0

Squid代理服务器的安装配置(简单版)
作者:哈密瓜
hi.baidu.com/gyl4802959

1.安装
下载:ftp://ftp.cuhk.edu.hk/pub/packages/info-systems/www/squid/squid-3/DEVEL/squid-3.1.0.3.tar.gz
安装:
[root@test-1 ~]# tar zvxf squid-3.1.03.tar.gz
[root@test-1 ~]#cd squid-3.1.03
[root@test-1 squid-3.1.03]#vi in_squid.sh
代码:
ulimit -HSn 65535
./configure --prefix=/usr/local/squid \
--disable-dependency-tracking \
--enable-dlmalloc \
--enable-gnuregex \
--enable-async-io \
--with-pthreads \
--enable-storeio=ufs,aufs,diskd,null \
--disable-wccp \
--disable-wccpv2 \
--enable-kill-parent-hack \
--enable-cachemgr-hostname=localhost \
--enable-default-err-language=Simplify_Chinese \
--with-build-environment=POSIX_V6_ILP32_OFFBIG \
--with-maxfd=65535 \
--with-aio \
--disable-poll \
--enable-epoll \
--enable-linux-netfilter \
--enable-large-cache-files \
--disable-ident-lookups \
--enable-default-hostsfile=/etc/hosts \
--with-dl \
--with-large-files \
--enable-removal-policies=heap,lru \
--enable-delay-pools \
--enable-snmp \
--disable-internal-dns
[root@test-1 squid-3.1.03]#sh in_squid.sh

注意:原来我编译的时候加入 --disable-carp 这个参数,一直出错误,取消这个参数就没事了……
[root@test-1 squid-3.1.03]#make && make install
2.配置
[root@test-1 squid-3.1.03]#cd /usr/local/squid/etc
[root@test-1 etc]#ls
cachemgr.conf cachemgr.conf.default mime.conf mime.conf.default squid.conf squid.conf.default
先备份配置文件:
[root@test-1 etc]#mv squid.conf squid.conf_back
注意下一般配置文件要简洁明了,可是这里面的配置文件就是squid的使用说明,所以我们要自己新建一个配置文件
[root@test-1 etc]#vi squid.conf

#accel listen port
http_port 80 accel vhost vport
#accel domain
cache_peer 192.168.22.150 parent 80 0 no-query originserver no-digest name=test2
cache_peer_domain imgsns .test2.com 192.168.22.150

#acl
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 8080
acl LanSrc src 192.168.22.0/24
acl LanDst dst 192.168.22.0/24
acl LanDstDM dstdomain .test2.com .test2.cn

acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow LanSrc
http_access allow LanDst
http_access allow LanDstDM
http_access deny all

#base
visible_hostname www.test2.cn
cache_mgr geyongliang2003@gmail.com
cache_effective_user squid
cache_effective_group squid

error_directory /usr/local/squid/share/errors/Simplify_Chinese
icon_directory /usr/local/squid/share/icons
mime_table /usr/local/squid/etc/mime.conf

cache_replacement_policy lru
#cache_dir
cache_dir aufs /usr/local/squid/cache 32768 64 64
#cache_dir aufs /usr/local/squid/cache2 32768 64 64
cache_mem 2048 MB
max_open_disk_fds 0
maximum_object_size 512 KB
maximum_object_size_in_memory 256 KB

#keepalived
client_persistent_connections off
server_persistent_connections on
#persistent_request_timeout 60 seconds

memory_pools on
memory_pools_limit 64 MB

forwarded_for on
log_icp_queries off

via off
httpd_suppress_version_string off

ie_refresh off
tcp_recv_bufsize 32 KB

#acl webservices rep_header Server -i ^test2WS ^Apache ^nginx
#broken_vary_encoding allow webservices

#hidden the squid header
#reply_header_access Server deny all
#reply_header_access X-Cache deny all
#reply_header_access Warning deny all
#reply_header_access Expires deny all
#reply_header_access Cache-Control deny all
#reply_header_access age deny all

#reply_header_access All deny all

ipcache_size 1024
ipcache_low 90
ipcache_high 95

memory_replacement_policy lru

hosts_file /etc/hosts
request_header_max_size 128 KB

#deny cache
hierarchy_stoplist cgi-bin ? \.php
acl QUERY urlpath_regex cgi-bin\? \.php \.css
acl DIRECT url_regex -i ^http:\/\/www\.test2\.com\/$
acl DIRECT url_regex -i ^http:\/\/photo\.test2\.com\/.*$
acl DIRECT url_regex -i ^http:\/\/www\.test\.com\/index\.html$

cache deny QUERY
cache deny DIRECT

#request_body_max_size 0 KB

refresh_pattern ^ftp: 60 20% 10080
refresh_pattern ^gopher: 60 0% 1440
refresh_pattern . 0 20% 1440
#refresh_pattern -i \.css$ 360 50% 2880 reload-into-ims
refresh_pattern -i \.js$ 1440 50% 2880 reload-into-ims
refresh_pattern -i \.html$ 720 50% 1440 reload-into-ims
refresh_pattern -i \.jpg$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.gif$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.swf$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.jpg$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.png$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.bmp$ 1440 50% 2880 ignore-reload

refresh_pattern -i \.doc$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.ppt$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.xls$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.pdf$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.rar$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.zip$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.txt$ 1440 50% 2880 ignore-reload

quick_abort_min 20 KB
quick_abort_max 20 KB
quick_abort_pct 95

connect_timeout 1 minute
negative_ttl 0 minutes
read_timeout 30 seconds
pconn_timeout 120 seconds
shutdown_lifetime 5 seconds
strip_query_terms off

# snmp
#snmp_port 3401
#acl snmppublic snmp_orgmunity snsimg
#snmp_access allow snmppublic localhost
#snmp_access deny all

acl snmppublic snmp_orgmunity public
snmp_port 3401
snmp_access allow snmppublic all

icp_port 0

# logfile
emulate_httpd_log on
logformat orgbined %{X-Forwarded-For}>h %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %h" "%{User-Agent}>h" %Ss:%Sh
#access_log none
access_log /data/logs/access.log orgbined
#cache_store_log /var/log/squid/store.log
cache_store_log /dev/null
cache_log /data/logs/cache.log
logfile_rotate 12

# MISCELLANEOUS
store_objects_per_bucket 15
client_db off

3.测试配置是否正确
[root@test-1 etc]# /usr/local/squid/sbin/squid -k parse
没出问题基本就正确了,一般出的问题就是权限不对,修改下权限就可以了……

4.创建swap目录的!也就是cache_dir中的目录
[root@test-1 etc]#/usr/local/squid/sbin/squid -z 

5.启动squid
一般有两种运行方式:
前端运行:
[root@test-1 etc]#/usr/local/squid/sbin/squid -Nd1
后台运行:
[root@test-1 etc]#/usr/local/squid/sbin/squid -s
关闭squid:
/usr/local/squid/sbin/squid -k shutdown

6.配置web服务器
开启150的机器,配置apache的虚拟主机:
[root@test-2 ~]#vi /usr/local/apache2/conf/extra/httpd-vhosts.conf


ServerAdmin geyongliang2003@gmail.com
DocumentRoot "/data/www/wwwroot/www.test2.com"
ServerName www.test2.com
ServerAlias www.test2.cn
# ErrorLog "logs/dummy-host.example.com-error_log"
# CustomLog "logs/dummy-host.example.com-access_log" common

[root@test-2 ~]#cd /data/www/wwwroot/www.test2.com
[root@test-2 ~]#vi index.php

7.测试
在浏览器中代开http://192.168.22.149/ 出现:

在浏览器中代开http://192.168.22.150/ 出现:

到这里squid简单的安装配置成功

期待你一针见血的评论,Come on!

不用想啦,马上 "登录"  发表自已的想法.