables
First modify the file descriptor and set the temporary port range, which takes effect after reboot
Copy Code code as follows:
Cat >>/etc/security/limits.conf <<DDD
* Soft Nofile 8192
* Hard Nofile 20480
Ddd
Cat >>/etc/sysctl.conf <<DDD
#set Temp Port Range
Net.ipv4.ip_local_port_range = 32768 61000
Ddd
Init 6
Confirm that the modification is correct
Copy Code code as follows:
[Root@sudutest ~]# Ulimit-n
8192
[Root@suduotest ~]# sysctl-n Net.ipv4.ip_local_port_range
Net.ipv4.ip_local_port_range = 32768 61000
Add Squid Special Account
Copy Code code as follows:
Groupadd Squid
Useradd-g squid-s/bin/false-m Squid
Add log directory, set permissions for cache and log directory
Copy Code code as follows:
mkdir/data/squidlog/
Chown-r Squid.squid/data
Then upload or wget squid3.0 software tar packets, tar zxvf unzip, and go into the unpacked directory to install the compiled
Copy Code code as follows:
./configure–prefix=/usr/local/squid3–enable-async-io=100–with-pthreads–enable-storeio= "Aufs,diskd,ufs" – Enable-removal-policies= "Heap,lru" –enable-icmp–enable-delay-pools–enable-useragent-log–enable-referer-log– Enable-kill-parent-hack–enable-arp-acl–enable-default-err-language=simplify_chinese–enable-err-languages= " Simplify_chinese 中文版 "–disable-poll–disable-wccp–disable-wccpv2–disable-ident-lookups–disable-internal-dns– enable-basic-auth-helpers= "NCSA" –enable-stacktrace–with-large-files–disable-mempools–with-filedescriptors= 65535–enable-ssl–enable-x-accelerator-var
Make
Make install
Make Install-pinger
Squid has been successfully installed, and then everyone's own required/usr/local/squid3/etc/squid.conf configuration file, my side of the configuration file will be posted at the end of this article for you to study.
After the configuration file is written, execute the following command to initialize the cache directory
/usr/local/squid3/sbin/squid-z
Then run squid, note: the-d parameter is used to bypass DNS detection
/usr/local/squid3/sbin/squid-d
Finally set squid boot automatically
echo "/usr/local/squid3/sbin/squid-d" >>/etc/rc.local
Maintenance article:
Here are squid's most common commands.
If you have modified the profile, reread the configuration file with the following command (immediate effect)
/usr/local/squid3/sbin/squid-k Reconfigure
Check that the configuration file configuration is syntactically correct
Note: only "cache_cf.cc" (346) squid.conf:14 unrecognized: ' Http1_port ' is a grammatical error,
"Warning:use of ' reload-into-ims ' ..." This kind of hint belongs to the opinion suggestion, can ignore.
/usr/local/squid3/sbin/squid-k Parse
Check squid logs and processes to see if squid runs properly
Copy Code code as follows:
Ps-ef |awk '/^squid/'
Cat/data/squidlog/cache.log
/USR/LOCAL/SQUID3/SBIN/SQUID-K check; echo $?
Close Squid
Send off signal and shut down after session
/usr/local/squid3/sbin/squid-k shutdown
Close squid (higher priority, direct off squid)
/usr/local/squid3/sbin/squid-k Interrupt
Close squid (highest priority, direct kill squid process)
/usr/local/squid3/sbin/squid-k Kill
Scrolling log files
/usr/local/squid3/sbin/squid-k Rotate
Set up automatic scrolling log every Tuesday four o'clock in the morning 30 minutes
echo "4 * * 2 root/usr/local/squid3/sbin/squid-k rotate" >>/etc/crontab
The current application of the squid.conf file, because the log file growth is very fast, so the direct output to/dev/null discarded
Copy Code code as follows:
#basic
Cache_effective_user Squid
Cache_effective_group Squid
Pid_filename/usr/local/squid3/var/logs/squid.pid
Visible_hostname squid.678114.com
Cache_mgr sudu@sudu.us
Error_directory/usr/local/squid3/share/errors/simplify_chinese
Icon_directory/usr/local/squid3/share/icons
Mime_table/usr/local/squid3/etc/mime.conf
Hosts_file/etc/hosts
ACL Deipadd Dstdom_regex [0-9]$
Http_access Deny Deipadd
Cache_replacement_policy LRU
Memory_replacement_policy LRU
Http_port Vhost Vport
Cache_mem 4024 MB
Maximum_object_size_in_memory 5120 KB
Icp_port 0
#.cache_dir
Cache_dir Aufs/data/cache 50000 64 128
Max_open_disk_fds 0
Maximum_object_size MB
#.cache_peer
Cache_peer 125.76.225.44 Parent 0 no-query originserver no-digest name=all
Cache_peer_domain All 678114.com
#acl
ACL safe_ports Port 80
ACL ssl_ports port 443
ACL lansrc src 192.168.100.0/24
ACL Webdomain Dstdomain 678114.com
ACL manager Proto Cache_object
ACL localhost src 127.0.0.1/255.255.255.255
ACL Connect method Connect
Http_access allow manager localhost
Http_access Deny Manager
Http_access Deny! Safe_ports
Http_access Deny CONNECT! Ssl_ports
Http_access Allow LANSRC
Http_access Allow Webdomain
Http_access Deny All
#refresh_pattern
Refresh_pattern-i/$ 90% Reload-into-ims
Refresh_pattern-i html$ 90% Reload-into-ims
Refresh_pattern-i htm$ 90% Reload-into-ims
Refresh_pattern-i shtml$ 90% Reload-into-ims
Refresh_pattern-i hml$ 90% Reload-into-ims
Refresh_pattern-i. gif$ 1440 90% 129600 reload-into-ims
Refresh_pattern-i. swf$ 1440 90% 129600 reload-into-ims
Refresh_pattern-i. jpg$ 1440 90% 129600 reload-into-ims
Refresh_pattern-i. png$ 1440 90% 129600 reload-into-ims
Refresh_pattern-i. bmp$ 1440 90% 129600 reload-into-ims
Refresh_pattern-i. js$ 90% 129600 Reload-into-ims
Refresh_pattern-i. css$ 90% 129600 Reload-into-ims
Refresh_pattern-i. wma$ 1440 90% 21600 reload-into-ims
Refresh_pattern-i. zip$ 1440 90% 21600 reload-into-ims
Refresh_pattern-i. mp3$ 1440 90% 21600 reload-into-ims
Refresh_pattern-i. rar$ 1440 90% 21600 reload-into-ims
Refresh_pattern-i. rm$ 1440 90% 21600 reload-into-ims
Refresh_pattern-i. flv$ 1440 90% 21600 reload-into-ims
Refresh_pattern-i. rar$ 1440 90% 21600 reload-into-ims
Refresh_pattern-i. rm$ 1440 90% 21600 reload-into-ims
Refresh_pattern-i. avi$ 1440 90% 21600 reload-into-ims
Refresh_pattern-i. 3gp$ 1440 90% 21600 reload-into-ims
Refresh_pattern-i. mp4$ 1440 90% 21600 reload-into-ims
Refresh_pattern-i. wmv$ 1440 90% 21600 reload-into-ims
#keepalived
Client_persistent_connections off
Server_persistent_connections on
#log
Emulate_httpd_log on
Logformat web1%{x-forwarded-for}>h%ui%un [%tl] "%rm%ru http/%rv"%Hs%<st "%{referer}>h" "%{User-Agent}>h" %ss:%sh
Cache_log/data/squidlog/cache.log
Cache_access_log/dev/null Web1
Cache_store_log/dev/null
Strip_query_terms off
Logfile_rotate 10
#other
Forwarded_for on
Log_icp_queries off
Via off
Httpd_suppress_version_string off
Ie_refresh off
tcp_recv_bufsize MB
Ipcache_size 1024
Ipcache_low 90
Ipcache_high 95
Cache_swap_low 80
Cache_swap_high 90
Request_header_max_size 128 KB
Quick_abort_min KB
Quick_abort_max KB
quick_abort_pct 95
Connect_timeout 1 minute
Negative_ttl 0 Minutes
Read_timeout seconds
Pconn_timeout seconds
Half_closed_clients off
Client_lifetime minutes
Shutdown_lifetime 5 Seconds
Hierarchy_stoplist Cgi-bin?
Access_log/dev/null Squid
This article starts in http://www.sudu.us/simple-to-install-squid-3-0-reverse-proxy-configuration/