Simple configuration and installation of Squid 3.0 reverse proxy in centos

Installation:

In this tutorial, the application environment is clean centos 5.5. Separate and load/data partitions in advance, and disable selinux and iptables.

First, modify the file descriptor and set the temporary port range. These settings take effect after restart.

Copy codeThe Code is as follows: cat>/etc/security/limits. conf <DDD
* Soft nofile 8192
* Hard nofile 20480
DDD

Cat>/etc/sysctl. conf <DDD
# Set temp port range
Net. ipv4.ip _ local_port_range = 32768 61000
DDD

Init 6

Confirm the modification is correctCopy codeThe Code is as follows: [root @ sudutest ~] # Ulimit-n
8192
[Root @ suduotest ~] # Sysctl-n net. ipv4.ip _ local_port_range
Net. ipv4.ip _ local_port_range = 32768 61000

Add a squid accountCopy codeThe Code is as follows: groupadd squid
Useradd-g squid-s/bin/false-M squid

Add log directory, set cache and log directory permissionsCopy codeThe Code is as follows: mkdir/data/squidlog/
Chown-R squid. squid/data

Then upload or wget squid3.0 tar package, tar zxvf decompress, and go to the decompressed directory to install and compileCopy codeThe Code is as follows :. /configure-prefix =/usr/local/squid3-enable-async-io = 100-with-pthreads-enable-storeio = "aufs, diskd, ufs "-enable-removal-policies =" heap, lru "-enable-icmp-enable-delay-pools-enable-useragent-log-enable-referer-log-enable-kill-parent-hack-enable-arp-acl-enable -default-err-language = Simplify_Chinese-enable-err-versions ages = "Simplify_Chinese English"-disable-poll-disable-wccp-disable-wccpv2-disable-ident-lookups-disable-internal- dns-enable-basic-auth-helpers = "NCSA"-enable-stacktrace-with-large-files-disable-mempools-with-filedescriptors = 65535-enable-ssl-enable- x-accelerator-var
Make
Make install
Make install-pinger

So far, squid has been successfully installed, and then you need/usr/local/squid3/etc/squid. conf configuration file. My configuration file will be posted at the end of this Article for your research.

Write the configuration file and execute the following command to initialize the cache directory.
/Usr/local/squid3/sbin/squid-z
Run squid. Note: The-D parameter is used to skip DNS detection.
/Usr/local/squid3/sbin/squid-D
Finally, set squid to automatically start upon startup.
Echo "/usr/local/squid3/sbin/squid-D">/etc/rc. local
Maintenance:

Common commands of squid are as follows:
If the configuration file has been modified, use the following command to re-read the configuration file (effective immediately)
/Usr/local/squid3/sbin/squid-k reconfigure
Check whether the syntax of the configuration file is correct.
Note: Only "cache_cf.cc (346) squid. conf: 14 unrecognized: 'http1 _ port'" like this is a syntax error,
"WARNING: use of 'reload-into-ims '......" Such prompts are suggestions and can be ignored.
/Usr/local/squid3/sbin/squid-k parse
Check squid logs and processes to see if squid is running normally.Copy codeThe Code is as follows: ps-ef | awk '/^ squid /'
Cat/data/squidlog/cache. log
/Usr/local/squid3/sbin/squid-k check; echo $?

Disable squid
Sends a signal to close the session.
/Usr/local/squid3/sbin/squid-k shutdown
Close squid (higher priority, close squid directly)
/Usr/local/squid3/sbin/squid-k interrupt

Close squid (highest priority, directly killing squid process)
/Usr/local/squid3/sbin/squid-k kill
Scroll Log File
/Usr/local/squid3/sbin/squid-k rotate
Set to automatically scroll logs every Tuesday 04:30.

Echo "30 4 ** 2 root/usr/local/squid3/sbin/squid-k rotate">/etc/crontab

The squid. conf file in the application is output directly to/dev/null because the log file is growing fast.Copy codeThe Code is as follows: # basic
Cache_inclutive_user squid
Cache_paitive_group squid
Pid_filename/usr/local/squid3/var/logs/squid. pid
Visible_hostname squid.678114.com
Cache_mgr sudu@sudu.us
Error_directory/usr/local/squid3/share/errors/Simplify_Chinese
Icon_directory/usr/local/squid3/share/icons
Mime_table/usr/local/squid3/etc/mime. conf
Hosts_file/etc/hosts

Acl DEIpadd dstdom_regex [0-9] $
Http_access deny DEIpadd

Cache_replacement_policy lru
Memory_replacement_policy lru

Http_port 80 vhost vport

Cache_mem 4024 MB
Maximum_object_size_in_memory 5120 KB

Icp_port 0

#. Cache_dir
Cache_dir aufs/data/cache 50000 64 128

Max_open_disk_fds 0
Maximum_object_size 20 MB

#. Cache_peer
Cache_peer 125.76.225.44 parent 80 0 no-query originserver no-digest name = all
Cache_peer_domain all .678114.com

# Acl
Acl Safe_ports port 80
Acl SSL_ports port 443
Acl LanSrc src 192.168.100.0/24
Acl webdomain dstdomain .678114.com
Acl manager proto cache_object
Acl localhost src 127.0.0.1/255.255.255.255
Acl CONNECT method CONNECT
Http_access allow manager localhost
Http_access deny manager
Http_access deny! Safe_ports
Http_access deny CONNECT! SSL_ports
Http_access allow LanSrc
Http_access allow webdomain
Http_access deny all

# Refresh_pattern
Refresh_pattern-I/$15 90% 600 reload-into-ims
Refresh_pattern-I. html $15 90% 600 reload-into-ims
Refresh_pattern-I. htm $15 90% 600 reload-into-ims
Refresh_pattern-I. shtml $15 90% 600 reload-into-ims
Refresh_pattern-I. hml $15 90% 600 reload-into-ims
Refresh_pattern-I. gif $1440 90% 129600 reload-into-ims
Refresh_pattern-I. swf $1440 90% 129600 reload-into-ims
Refresh_pattern-I. jpg $1440 90% 129600 reload-into-ims
Refresh_pattern-I. png $1440 90% 129600 reload-into-ims
Refresh_pattern-I. bmp $1440 90% 129600 reload-into-ims
Refresh_pattern-I. js $120 90% 129600 reload-into-ims
Refresh_pattern-I. css $120 90% 129600 reload-into-ims
Refresh_pattern-I. wma $1440 90% 21600 reload-into-ims
Refresh_pattern-I. zip $1440 90% 21600 reload-into-ims
Refresh_pattern-I. mp3 $1440 90% 21600 reload-into-ims
Refresh_pattern-I. rar $1440 90% 21600 reload-into-ims
Refresh_pattern-I. rm $1440 90% 21600 reload-into-ims
Refresh_pattern-I. flv $1440 90% 21600 reload-into-ims
Refresh_pattern-I. rar $1440 90% 21600 reload-into-ims
Refresh_pattern-I. rm $1440 90% 21600 reload-into-ims
Refresh_pattern-I. avi $1440 90% 21600 reload-into-ims
Refresh_pattern-I. 3gp $1440 90% reload-into-ims
Refresh_pattern-I. mp4 $1440 90% 21600 reload-into-ims
Refresh_pattern-I. wmv $1440 90% 21600 reload-into-ims

# Keepalived
Client_persistent_connections off
Server_persistent_connections on

# Log
Emulate_httpd_log on
Logformat web1 % {X-Forwarded-For}> h % ui % un [% tl] "% rm % ru HTTP/% rv" % Hs % <st "% {Referer}> h "" % {User-Agent}> h "% Ss: % Sh
Cache_log/data/squidlog/cache. log
Cache_access_log/dev/null web1
Cache_store_log/dev/null
Strip_query_terms off
Logfile_rotate 10

# Other
Forwarded_for on
Log_icp_queries off
Via off
Httpd_suppress_version_string off
Ie_refresh off
Tcp_recv_bufsize 32 KB
Ipcache_size 1024
Ipcache_low 90
Ipcache_high 95
Cache_swap_low 80
Cache_swap_high 90
Request_header_max_size 128 KB

Quick_abort_min 20 KB
Quick_abort_max 20 KB
Quick_abort_pct 95

Connect_timeout 1 minute
Negative_ttl 0 minutes

Read_timeout 30 seconds
Pconn_timeout 120 seconds
Half_closed_clients off
Client_lifetime 10 minutes
Shutdown_lifetime 5 seconds

Hierarchy_stoplist cgi-bin?
Access_log/dev/null squid

This article first in http://www.sudu.us/simple-to-install-squid-3-0-reverse-proxy-configuration/