- 论坛徽章:
- 0
|
操作系统SUSE10,1G内存,P43.0 ,squid和DNS都装在这台机器上,访问外网的时候有时候解析好慢。有时候要3-4秒。
请问是什么原因?
squid.conf
- http_port 172.28.200.11:3128
- cache_mgr guo_sheng@163.com
- cache_dir ufs /var/cache/squid 1000 16 256
- cache_mem 400 MB
- cache_swap_low 90
- cache_swap_high 95
- dns_nameservers 202.102.192.68 202.102.199.68
- maximum_object_size 4096 KB
- maximum_object_size_in_memory 8 KB
- error_directory /usr/share/squid/errors/Simplify_Chinese
- ipcache_size 1024
- ipcache_low 90
- ipcache_high 95
- fqdncache_size 1024
- hierarchy_stoplist cgi-bin ?
- hierarchy_stoplist -i ^https:\\ ?
- acl QUERY urlpath_regex -i cgi-bin \? \.asp \.php \.jsp \.cgi
- acl denyssl urlpath_regex -i ^https:\\
- no_cache deny QUERY
- no_cache deny denyssl
- cache_access_log /var/log/squid/access.log
- cache_log /var/log/squid/cache.log
- cache_store_log /var/log/squid/store.log
- cache_effective_user squid
- cache_effective_group nogroup
- visible_hostname proxy
- client_netmask 255.255.255.255
- httpd_accel_host virtual
- httpd_accel_port 80
- httpd_accel_with_proxy on
- httpd_accel_uses_host_header on
- acl admin arp "/etc/squid/adminlist"
- acl office src "/etc/squid/worklist"
- acl worktime time 8:00-12:00 14:30-18:00
- acl all src 0.0.0.0/0.0.0.0
- http_access allow admin
- http_access allow office worktime
- http_access deny all
iptables
- echo 1 > /proc/sys/net/ipv4/ip_forward
- iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
- iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
- iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-ports 3128
- iptables -t nat -A POSTROUTING -o eth0 -j SNAT
- iptables -A INPUT -p udp --dport 53 -j ACCEPT
- iptables -A INPUT -p udp --sport 53 -j ACCEPT
- iptables -A INPUT -p tcp --dport 80 -j ACCEPT
- iptables -A FORWARD -p udp --dport 53 -j ACCEPT
|
|
免费注册
发表于 2007-05-27 17:49