Install and deploy squid3.0 on centos

Environment: centos5.4 squid3.0x

Download the latest squid3x stable version to the http://www.squid-cache.org

 

1. Prepare the centos Environment

Groupadd squid

Useradd-S/sbin/nologin-D/dev/null-G squid

Mkdir/dev/SHM/tmp

Chmod 1777/dev/SHM/tmp

Mount -- bind/dev/SHM/tmp

2. Install squid

 

./Configure -- prefix =/usr/squid/
-- Enable-debug-cbdata/
-- Enable-async-IO = 100/
-- With-pthreads/
-- Enable-storeio = "aufs, diskd, UFS "/
-- Enable-removal-policies = "heap, LRU "/
-- Enable-ICMP/
-- Enable-delay-pools/
-- Enable-useragent-log/
-- Enable-Referer-log/
-- Enable-kill-parent-hack/
-- Enable-ARP-ACL/
-- Enable-default-err-Language = simplify_chinese/
-- Enable-err-extensions ages = "simplify_chinese English "/
-- Disable-poll/
-- Disable-WCCP/
-- Disable-wccpv2/
-- Disable-Ident-lookups/
-- Disable-Internal-DNS/
-- Enable-Basic-auth-helpers = "NCSA "/
-- Enable-stacktrace/
-- With-large-files/
-- Disable-mempools/
-- With-filedescriptors = 65535/
-- Enable-SSL/
-- Enable-X-accelerator-VaR
Make
Make install

 

3. Configure squid

Http_port 3128 accel vhost vport

# Accel domain
Cache_peer 127.0.0.1 parent 80 0 no-query originserver no-digest name = WWW
# Cache_peer_domain WWW 192.168.56.2

# ACL
ACL manager proto cache_object
ACL localhost SRC 127.0.0.1/255.255.255.255
ACL ssl_ports port 443 563
ACL safe_ports port 80 3128
ACL safe_ports port 8080 3128
ACL lansrc SRC 192.168.56.0/24
ACL landst DST 192.168.56.0/24
# ACL landstdm dstdomain

ACL connect method connect
Http_access allow manager localhost
Http_access deny Manager
Http_access deny! Safe_ports
Http_access deny connect! Ssl_ports
Http_access allow lansrc
Http_access allow landst
# Http_access allow landstdm
Http_access deny all

# Base
Visible_hostname 192.168.56.2
Cache_mgr cache@126.com
Cache_inclutive_user squid
Cache_paitive_group squid

# Error_directory/usr/squid/share/error/simplify_chinese

Icon_directory/usr/squid/share/icons
Mime_table/usr/squid/etc/mime. conf

Cache_replacement_policy LRU
# Cache_dir
Cache_dir aufs/tmp 32768 64 64
Cache_mem 128 MB
Max_open_disk_fds 0
Maximum_object_size 20 mb
Maximum_object_size_in_memory 8 MB

# Keepalived
Client_persistent_connections off
Server_persistent_connections on
# Persistent_request_timeout 60 seconds

# Memory_pools on
# Memory_pools_limit 64 MB

Forwarded_for on
Log_icp_queries off

Via off
Httpd_suppress_version_string off

Ie_refresh off
Tcp_recv_bufsize 32 KB

# ACL WebServices rep_header server-I ^ lzzws ^ Apache ^ nginx
# Broken_vary_encoding allow WebServices

# Hiddeen the Squid Header

# Reply_header_access server deny all
# Reply_header_access X-Cache deny all
# Reply_header_access warning deny all
# Reply_header_access expires deny all
# Reply_header_access cache-control deny all
# Reply_header_access age deny all
# Reply_header_access all deny all

Ipcache_size 1024
Ipcache_low 90
Ipcache_high 95

Memory_replacement_policy LRU

Hosts_file/etc/hosts
Request_header_max_size 128 KB

# Deny Cache
Hierarchy_stoplist cgi-bin? /. Php
ACL query urlpath_regex cgi-bin /? /. Php
ACL direct url_regex-I ^ http: // 192.168.56.2
Cache deny Query
Cache deny direct

# Request_body_max_size 0 KB

Refresh_pattern ^ ftp: 60 20% 10080
Refresh_pattern ^ gopher: 60 0% 1440

Refresh_pattern ^ gopher: 60 0% 1440
Refresh_pattern. 0 20% 1440
Refresh_pattern-I/. CSS $360 50% 2880 reload-into-IMS
Refresh_pattern-I/. js $1440 50% 2880 reload-into-IMS
Refresh_pattern-I/. html $720 50% 1440 reload-into-IMS
Refresh_pattern-I/. jpg $1440 90% 2880 ignore-Reload
Refresh_pattern-I/. gif $1440 90% 2880 ignore-Reload
Refresh_pattern-I/. SWF $1440 90% 2880 ignore-Reload
Refresh_pattern-I/. jpg $1440 50% 2880 ignore-Reload
Refresh_pattern-I/. PNG $1440 50% 2880 ignore-Reload
Refresh_pattern-I/. BMP $1440 50% 2880 ignore-Reload

Refresh_pattern-I/. Doc $1440 50% 2880 ignore-Reload
Refresh_pattern-I/. ppt $1440 50% 2880 ignore-Reload
Refresh_pattern-I/. xls $1440 50% ignore-Reload
Refresh_pattern-I/. pdf $1440 50% 2880 ignore-Reload
Refresh_pattern-I/. rar $1440 50% 2880 ignore-Reload
Refresh_pattern-I/. Zip $1440 50% 2880 ignore-Reload
Refresh_pattern-I/. txt $1440 50% 2880 ignore-Reload

Quick_abort_min 20 KB
Quick_abort_max 20 KB
Quick_abort_pct 95

Connect_timeout 1 minute
Negative_ttl 0 minutes
Read_timeout 30 seconds
Pconn_timeout 120 seconds
Shutdown_lifetime 5 seconds
Strip_query_terms off

# SNMP
# Snmp_port 3401
# ACL snmppublic snmp_orgmunity snsimg
# Snmp_access allow snmppublic localhost
# Snmp_access deny all

Icp_port 0

# Logfile
Emulate_httpd_log on
# Logformat combined %> H % UI % UN [% TL]/"% RM % Ru HTTP/% RV/" % hs % <ST/"%> H /"/" %> H/"% SS: % sh
# Access_log none
# Access_log/data/logs/access. Log combined
Logformat squid % ts. % 03tu % 6tr %> A % SS/% 03hs % <st % RM % Ru % UN % sh/% <a % Mt
Access_log/usr/squid/log/access. Log squid
# Cache_store_log/var/log/squid3/store. Log
Cache_store_log/dev/null
Cache_log/usr/squid/log/cache. Log
Logfile_rotate 12

# Miscellaneous
Store_objects_per_bucket 15
Client_db off