Squid Reverse proxy Server

Last Update:2016-12-17 Source: Internet

Author: User

Tags squid proxy

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

Brief introduction:

Squid reverse proxy is often used for server side, Client access Squid Proxy Server 80 port, Squid Proxy Server according to the configuration to request the backend Web server,

The requested information is then saved locally and passed back to the client, and when another client requests the same resource, the SQUID proxy server directly passes the information in the cache back to the client.

First, install Squid

Shell > Ulimit-n # Default Open file descriptor is 1024, to increase it 1024shell > vim/etc/security/limits.conf*-nofile 65535

# # Defines the maximum number of open files for a single user is 65535, to restart the server to take effect, if the online server is not convenient to restart, then use Ulimit-n 65535来 temporarily modified

Shell > Vim/etc/selinux/configselinux=enforcing # Change enforcing to Disabled, also restart the server to take effect, it is inconvenient to use Setenforce to temporarily close SE Linuxshell > Rebootshell > Ulimit-n65535shell > getenforcedisabled

# # re-confirm that the modification was successful

Shell > Yum-y Install squidshell > Rpm-qa squidsquid-3.1.10-29.el6.x86_64

Second, configure the reverse proxy

shell > mkdir /opt/squid_cache  #  creating a cache directory Shell > chown -r  squid.squid /opt/squid_cache  #  change of owner, genus Group Shell > > /etc/squid/ squid.conf  #  Empty the default profile Shell > vim /etc/squid/squid.confcache_effective_user  squidcache_effective_group squid##  start  Squid  user, group http_port 192.168.1.88:80  accel vhost##  port monitoring on  192.168.1.88 ,accel  refers to the acceleration mode,vhost  used to forward the request Dns_nameservers  8.8.8.8##  to enable  Squid  resolve a domain name, you need to define a real  DNS  address visible_hostname  study.localhost.localdomain##  computer name, can be  IP  address for error page display cache_mgr [email protected]##   Admin Email address for the display cache_mem 300 mb##  memory cache size on the error page, specifying how much physical memory can be used as the cache. If this server is a dedicated cache server, it can be specified as half of the physical memory. Otherwise it should not be greater than One-third cache_dir ufs /opt/squid_cache 4096 16 256##  cache directory size of  4g  This can be based on the actual disk size, with  16  two level directory, each two-level directory has &Nbsp;256  subdirectory maximum_object_size 4 mb##  The maximum cache file size is  4mb&nbsp, and is passed directly to the user without caching cache_access _log /var/log/squid/access.log##  Access log file path, record the user access  Internet  details, you can view each user's Internet records cache_log  /var/log/squid/cache.log##  cache log file path, logging cache-related log information cache_store_log /var/log/squid/store.log##   Web cache log file path, records the page in the cache call situation logfile_rotate 7##  log rotation,7  representative reserved  6  old log and  1  New log (  need to match  crond  to use  ) cache_swap_high 90##  cache disk space is automatically cleaned up when it is larger than  90%  Cache_swap _low 80##  cleaning to  80%  stop cache_peer 192.168.1.80 parent 80 0  Originserver name=sinacache_peer 192.168.1.80 parent 80 0 originserver name =baidu## cache_peer  Specify the back-end server address,80  for the backend service port,0  to the  ICP  port number (for multiple  Squid  hours), originserver  specifies an alias for the specified resource server,name  cache_peer_domain sina sina.com www.sina.comcache_ Peer_domain baidu baidu.com www.baidu.com##  specifies the corresponding relationship, when the user requests  baidu.com  or  www.baidu.com , forwards to the alias  baidu   on the real server http_access allow all##  allow everyone to access the proxy server (must be turned on)

Third, the initial Squid

Shell > squid -z2015/01/06 17:31:14| creating swap directories2015/01/06  17:31:14| /opt/squid_cache exists2015/01/06 17:31:14| Making directories  In /opt/squid_cache/002015/01/06 17:31:14| making directories in /opt/squid_ Cache/012015/01/06 17:31:14| making directories in /opt/squid_cache/022015/01/06  17:31:14| Making directories in /opt/squid_cache/032015/01/06 17:31:14|  Making directories in /opt/squid_cache/042015/01/06 17:31:14| making directories  in /opt/squid_cache/052015/01/06 17:31:14| making directories in /opt/ squid_cache/062015/01/06 17:31:14| making directories in /opt/squid_cache/072015/01/ 06 17:31:14| making directories in /opt/squid_cache/082015/01/06 17:31:14|  Making directories&nbsP;in /opt/squid_cache/092015/01/06 17:31:14| making directories in /opt/squid_ Cache/0a2015/01/06 17:31:14| making directories in /opt/squid_cache/0b2015/01/06  17:31:14| Making directories in /opt/squid_cache/0C2015/01/06 17:31:14|  Making directories in /opt/squid_cache/0d2015/01/06 17:31:14| making directories  in /opt/squid_cache/0e2015/01/06 17:31:14| making directories in /opt/ squid_cache/0f

Four, start Squid

Shell > service squid start is starting  squid:.                                            [OK] shell > chkconfig --add squidshell > chkconfig --level 35  squid onshell > netstat -anpt | grep squidtcp         0      0 192.168.1.88:3128            0.0.0.0:*                    listen      2988/( Squid

V. Testing

shell > cat /var/log/squid/access.log | grep tcp_miss1420537525.011      34 192.168.1.110 tcp_miss/404 561 get http://alabo.com/ favicon.ico - first_up_parent/www text/html1420537527.279   1124  192.168.1.110 tcp_miss/200 2028 get http://alabo.com/ - first_up_parent/www  text/html1420537527.571    137 192.168.1.110 TCP_MISS/200 3271  get http://alabo.com/images/css.css - first_up_parent/www text/css1420537528.193     621 192.168.1.110 tcp_miss/200 140767 get http://alabo.com/images/ benner6.jpg - first_up_parent/www image/jpeg1420537528.205    770  192.168.1.110 tcp_miss/200 68852 get http://alabo.com/images/benner1.jpg - first _up_parent/www image/jpeg1420537528.599   1151 192.168.1.110 tcp_miss/200 232817 get http://alabo.com/images/ benner2.jpg - first_up_parent/www image/jpeg1420537528.606    377  192.168.1.110 tcp_miss/200 101177 get http://alabo.com/images/benner8.jpg -  first_up_parent/www image/jpeg1420537528.832   1381 192.168.1.110 tcp_miss/200  210193 get http://alabo.com/images/benner4.jpg - first_up_parent/www image/ jpeg1420537529.101   1652 192.168.1.110 tcp_miss/200 281791 get http:/ /alabo.com/images/benner3.jpg - first_up_parent/www image/jpeg1420537529.139     947 192.168.1.110 tcp_miss/200 75526 get http://alabo.com/images/benner7.jpg  - FIRST_UP_PARENT/www image/jpeg1420537529.198   1747 192.168.1.110  tcp_miss/200 244311 get http://alabo.com/images/benner5.jpg - first_up_parent/www image/jpeg1420537529.572     959 192.168.1.110 tcp_miss/200 287741 get http://alabo.com/ images/bj1.jpg - first_up_parent/www image/jpeg1420537530.190       2 192.168.1.110 TCP_MISS/404 561 GET http://alabo.com/favicon.ico -  first_up_parent/www text/html1420537531.790    200 192.168.1.110 tcp_miss/ 200 2028 get http://alabo.com/ - first_up_parent/www text/html

# # Tcp_miss represents data that is not being cached by Squid, but is fetched from the original server and returned to the user

shell > cat /var/log/squid/access.log | grep tcp_mem_hit1420537531.980       0 192.168.1.110 tcp_mem_hit/200 3277 get http:// alabo.com/images/css.css - none/- text/css1420537532.009     16  192.168.1.110 tcp_mem_hit/200 68858 get http://alabo.com/images/benner1.jpg -  none/- image/jpeg1420537532.050     31 192.168.1.110 tcp_mem_hit/200  232823 get http://alabo.com/images/benner2.jpg - none/- image/ jpeg1420537532.108     66 192.168.1.110 tcp_mem_hit/200 281797  get http://alabo.com/images/benner3.jpg - none/- image/jpeg1420537532.199     139 192.168.1.110 tcp_mem_hit/200 210199 get http://alabo.com/images/ benner4.jpg - none/- image/jpeg1420537532.201    102 192.168.1.110 tcp_mem_hit/200 244317 get http:// alabo.com/images/benner5.jpg - none/- image/jpeg1420537532.326     61  192.168.1.110 tcp_mem_hit/200 75532 get http://alabo.com/images/benner7.jpg -  none/- image/jpeg1420537532.330    112 192.168.1.110 tcp_mem_hit/200  140773 get http://alabo.com/images/benner6.jpg - none/- image/ jpeg1420537532.376     71 192.168.1.110 tcp_mem_hit/200 101183  get http://alabo.com/images/benner8.jpg - none/- image/jpeg1420537532.393     128 192.168.1.110 tcp_mem_hit/200 287747 get http://alabo.com/images/ Bj1.jpg - none/- image/jpeg

# # Tcp_mem_hit represents the data that is cached in memory by Squid and returned to the user

Shell > Cat/var/log/squid/access.log | grep tcp_hit

# # Tcp_hit represents the data that is cached in the cache directory (disk) by Squid and returned to the user

Squid Reverse proxy Server

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More