CentOS Simple Configuration Install Squid 3.0 reverse proxy _linux

Source: Internet
Author: User
Tags rar centos

Installation article:

This tutorial application environment is clean CentOS 5.5, pre-divided and load/data partition, and close SELinux and iptables

First modify the file descriptor and set the temporary port range, which takes effect after reboot

Copy Code code as follows:

Cat >>/etc/security/limits.conf <<DDD
* Soft Nofile 8192
* Hard Nofile 20480
Ddd

Cat >>/etc/sysctl.conf <<DDD
#set Temp Port Range
Net.ipv4.ip_local_port_range = 32768 61000
Ddd

Init 6

Confirm that the modification is correct
Copy Code code as follows:

[Root@sudutest ~]# Ulimit-n
8192
[Root@suduotest ~]# sysctl-n Net.ipv4.ip_local_port_range
Net.ipv4.ip_local_port_range = 32768 61000

Add Squid Special Account
Copy Code code as follows:

Groupadd Squid
Useradd-g squid-s/bin/false-m Squid

Add log directory, set permissions for cache and log directory
Copy Code code as follows:

mkdir/data/squidlog/
Chown-r Squid.squid/data

Then upload or wget squid3.0 software tar packets, tar zxvf unzip, and go into the unpacked directory to install the compiled
Copy Code code as follows:

./configure–prefix=/usr/local/squid3–enable-async-io=100–with-pthreads–enable-storeio= "Aufs,diskd,ufs" – Enable-removal-policies= "Heap,lru" –enable-icmp–enable-delay-pools–enable-useragent-log–enable-referer-log– Enable-kill-parent-hack–enable-arp-acl–enable-default-err-language=simplify_chinese–enable-err-languages= " Simplify_chinese 中文版 "–disable-poll–disable-wccp–disable-wccpv2–disable-ident-lookups–disable-internal-dns– enable-basic-auth-helpers= "NCSA" –enable-stacktrace–with-large-files–disable-mempools–with-filedescriptors= 65535–enable-ssl–enable-x-accelerator-var
Make
Make install
Make Install-pinger

Squid has been successfully installed, and then everyone's own required/usr/local/squid3/etc/squid.conf configuration file, my side of the configuration file will be posted at the end of this article for you to study.

After the configuration file is written, execute the following command to initialize the cache directory
/usr/local/squid3/sbin/squid-z
Then run squid, note: the-d parameter is used to bypass DNS detection
/usr/local/squid3/sbin/squid-d
Finally set squid boot automatically
echo "/usr/local/squid3/sbin/squid-d" >>/etc/rc.local
Maintenance article:

Here are squid's most common commands.
If you have modified the profile, reread the configuration file with the following command (immediate effect)
/usr/local/squid3/sbin/squid-k Reconfigure
Check that the configuration file configuration is syntactically correct
Note: only "cache_cf.cc" (346) squid.conf:14 unrecognized: ' Http1_port ' is a grammatical error,
"Warning:use of ' reload-into-ims ' ..." This kind of hint belongs to the opinion suggestion, can ignore.
/usr/local/squid3/sbin/squid-k Parse
Check squid logs and processes to see if squid runs properly
Copy Code code as follows:

Ps-ef |awk '/^squid/'
Cat/data/squidlog/cache.log
/USR/LOCAL/SQUID3/SBIN/SQUID-K check; echo $?

Close Squid
Send off signal and shut down after session
/usr/local/squid3/sbin/squid-k shutdown
Close squid (higher priority, direct off squid)
/usr/local/squid3/sbin/squid-k Interrupt

Close squid (highest priority, direct kill squid process)
/usr/local/squid3/sbin/squid-k Kill
Scrolling log files
/usr/local/squid3/sbin/squid-k Rotate
Set up automatic scrolling log every Tuesday four o'clock in the morning 30 minutes


echo "4 * * 2 root/usr/local/squid3/sbin/squid-k rotate" >>/etc/crontab

The current application of the squid.conf file, because the log file growth is very fast, so the direct output to/dev/null discarded
Copy Code code as follows:

#basic
Cache_effective_user Squid
Cache_effective_group Squid
Pid_filename/usr/local/squid3/var/logs/squid.pid
Visible_hostname squid.678114.com
Cache_mgr sudu@sudu.us
Error_directory/usr/local/squid3/share/errors/simplify_chinese
Icon_directory/usr/local/squid3/share/icons
Mime_table/usr/local/squid3/etc/mime.conf
Hosts_file/etc/hosts

ACL Deipadd Dstdom_regex [0-9]$
Http_access Deny Deipadd

Cache_replacement_policy LRU
Memory_replacement_policy LRU

Http_port Vhost Vport

Cache_mem 4024 MB
Maximum_object_size_in_memory 5120 KB

Icp_port 0

#.cache_dir
Cache_dir Aufs/data/cache 50000 64 128

Max_open_disk_fds 0
Maximum_object_size MB

#.cache_peer
Cache_peer 125.76.225.44 Parent 0 no-query originserver no-digest name=all
Cache_peer_domain All 678114.com

#acl
ACL safe_ports Port 80
ACL ssl_ports port 443
ACL lansrc src 192.168.100.0/24
ACL Webdomain Dstdomain 678114.com
ACL manager Proto Cache_object
ACL localhost src 127.0.0.1/255.255.255.255
ACL Connect method Connect
Http_access allow manager localhost
Http_access Deny Manager
Http_access Deny! Safe_ports
Http_access Deny CONNECT! Ssl_ports
Http_access Allow LANSRC
Http_access Allow Webdomain
Http_access Deny All

#refresh_pattern
Refresh_pattern-i/$ 90% Reload-into-ims
Refresh_pattern-i html$ 90% Reload-into-ims
Refresh_pattern-i htm$ 90% Reload-into-ims
Refresh_pattern-i shtml$ 90% Reload-into-ims
Refresh_pattern-i hml$ 90% Reload-into-ims
Refresh_pattern-i. gif$ 1440 90% 129600 reload-into-ims
Refresh_pattern-i. swf$ 1440 90% 129600 reload-into-ims
Refresh_pattern-i. jpg$ 1440 90% 129600 reload-into-ims
Refresh_pattern-i. png$ 1440 90% 129600 reload-into-ims
Refresh_pattern-i. bmp$ 1440 90% 129600 reload-into-ims
Refresh_pattern-i. js$ 90% 129600 Reload-into-ims
Refresh_pattern-i. css$ 90% 129600 Reload-into-ims
Refresh_pattern-i. wma$ 1440 90% 21600 reload-into-ims
Refresh_pattern-i. zip$ 1440 90% 21600 reload-into-ims
Refresh_pattern-i. mp3$ 1440 90% 21600 reload-into-ims
Refresh_pattern-i. rar$ 1440 90% 21600 reload-into-ims
Refresh_pattern-i. rm$ 1440 90% 21600 reload-into-ims
Refresh_pattern-i. flv$ 1440 90% 21600 reload-into-ims
Refresh_pattern-i. rar$ 1440 90% 21600 reload-into-ims
Refresh_pattern-i. rm$ 1440 90% 21600 reload-into-ims
Refresh_pattern-i. avi$ 1440 90% 21600 reload-into-ims
Refresh_pattern-i. 3gp$ 1440 90% 21600 reload-into-ims
Refresh_pattern-i. mp4$ 1440 90% 21600 reload-into-ims
Refresh_pattern-i. wmv$ 1440 90% 21600 reload-into-ims

#keepalived
Client_persistent_connections off
Server_persistent_connections on

#log
Emulate_httpd_log on
Logformat web1%{x-forwarded-for}>h%ui%un [%tl] "%rm%ru http/%rv"%Hs%<st "%{referer}>h" "%{User-Agent}>h" %ss:%sh
Cache_log/data/squidlog/cache.log
Cache_access_log/dev/null Web1
Cache_store_log/dev/null
Strip_query_terms off
Logfile_rotate 10

#other
Forwarded_for on
Log_icp_queries off
Via off
Httpd_suppress_version_string off
Ie_refresh off
tcp_recv_bufsize MB
Ipcache_size 1024
Ipcache_low 90
Ipcache_high 95
Cache_swap_low 80
Cache_swap_high 90
Request_header_max_size 128 KB

Quick_abort_min KB
Quick_abort_max KB
quick_abort_pct 95

Connect_timeout 1 minute
Negative_ttl 0 Minutes

Read_timeout seconds
Pconn_timeout seconds
Half_closed_clients off
Client_lifetime minutes
Shutdown_lifetime 5 Seconds

Hierarchy_stoplist Cgi-bin?
Access_log/dev/null Squid

This article starts in http://www.sudu.us/simple-to-install-squid-3-0-reverse-proxy-configuration/

Related Article

E-Commerce Solutions

Leverage the same tools powering the Alibaba Ecosystem

Learn more >

Apsara Conference 2019

The Rise of Data Intelligence, September 25th - 27th, Hangzhou, China

Learn more >

Alibaba Cloud Free Trial

Learn and experience the power of Alibaba Cloud with a free trial worth $300-1200 USD

Learn more >

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.