Showing posts with label Squid installation. Show all posts
Showing posts with label Squid installation. Show all posts

Tuesday, April 19, 2011

Squid installation

The following tutorial describes the installation of squid. squid.conf for the content of his writings taken from balinux.or.id,
made by relatives egi (egi@nuxegi.net). to the contents of squid.conf, can be modified according to our needs

Squid installation
1. extract package
# Tar-xvzf squid-2.6.STABLE4.tar.gz

2. and compile Squid
[Root @ gateway squid-2.6.STABLE4] #. / Configure-prefix = / usr / local / squid-sysconfdir = / etc /-enable-gnuregex-enable-icmp-enable-delay-pools-enable-snmp-enable- htcp-enable-ssl-enable-cache-Digests-enable-linux-netfilter-enable-large-cache-files-enable-carp-with-pthreads-enable-carp-with-pthreads-enable-storeio = diskd, ufs - enable-removal-policies = heap-enable-arp-acl-enable-forw-via-db-enable-leakfinder-enable-truncate-enable-underscores-enable-stacktraces-enable-dlmalloc

[Root @ gateway squid-2.6.STABLE4] # make
[Root @ gateway squid-2.6.STABLE4] # make install

3. create cache directory, then change the access rights
[Root @ gateway squid-2.6.STABLE4] # mkdir-mode = 777 / usr / local / squid / var / cache
[Root @ gateway squid-2.6.STABLE4] # chown-Rf squid.squid / usr / local / squid / var / cache /
4. Create the file access.log and cache.log
[Root @ gateway squid-2.6.STABLE4] # touch / usr / local / squid / var / logs / access.log
[Root @ gateway squid-2.6.STABLE4] # touch / usr / local / squid / var / logs / cache.log
5. make file access permissions
[Root @ gateway squid-2.6.STABLE4] # chown-Rf squid.squid / usr / local / squid / var / logs /
[Root @ gateway squid-2.6.STABLE4] # chmod-Rf 777 / usr / local / squid / var / cache /

Editting squid.conf
"File / etc / squid.conf"
# File: squid.conf
# Creted by: egi@nuxegi.net
#
#-------------------------
# Port used 8080 or 3128
#-------------------------
http_port 8080
icp_port 3130
#-------------------------
# Options proxy
#-------------------------
# Cache_peer 202.xxx.xxx.xxx parent 8080 3130 no-query default
# Cache_peer sv.us.ircache.net parent 3128 3130 login = egi@nuxegi.net.id: FafboluveuvEecgi
# Cache_peer sj.us.ircache.net parent 3128 3130 login = egi@nuxegi.net.id: FafboluveuvEecgi
# Icp_query_timeout 2000
# Maximum_icp_query_timeout 2000
# Mcast_icp_query_timeout 2000
# Dead_peer_timeout 15 seconds
hierarchy_stoplist cgi-bin
hierarchy_stoplist?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
# Prefer_direct off
#-------------------------
# Options cache needs
#-------------------------
cache_mem 8 MB
cache_swap_low 90
cache_swap_high 95
minimum_object_size 0 KB
maximum_object_size 100 MB
maximum_object_size_in_memory 20 KB
ipcache_size 1024
ipcache_low 90
ipcache_high 95
fqdncache_size 1024
cache_replacement_policy heap GDSF
memory_replacement_policy heap GDSF
#-------------------------
# Log file and directory where the cache ... cache directory can be made more than 1 (one)
#-------------------------
diskd cache_dir / usr / local / squid / var / cache 3000 16 256 Q1 = 72 Q2 = 64
store_dir_select_algorithm round-robin
cache_access_log / usr / local / squid / var / logs / access.log
cache_log / usr / local / squid / var / logs / cache.log
cache_store_log / usr / local / squid / var / logs / store.log
emulate_httpd_log off
log_ip_on_direct off
log_fqdn off
log_mime_hdrs off
log_icp_queries off
buffered_logs off
debug_options ALL, 1
mime_table / squid / etc / mime.conf

#-------------------------
# Options For External Support Programs
#-------------------------
ftp_user admin@dapenbni.co.id
ftp_list_width 32
ftp_passive on
# Dns_nameservers 202.155.0.10 202.155.0.15
unlinkd_program / usr / local / squid / libexec / unlinkd
redirect_rewrites_host_header on
#-------------------------
# Options For Peer Database
#-------------------------
digest_generation on
digest_bits_per_entry 10
digest_rebuild_period 30 minutes
digest_rewrite_period 30 minutes
digest_swapout_chunk_size 6000 bytes
client_persistent_connections on
server_persistent_connections on
pipeline_prefetch on
store_dir_select_algorithm round-robin
#-------------------------
# Optimize cache
#-------------------------
request_header_max_size 10 KB
request_body_max_size 3 MB
# Reply_body_max_size 500 MB
refresh_pattern-i \. gif $ 10,080 90% 43,200
refresh_pattern-i \. jpg $ 10,080 90% 43,200
refresh_pattern-i \. bomb \. gov \. au 30 20% 120
refresh_pattern-i \. html $ 480 50% 22 160
refresh_pattern-i \. htm $ 480 50% 22 160
refresh_pattern-i \. class $ 10,080 90% 43,200
refresh_pattern-i \. zip $ 10,080 90% 43,200
refresh_pattern-i \. jpeg $ 10,080 90% 43,200
refresh_pattern-i \. mid $ 10,080 90% 43,200
refresh_pattern-i \. shtml $ 480 50% 22 160
refresh_pattern-i \. exe $ 10,080 90% 43,200
refresh_pattern-i \. THM $ 10,080 90% 43,200
refresh_pattern-i \. wav $ 10,080 90% 43,200
refresh_pattern-i \. txt $ 10,080 90% 43,200
refresh_pattern-i \. CAB $ 10,080 90% 43,200
refresh_pattern-i \. au $ 10,080 90% 43,200
refresh_pattern-i \. mov $ 10,080 90% 43,200
refresh_pattern-i \. xbm $ 10,080 90% 43,200
refresh_pattern-i \. ram $ 10,080 90% 43,200
refresh_pattern-i \. avi $ 10,080 90% 43,200
refresh_pattern-i \. chtml $ 480 50% 22 160
refresh_pattern-i \. THB 43,200 $ 10,080 90%
refresh_pattern-i \. DCR $ 10,080 90% 43,200
refresh_pattern-i \. bmp $ 10,080 90% 43,200
refresh_pattern-i \. phtml $ 480 50% 22 160
refresh_pattern-i \. mpg $ 10,080 90% 43,200
refresh_pattern-i \. pdf $ 10,080 90% 43,200
refresh_pattern-i \. art $ 10,080 90% 43,200
refresh_pattern-i \. swf $ 10,080 90% 43,200
refresh_pattern-i \. mp3 $ 10,080 90% 43,200
refresh_pattern-i \. ra $ 10,080 90% 43,200
refresh_pattern-i \. LWW $ 10,080 90% 43,200
refresh_pattern-i \. viv $ 10,080 90% 43,200
refresh_pattern-i \. doc $ 10,080 90% 43,200
refresh_pattern-i \. gz $ 10,080 90% 43,200
refresh_pattern-i \. Z $ 10,080 90% 43,200
refresh_pattern-i \. tgz $ 10,080 90% 43,200
refresh_pattern-i \. tar $ 10,080 90% 43,200
refresh_pattern-i \. VRM $ 10,080 90% 43,200
refresh_pattern-i \. VRML $ 10,080 90% 43,200
refresh_pattern-i \. AIF $ 10,080 90% 43,200
refresh_pattern-i \. aifc $ 10,080 90% 43,200
refresh_pattern-i \. aiff $ 10,080 90% 43,200
refresh_pattern-i \. arj $ 10,080 90% 43,200
refresh_pattern-i \. c $ 10,080 90% 43,200
refresh_pattern-i \. dial $ 10,080 90% 43,200
refresh_pattern-i \. dir $ 10,080 90% 43,200
refresh_pattern-i \. dxr $ 10,080 90% 43,200
refresh_pattern-i \. hqx $ 10,080 90% 43,200
refresh_pattern-i \. JPE $ 10,080 90% 43,200
refresh_pattern-i \. lha $ 10,080 90% 43,200
refresh_pattern-i \. LZH $ 10,080 90% 43,200
refresh_pattern-i \. midi $ 10,080 90% 43,200
refresh_pattern-i \. movie $ 10,080 90% 43,200
refresh_pattern-i \. mp2 $ 10,080 90% 43,200
refresh_pattern-i \. mpe $ 10,080 90% 43,200
refresh_pattern-i \. mpeg $ 10,080 90% 43,200
refresh_pattern-i \. mpga $ 10,080 90% 43,200
refresh_pattern-i \. pl $ 10,080 90% 43,200
refresh_pattern-i \. ppt $ 10,080 90% 43,200
refresh_pattern-i \. ps $ 10,080 90% 43,200
refresh_pattern-i \. qt $ 10,080 90% 43,200
refresh_pattern-i \. qtm $ 10,080 90% 43,200
refresh_pattern-i \. race $ 10,080 90% 43,200
refresh_pattern-i \. seafood $ 10,080 90% 43,200
refresh_pattern-i \. crunches $ 10,080 90% 43,200
refresh_pattern-i \. tif $ 10,080 90% 43,200
refresh_pattern-i \. tiff $ 10,080 90% 43,200
refresh_pattern-i \. snd $ 10,080 90% 43,200
refresh_pattern-i \. wrl $ 10,080 90% 43,200
refresh_pattern ^ ftp:// 480 60% 22 160
refresh_pattern ^ gopher: / / 30 20% 120
refresh_pattern. 22 160 480 50%
# Reference_age 1 month
quick_abort_min 16 KB
32 KB quick_abort_max
quick_abort_pct 95
negative_ttl 5 minutes
positive_dns_ttl 6 hours
negative_dns_ttl 10 minutes
range_offset_limit 0 KB
connect_timeout 360 seconds
read_timeout 15 minutes
request_timeout 360 seconds
client_lifetime 100 day
half_closed_clients on
pconn_timeout 120 seconds
ident_timeout 10 seconds
shutdown_lifetime 30 seconds
announce_period 7 day
#-------------------------
# Timeouts
#-------------------------
connect_timeout 120 seconds
peer_connect_timeout 60 seconds
# Siteselect_timeout 6 seconds
read_timeout 5 minutes
request_timeout 20 seconds
client_lifetime 1 day
half_closed_clients on
pconn_timeout 60 seconds
ident_timeout 5 seconds
shutdown_lifetime 30 seconds
#-------------------------
# Information Administrativ
#-------------------------
cache_mgr admin@dapenbni.co.id
cache_effective_user Squid
cache_effective_group Squid
visible_hostname gateway.dapenbni.co.id
unique_hostname gateway.dapenbni.co.id
#-------------------------
# Cache
#-------------------------
announce_host gateway.dapenbni.co.id
announce_port 8080
#-------------------------
# Needs Transparent Proxy
#-------------------------
virtual httpd_accel_host
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
httpd_accel_single_host off

#-------------------------
Other #
#-------------------------
logfile_rotate 5
memory_pools on
200 MB memory_pools_limit
forwarded_for on
log_icp_queries on
icp_hit_stale on
minimum_direct_hops 5
minimum_direct_rtt 400
store_avg_object_size 13 KB
store_objects_per_bucket 50
client_db off
netdb_low 900
netdb_high 1000
netdb_ping_period 1 minutes
query_icmp on
test_reachability on
reload_into_ims on
# Fake_user_agent SiNK1NGfuNK/1.0 (CP / M, 128-bit)
#-------------------------
# Access Management
#-------------------------
acl all src 0 / 0
internal acl src 192.168.0.0/24
acl src allowedhost 202.xxx.xxx.xxx
# Acl block-i gohip url_regex
# Acl blok1 url_regex bonzi-i
# Acl blok2 url_regex-i Lolitas
# Acl blok3 url_regex-i passthison
# Acl blok4 url_regex-i dewisex
# Acl blok5 url_regex-i lolitasworld
# Acl blok6 url_regex-i netsetter
acl src localservers 202.xxx.xxx.xxx
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
port 443 563 acl SSL_ports
acl Safe_ports port 80 21 443 563 808 -65 535 70 210 1025
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777
acl CONNECT method CONNECT
always_direct allow localhost
always_direct allow internal
always_direct allow allowedhost
http_access allow manager localhost
http_access deny manager
http_access deny! Safe_ports
http_access deny CONNECT! SSL_ports
# Http_access deny block
# Http_access deny blok1
# Http_access deny blok2
# Http_access deny blok3
# Http_access deny blok4
# Http_access deny blok5
# Http_access deny blok6
http_access allow localhost
http_access allow internal
http_access allow allowedhost
http_access allow localservers
http_access deny all
icp_access allow all
miss_access allow all
# Snmp_access allow localhost
# Snmp_access deny all
# Snmp_port 3401
# Acl snmppublic public snmp_community
# Snmp_access allow snmppublic allowed_hosts
# Snmp_access deny all
never_direct allow all
#-------------------------
# Parameters Delaypool
#-------------------------
url_regex magic_words1 acl-i 202 154
url_regex magic_words2 acl-i ftp. exe. mp3. vqf. tarballs. gz. rpm. zip. rar. avi. mpeg. mpe. mpg. qt. ram. rm. iso. raw. wav
delay_pools 2
delay_class 1 2
# -1/-1 Mean That there are no limits
delay_parameters 1 -1/-1 -1/-1
delay_access 1 allow magic_words1
delay_class 2 2
delay_parameters 2 4000/150000 4000/120000
delay_access 2 allow magic_words2

run Squid
[Root @ gateway squid-2.6.STABLE4] # / usr / local / squid / sbin / squid-z
[Root @ gateway squid-2.6.STABLE4] # / usr / local / squid / sbin / squid-SYD

Check squid
[Root @ gateway squid-2.6.STABLE4] # netstat-plnat grep squid
tcp 0 0 0.0.0.0:8080 0.0.0.0: * LISTEN 14066 / (squid)
READ MORE - Squid installation
Posted by Pengobatan herbal at 11:13 PM 0 comments
Labels:
Subscribe to: Posts (Atom)
 
THANK YOU FOR VISITING