In this article, squid is placed on the server 172.20.65.201, where the Application Web Server IP address is 172.20.65.203, squid listens on port 80 on port 201, and the client machine is 172.20.65.231, at squid. # In conf indicates the annotation. To enable a certain setting, remove the previous #. The tag indicates the setting of each function item.
1. Download
Download squid for Windows (my version is squid 2.7.stable6, and the configuration of each version may be slightly different. Please note)
2. Installation
Decompress squid to c: \ squid (you can also decompress it to another drive letter)
3. Create disk cache and log directory
By default, a disk is created under the mounted disk. To ensure high performance, a drive letter with a large disk space is created, for example, the D: \ squid \ var directory is created, create the logs and cache directories under the VaR directory, where the logs directory is used to store logs, and the cache directory is used to store hard disk cache data.
4. Create cache object operation Permissions
To store captured data in the cache directory, create a system account, such as squidapp, and grant D: \ squid to the user group.
5. File changes
C: \ squid \ etc is the storage of squid configuration information. To ensure security, back up the configuration file before you modify it, and then copy squid. conf. change default to squid. conf,
Modify mime. conf. Default to mime. conf and cachemgr. conf. Default to cachemgr. conf.
6. Configure squid
Most configurations of squid are in Squid. conf. The environment used in this article is as follows:
Enable the following access control:
ACL all SRC all ACL manager proto cache_object ACL localhost SRC 127.0.0.1/32 ACL to_localhost DST 127.0.0.0/8 ACL localnet SRC 172.16.65.231/255.255.255.0.0 specify the local network and mask
Enable access port
acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT
Please note the sequence when enabling access control.
http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow all http_access allow localnet http_access deny all
Specify squid to listen on port 80, and vhost to specify acceleration Mode
http_port 80 vhost
172.20.65.203 backend web server, parent refers to the parent node, 80 refers to the backend website port, 0 ICP service port, no-query originserver option for obtaining Cache
cache_peer 172.20.65.203 parent 80 0 no-query originserver
Cache settings
Maximum_object_size_in_memory 1024 kb cache_dir ufs d:/squid/var/cache 1024 16 256 note path maximum_object_size 4096 kb cache_swap_low 90 cache_swap_high 95
Log Settings
Access_log D:/squid/var/logs/access. log squid access log cache_log D:/squid/var/logs/cache. log cache_store_log D:/squid/var/logs/store. log emulate_httpd_log on
Control page cache content
refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern . 0 20% 4320 refresh_pattern -i \.css$ 20 50% 120 reload-into-ims refresh_pattern -i \.xml$ 20 50% 120 reload-into-ims refresh_pattern -i \.html$ 20 90% 120 reload-into-ims refresh_pattern -i \.jpg$ 20 90% 120 reload-into-ims refresh_pattern -i \.png$ 20 90% 120 reload-into-ims refresh_pattern -i \.gif$ 20 90% 120 ignore-reload refresh_pattern -i \.js$ 20 90% 120 reload-into-ims refresh_pattern -i \.htm$ 20 90% 120 reload-into-ims
Set email
cache_mgr webmaster_breeze
Set local host files
hosts_file c:/windows/system32/drivers/etc/hosts
7. Install the service
Install squid as a Service. Command Format:
Squid-I [-F configfile] [-N servicename], for example, C: \ squid \ sbin \ squid-I-n squid_proxy
8. initialize the cache directory
c:\squid\sbin\squid -z
9. Start the squid_proxy service.
Run services. MSC. Open the service window and select squid_proxy. If error 90% occurs during startup, it is a problem in the configuration file.
10. Squid command
Squid-K reconfigure // enable the new configuration file squid-K rotate // truncation log squid-K shutdown // stop squid-DX debug when the service cannot be started
For more configurations, see
Iv. Squid Test
Find a machine for testing and view the access. log. If tcp_deny information appears, the configuration is incorrect. If the following information is displayed, tcp_mem_hit/200 indicates that squid has taken effect and the request is responded from the memory of the squid running machine.
######################
Common Debugging commands
######################
1. initialize the cache directory you configured in Squid. conf.
# Squid/sbin/squid-Z // This command is required when you start the squid service for the first time
If an error message is displayed, check the permission of your cache directory.
2. Check the syntax and configuration of squid. conf.
# Squid/sbin/squid-K parse
If squid. conf has a syntax or configuration error, a prompt will be returned. If no result is returned, congratulations, you can try to start squid.
3. Start squid on the frontend and output the startup process.
# Squid/sbin/squid-n-D1
If there is ready to server reques, congratulations, the startup is successful.
Press Ctrl + C to stop squid and start it later.
4. Start squid to run in the background.
# Squid/sbin/squid-S
At this time, you can view the system process in PS-A, and you can see two squid processes.
5. Stop squid
# Squid/sbin/squid-K shutdown
You don't need to explain this.
6. Reboot the modified squid. conf file.
# Squid/sbin/squid-K reconfigure
This estimation is often used. You can modify squid at any time when you find that your configuration is not satisfactory. conf, and then do not forget your squid. conf troubleshooting, and then execute this command to let the running squid repeat your squid. conf to run.
7. Add the squid to the system startup Item
Edit/etc/rc. d/rc. Local
Add the following lines:/usr/local/squid/sbin/squid-S
Of course, not everyone likes this startup method. You can use the method you like most or install it as a service.
Others
1. Modify the cache directory permissions.
# Chown-r squid: Squid/home/Cache
My cache directory is/home/cache. Squid execution users and user groups are squid and squid.
2. Modify squid log directory permissions
# Chown-r squid: Squid/usr/local/squid/var/logs
This step is not suitable for every user who uses Squid. It means that squid has the permission to perform write operations in this directory.
For example, generate access. Log cache. Log store. Log
3. view your log document.
# More/usr/local/squid/var/logs/access. log | grep tcp_mem_hit
This command shows that some files are cached into the memory by squid during squid operation and returned to the access user.
# More/usr/local/squid/var/logs/access. log | grep tcp_hit
This command shows that during the squid operation, the files are cached by squid into the cache directory and returned to the access user.
# More/usr/local/squid/var/logs/access. log | grep tcp_miss
This command shows that some files are not cached by squid during squid operation, but are retrieved from the original server and returned to the accessed user.
For information on parameters and representatives such as tcp_xxxx, see Chapter 13.2.1 of Peng Yonghua's squid Chinese authoritative guide.
Of course, the blue text in this example can be changed to other parameters, such as your domain name, you can also see the access. log line about this domain name.
4. Squid-K rotate the squid log file/var/log/squid, Squid Proxy Server Log File
The increase speed is amazing, it is easy to take a penalty full disk space, resulting in the system not working properly, or even a crash. to solve the problem that log files are growing too fast, squid adopts the "rotation" method. in squid. in Conf, you can use logfile_rotate to set the number of file rotations, for example:
Logfile_rotate 10. Generally, the crontab timer is used to rotate logs cyclically. For example, to rotate logs at every Saturday, run the following command: crontab-e.
0 2 ** 6 squid-K rotate
Tip: the default error message of squid is English. It is inconvenient for users with poor English. Add the following in/etc/squid. conf:
Error_directory/usr/share/squid/errors/simplify_chinese to display Chinese error messages.