免费注册 查看新帖 |

Chinaunix

  平台 论坛 博客 文库
论坛 IT运维 服务器应用 看不懂的Squid配置
最近访问板块 发新帖
查看: 2232 | 回复: 1
打印 上一主题 下一主题

[proxy] 看不懂的Squid配置 [复制链接]

zhgypg

论坛徽章:
0
跳转到指定楼层
1 [收藏(0)] [报告]
发表于 2009-08-11 10:15 |只看该作者 |倒序浏览
#accel listen port
http_port 80 accel vhost vport
#accel domain
cache_peer 192.168.0.97 parent 80 0 no-query originserver no-digest name=www
cache_peer_domain 192.168.0.97

#acl
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 8080
acl LanSrc src 192.168.0.0/24
acl LanDst dst 192.168.0.0/24
acl LanDstDM dstdomain 192.168.0.97

acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow LanSrc
http_access allow LanDst
http_access allow LanDstDM
http_access deny all

#base
visible_hostname 192.168.0.97
cache_mgr kuliusheng@Yahoo.com.cn
cache_effective_user squid
cache_effective_group squid

error_directory /usr/local/squid3/share/errors/Simplify_Chinese
icon_directory /usr/local/squid3/share/icons
mime_table /usr/local/squid3/etc/mime.conf

cache_replacement_policy lru
#cache_dir
cache_dir aufs /data/cache1 32768 64 64
cache_dir aufs /data/cache2 32768 64 64
cache_mem 2048 MB
max_open_disk_fds 0
#maximum_object_size 512 KB
#maximum_object_size_in_memory 256 KB
maximum_object_size 20 MB
maximum_object_size_in_memory 8 MB

#keepalived
client_persistent_connections off
server_persistent_connections on
#persistent_request_timeout 60 seconds

#memory_pools on
#memory_pools_limit 64 MB

forwarded_for on
log_icp_queries off

via off
httpd_suppress_version_string off

ie_refresh off
tcp_recv_bufsize 32 KB

#acl webservices rep_header Server -i ^linuxtoneWS ^Apache ^nginx
#broken_vary_encoding allow webservices

#hidden the squid header
#reply_header_access Server deny all
#reply_header_access X-Cache deny all
#reply_header_access Warning deny all
#reply_header_access Expires deny all
#reply_header_access Cache-Control deny all
#reply_header_access age deny all
#reply_header_access All deny all

ipcache_size 1024
ipcache_low 90
ipcache_high 95

memory_replacement_policy lru

hosts_file /etc/hosts
request_header_max_size 128 KB

#deny cache
hierarchy_stoplist cgi-bin ? .php
acl QUERY urlpath_regex cgi-bin? .php
acl DIRECT url_regex -i ^http://192.168.0.97/$
acl DIRECT url_regex -i ^http://192.168.0.193/$
acl DIRECT url_regex -i ^http://www.linuxtone.com/$
acl DIRECT url_regex -i ^http://photo.linuxtone.com/.*$
acl DIRECT url_regex -i ^http://www.linuxtone.com/index.html$
cache deny QUERY
cache deny DIRECT

#request_body_max_size 0 KB

refresh_pattern ^ftp: 60    20%    10080
refresh_pattern ^gopher: 60    0%    1440
refresh_pattern . 0    20%    1440
refresh_pattern -i .css$    360     50%    2880    reload-into-ims
refresh_pattern -i .js$    1440    50%    2880    reload-into-ims
refresh_pattern -i .html$    720     50%    1440    reload-into-ims
refresh_pattern -i .jpg$    1440    90%    2880    ignore-reload
refresh_pattern -i .gif$    1440    90%    2880    ignore-reload
refresh_pattern -i .swf$    1440    90%    2880    ignore-reload
refresh_pattern -i .jpg$    1440    50%    2880    ignore-reload
refresh_pattern -i .png$    1440    50%    2880    ignore-reload
refresh_pattern -i .bmp$    1440    50%    2880    ignore-reload

refresh_pattern -i .doc$    1440 50%    2880    ignore-reload
refresh_pattern -i .ppt$    1440 50%    2880    ignore-reload
refresh_pattern -i .xls$    1440 50%    2880    ignore-reload
refresh_pattern -i .pdf$    1440 50%    2880    ignore-reload
refresh_pattern -i .rar$    1440 50%    2880    ignore-reload
refresh_pattern -i .zip$    1440 50%    2880    ignore-reload
refresh_pattern -i .txt$    1440 50%    2880    ignore-reload

quick_abort_min 20 KB
quick_abort_max 20 KB
quick_abort_pct 95

connect_timeout 1 minute
negative_ttl 0 minutes
read_timeout 30 seconds
pconn_timeout 120 seconds
shutdown_lifetime 5 seconds
strip_query_terms off

#snmp
#snmp_port 3401
#acl snmppublic snmp_orgmunity snsimg
#snmp_access allow snmppublic localhost
#snmp_access deny all

icp_port 0

# logfile
emulate_httpd_log on
#logformat combined %{X-Forwarded-For}>h %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %<st "%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh
#access_log none
#access_log /data/logs/access.log combined
logformat squid %ts.%03tu %6tr %>a %Ss/%03Hs %<st %rm %ru %un %Sh/%<A %mt
access_log /data/logs/access.log squid
#cache_store_log /var/log/squid/store.log
cache_store_log /dev/null
cache_log /data/logs/cache.log
logfile_rotate 12

# MISCELLANEOUS
store_objects_per_bucket 15
client_db off



其中的:
#deny cache
hierarchy_stoplist cgi-bin ? \.php
acl QUERY urlpath_regex cgi-bin\? \.php
acl DIRECT url_regex -i ^http:\/\/192.168.0.97\/$
acl DIRECT url_regex -i ^http:\/\/192.168.0.193\/$
acl DIRECT url_regex -i ^http:\/\/www\.linuxtone\.com\/$
acl DIRECT url_regex -i ^http:\/\/photo\.linuxtone\.com\/.*$
acl DIRECT url_regex -i ^http:\/\/www\.linuxtone\.com\/index\.html$
cache deny QUERY
cache deny DIRECT

是做什么用的呢?
ljily000

论坛徽章:
0
2 [报告]
发表于 2009-08-12 23:44 |只看该作者
cache deny QUERY
cache deny DIRECT

不缓存cgi和php动态内容
限制访问http://192.168.0.97等网站

更详细
参看你的squid/etc/squid.conf.default
实战分享:从技术角度谈机器学习入门| 【大话IT】RadonDB低门槛向MySQL集群下战书 | ChinaUnix打赏功能已上线! | 新一代分布式关系型数据库RadonDB知多少?
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 注册

本版积分规则 发表回复

  

北京盛拓优讯信息技术有限公司. 版权所有 京ICP备16024965号-6 北京市公安局海淀分局网监中心备案编号:11010802020122 niuxiaotong@pcpop.com 17352615567
未成年举报专区
中国互联网协会会员  联系我们:huangweiwei@itpub.net
感谢所有关心和支持过ChinaUnix的朋友们 转载本站内容请注明原作者名及出处

清除 Cookies - ChinaUnix - Archiver - WAP - TOP