码迷,mamicode.com
首页 > 其他好文 > 详细

squid

时间:2016-09-21 00:23:09      阅读:308      评论:0      收藏:0      [点我收藏+]

标签:squid

[root@cache01 squid-3.0.STABLE20]# uname -r
2.6.32-358.el6.x86_64
[root@cache01 squid-3.0.STABLE20]# cat /etc/redhat-release 
CentOS release 6.4 (Final)
hostname cache01
vi /etc/sysconfig/network
ulimit  -Hn 20480
echo "ulimit -Hn 20480" >>/etc/rc.local 
echo "net.ipv4.ip_local_port_range = 4000   65000" >>/etc/sysctl.conf 
sysctl -p |grep port_range
yum -y install openssl-devel
yum -y install gcc gcc-c++
wget http://www.squid-cache.org/Versions/v3/3.0/squid-3.0.STABLE20.tar.gz
tar xf squid-3.0.STABLE20.tar.gz 
cd squid-3.0.STABLE20
./configure --prefix=/application/squid3.0   --enable-async-io=100   --with-pthreads   --enable-storeio="aufs,diskd,ufs"   --enable-removal-policiles="heap,lru"   --enable-icmp   --enable-delay-pools   --enable-useragent-log   --enable-referer-log   --enable-kill-parent-hack   --enable-cachemgr-hostname=localhost   --enable-arp-acl   --enable-default-err-language=English   --enable-err-languages="Simplify_Chinese English"   --disable-pool   --disable-wccp   --disable-wccpv2   --disable-ident-lookups   --disable-internal-dns   --enable-basic-auth-helpers="NCSA"   --enable-stacktrace   --with-large-files   --disable-mempools   --with-filedescriptors=64000   --enable-ssl   --enable-x-accelerator-vary   --disable-snmp   --with-aio   --enable-linux-netfilter   --enable-linux-tproxy
echo $?
make
echo $?
make install
echo $?
ln -s /application/squid3.0 /application/squid
cd /application/squid/etc/
wc -l squid.conf
egrep -v "^#|^$" squid.conf
useradd squid -s /sbin/nologin -M
id squid
vim squid.conf
/application/squid/sbin/squid -k parse
chown -R squid /application/squid3.0/var/
/application/squid/sbin/squid -k parse
echo ‘export PATH=$PATH:/application/squid/sbin:/application/squid/bin‘ >>/etc/profile
. /etc/profile
echo $PATH
squid -z
yum install -y tree telnet dos2unix 
tree /application/squid/var/cache/
find /application/squid/var/cache/ -type f
squid -N -d1  #前台运行测试
ss -lntup|grep squid
ip add
#浏览器设置
tail /application/squid/var/logs/access.log
find /application/squid/var/cache/ -type f
squid -D
echo "/application/squid/sbin/squid -D" >>/etc/rc.local 
vi /etc/init.d/squid
chmod +x /etc/init.d/squid
#ACL应用
------------
vi squid.conf
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
acl localnet src 10.0.0.0/8     # RFC1918 possible internal network
acl localnet src 172.16.0.0/12  # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl SSL_ports port 443
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl sex url_regex -i ^http://.*oldboy.*
acl sex_path urlpath_regex 465726687
acl CONNECT method CONNECT
http_access deny sex
http_access deny sex_path
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localnet
http_access deny all
icp_access allow localnet
icp_access deny all
htcp_access allow localnet
htcp_access deny all
http_port 3128
hierarchy_stoplist cgi-bin ?
cache_dir ufs /application/squid3.0/var/cache 100 16 256
access_log /application/squid3.0/var/logs/access.log squid
cache_log /application/squid3.0/var/logs/cache.log
cache_store_log /application/squid3.0/var/logs/store.log
refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern (cgi-bin|\?)    0       0%      0
refresh_pattern .               0       20%     4320
cache_mgr 121361146@qq.com
cache_effective_user squid
cache_effective_group squid
visible_hostname img1.etiantian.org
icp_port 3130
coredump_dir /application/squid3.0/var/cache
------------
 squid -k parse
 squid -k reconfigure
#通过配置WEB页面查看Squid相关信息
yum install -y httpd 
find / -name "cachemgr.cgi"
vi /etc/httpd/conf/httpd.conf
ScriptAlias "/squid" "/application/squid3.0/libexec/cachemgr.cgi"
<Location "/squid">
        Order   deny,allow
        Deny    from all
        Allow   from all
</location>
sed -i ‘s#Listen 80#Listen 8080#‘ /etc/httpd/conf/httpd.conf 
http://10.6.3.151:8080/squid
#反向代理
[root@cache01 etc]# vi squid.conf
http_port 80 accel vhost vport
cache_peer img01.etiantian.org parent 80 0 no-query no-digest max-conn=32 originserver
cache_swap_low 90
cache_swap_high 95
#icp_port 3130
[root@cache01 etc]# cat /etc/hosts
10.6.3.152 img01.etiantian.org 
[root@salt-client1 html]
yum install -y httpd
cd /var/www/html/
rz
[root@salt-client1 html]# ls
1.png  2.png  3.png  4.png
/etc/init.d/httpd start
http://10.6.3.151/1.png
[root@cache01 etc]# tail -f ../var/logs/access.log 
1472031672.139      2 10.6.2.6 TCP_REFRESH_UNMODIFIED/304 245 GET http://10.6.3.151/1.png - FIRST_UP_PARENT/img01.etiantian.org -
1472031672.347      0 10.6.2.6 TCP_IMS_HIT/304 237 GET http://10.6.3.151/1.png - NONE/- image/png
1472031672.562      0 10.6.2.6 TCP_IMS_HIT/304 237 GET http://10.6.3.151/1.png - NONE/- image/png
1472031672.864      0 10.6.2.6 TCP_IMS_HIT/304 237 GET http://10.6.3.151/1.png - NONE/- image/png
1472031673.100      2 10.6.2.6 TCP_REFRESH_UNMODIFIED/304 245 GET http://10.6.3.151/1.png - FIRST_UP_PARENT/img01.etiantian.org -
1472031673.413      1 10.6.2.6 TCP_IMS_HIT/304 237 GET http://10.6.3.151/1.png - NONE/- image/png
1472031673.659      0 10.6.2.6 TCP_IMS_HIT/304 237 GET http://10.6.3.151/1.png - NONE/- image/png
1472031673.923      0 10.6.2.6 TCP_IMS_HIT/304 237 GET http://10.6.3.151/1.png - NONE/- image/png
1472031674.091      2 10.6.2.6 TCP_REFRESH_UNMODIFIED/304 245 GET http://10.6.3.151/1.png - FIRST_UP_PARENT/img01.etiantian.org -
1472031674.297      0 10.6.2.6 TCP_IMS_HIT/304 237 GET http://10.6.3.151/1.png - NONE/- image/png
1472031724.279      3 10.6.2.6 TCP_REFRESH_UNMODIFIED/304 245 GET http://10.6.3.151/1.png - FIRST_UP_PARENT/img01.etiantian.org -
1472031724.988      0 10.6.2.6 TCP_IMS_HIT/304 237 GET http://10.6.3.151/1.png - NONE/- image/png
1472031725.323      1 10.6.2.6 TCP_REFRESH_UNMODIFIED/304 245 GET http://10.6.3.151/1.png - FIRST_UP_PARENT/img01.etiantian.org -
1472031725.547      0 10.6.2.6 TCP_IMS_HIT/304 237 GET http://10.6.3.151/1.png - NONE/- image/png

squid

标签:squid

原文地址:http://youxianguang.blog.51cto.com/12081522/1854569

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!