- 论坛徽章:
- 0
|
架构环境:
一台squid(192.168.8.137),两台apache(8.138/8.139):
一.针对squid机器:
1.下载squid:
wget http://www.squid-cache.org/Versions/v2/2.6/squid-2.6.STABLE16.tar.bz2
2.安装并配置squid-2.6.STABLE16.tar.bz2
# tar -jxvf squid-2.6.STABLE16.tar.bz2
# cd squid-2.6.STABLE16
# ./configure --prefix=/usr/local/squid --enable-dlmalloc --with-pthreads --enable-poll --disable-internal-dns --enable-stacktrace --enable-removal-policies="heap,lru" --enable-delay-pools --enable-storeio="aufs,coss,diskd,ufs" --with-maxfd=65536
# make;make install
3.相关配置文件如下
# http_port 80 vhost vport
#·将goat转嫁给百度
acl goat referer_regex -i goat
http_access deny goat
deny_info
http://www.baidu.com/logs.gif
goat
#阻止百度蜘蛛
acl baidu req_header User-Agent Baiduspider
http_access deny baidu
#限制同一IP的最大连接数
acl OverConnLimit maxconn 128
http_access deny OverConnLimit
#阻止被人利用为http代理,设置可以访问的IP
#acl myip dst 192.168.8.137
#http_access deny !myip
#允许本地管理
acl Manager proto cache_object
acl Localhost src 127.0.0.1 192.168.8.139
http_access allow Manager Localhost
cachemgr_passwd 53034338 all
http_access deny Manager
#仅仅允许80端口的代理
acl all src 0.0.0.0/0.0.0.0
acl Safe_ports port 80 # http
http_access deny !Safe_ports
http_access allow all
#Squid信息设置
visible_hostname happy.swjtu.edu.cn
cache_mgr
cifan.h@gmail.com
#基本设置
cache_effective_user nobody
cache_effective_group nobody
tcp_recv_bufsize 65535 bytes
#2.6反向代理加速设置
#cache_peer 127.0.0.1 parent 80 0 no-query originserver
cache_peer 192.168.8.138 parent 80 0 no-query originserver
acl dstA dstdomain .www.goat.com
cache_peer_access 192.168.8.138 allow dstA
#cache_peer 192.168.8.142 parent 80 0 no-query originserver
#acl dstB dstdomain .www.hcy2.cn
#cache_peer_access 192.168.8.142 allow dstB
#cache_peer 192.168.8.143 parent 80 0 no-query originserver
#acl dstC dstdomain .www.chr.cn
#cache_peer_access 192.168.8.143 allow dstC
#错误文档
error_directory /usr/local/squid/share/errors/Simplify_Chinese
#单台使用.不使用该功能
icp_port 0
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \? .php .cgi .avi .wmv .rm .ram .mpg .mpeg .zip .exe
cache deny QUERY
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
cache_store_log none
pid_filename /usr/local/squid/var/logs/squid.pid
emulate_httpd_log on
logformat combined %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %h" "%{User-Agent}>h" %Ss:%Sh
cache_log /usr/local/squid/var/logs/cache.log
access_log /usr/local/squid/var/logs/access.log combined
coredump_dir /usr/local/squid/var/cache
cache_dir ufs /usr/local/squid/var/cache 10000 16 256
dns_children 32
hosts_file /etc/hosts
cache_mem 400 MB
cache_swap_low 90
cache_swap_high 95
maximum_object_size 32768 KB
maximum_object_size_in_memory 4096 KB
emulate_httpd_log on
#防止盗链
acl picurl url_regex -i \.bmp$ \.png$ \.jpg$ \.gif$ \.jpeg$
acl mystie1 referer_regex -i happy.swjtu.edu.cn
http_access allow mystie1 picurl
acl nullref referer_regex -i ^$
http_access allow nullref
acl hasref referer_regex -i .+
http_access deny hasref picurl
4.dns解析:
在/etc/hosts
192.168.8.138
www.goat.com
www
5.启动squid
# /usr/local/squid/sbin/squid -z
# /usr/local/squid/sbin/squid -d
# /usr/local/squid/sbin/squid -NCd1
二.192.168.8.138机器
安装并启动apache
192.168.8.139机器同上
三. 用winxp(192.168.8.140)--机器测试
c:/windows/system32/drivers/hosts
添加192.168.8.137
www.goat.com
测试: 在浏览器输入:
http://www.goat.com
即可
关闭192.168.8.138的apache,再访问试下
本文来自ChinaUnix博客,如果查看原文请点:http://blog.chinaunix.net/u/25840/showart_1003917.html |
|
免费注册
发表于 2008-06-17 18:15