- 论坛徽章:
- 0
|
安装squid ( for 2.7 stable )
修改源代码:vi src/errorpage.c 60行处将
"\n<BR clear=\"all\">\n"
"<HR noshade size=\"1px\">\n"
"<ADDRESS>\n"
"Generated %T by %h (%s)\n"
"</ADDRESS>\n"
删除,让squid错误页面不产生服务器信息。
mkdir -p /usr/local/squid
./configure
configure options: '--prefix=/usr/local/squid' '--enable-storeio=diskd,ufs,aufs,null' '--enable-async-io=80' '--enable-icmp' '--enable-removal-policies=heap,lru' '--enable-useragent-log' '--enable-snmp' '--enable-referer-log' '--enable-kill-parent-hack' '--enable-cache-digests' '--enable-default-err-language=Simplify_Chinese' '--enable-err-languages=Simplify_Chinese' '--enable-gnuregex' '--enable-ipf-transparent' '--enable-pf-transparent' '--enable-follow-x-forwarded-for' '--disable-wccp' '--disable-delay-pools' '--disable-ident-lookups' '--disable-arp-acl' '--with-large-files
make; make install; make clean
mkdir /usr/local/squid/helper
mkdir /usr/local/squid/che
cd hepler/external_acl/session; make
cp squid_session /usr/local/squid/helper
chmod 777 /usr/local/squid/che
chmod 777 /usr/local/squid/var
chmod 777 /usr/local/squid/var/logs
grep –v “^#” /etc/squid/squid.conf | sed –e ‘/^$/d’ > /etc/squid/squid.conf.orig
mv /etc/squid.conf /etc/squid.conf.system
mv /etc/squid/squid.conf.orig /etc/squid/squid.conf
squid.conf 内容:
external_acl_type session ttl=300 negative_ttl=0 children=1 concurrency=200 %SRC /usr/local/squid/helper/squid_session -t 900 //客户端第一个网页转向
acl session external session //
acl all src all
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
acl rangeget req_header Range .* //定义多线程下载规则
http_access deny !session //只有第一个执行才能打开
deny_info firstpage session //deny_info指定的页面
http_access deny rangeget //不允许多线程下载
#http_access allow manager localhost
#http_access deny manager
#http_access deny !Safe_ports
#http_access deny CONNECT !SSL_ports
#http_access allow localnet
http_access allow all
icp_access allow localnet
icp_access deny all
http_port 127.0.0.1:3128 transparent //
http_port 192.168.101.1:3128 transparent //绑定IP和端口,透明代理
http_port 192.168.188.1:3128 transparent //
access_log /usr/local/squid/var/logs/access.log squid //各种日志信息存放路径
cache_log /usr/local/squid/var/logs/cache.log
cache_store_log /usr/local/squid/var/logs/store.log
pid_filename /usr/local/squid/var/squid.pid
coredump_dir /usr/local/squid/var/coredump
cache_mem 100 MB //使用内存 总内存的一半
maximum_object_size_in_memory 40 KB //内存中对像大小
cache_swap_low 90
cache_swap_high 95
cache_dir aufs /usr/local/squid/che 500 16 256 //缓存目录
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
acl shoutcast rep_header X-HTTP09-First-Line ^ICY.[0-9]
upgrade_http0.9 deny shoutcast
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
header_access Via deny all //
header_access X-Cache deny all //隐藏服务器信息
header_access X-Cache-Lookup deny all //
header_access X-Forward-For deny all //
via off // 隐藏服务器信息
check_hostnames on //检查主机名称
allow_underscore //允许出现下划线
logfile_rotate 4 //rotate后保存日志数量
cache_mgr rainren_openbsd@yahoo.cn
visible_hostname rain
httpd_suppress_version_string on // 隐藏服务器信息
建立firstpage (用户每次开IE自动显示)放在/usr/local/squid/share/errors/Simplify_Chinese:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="refresh" content="10; url=http://www.google.com/">
<meta http-equiv="Content-Type" content="text/html; charset=gb2312" />
<title>rainren</title>
<style type="text/css">
legend {
font-size:18px;
font-weight:bold;
color:black;
}
p {
font-size:16px;
color:#FF0000;
}
</style>
</head>
<body>
<fieldset>
<legend>热诚欢迎您</legend>
<br />
<br />
<p>吃饭了吗?</p>
<br />
<p>有您的参与,网络更精彩!</p>
<br />
</fieldset>
</body>
</html>
/usr/local/squid/sbin/squid -z
/usr/local/squid/sbin/squid -D -sYC & |
|