Squid cache(简称为Squid)是一个流行的自由软件(GNU通用公共许可证)的代理服务器和Web缓存服务器。Squid有广泛的用途,从作为网页服务器的前置cache服务器缓存相关请求来提高Web服务器的速度,到为一组人共享网络资源而缓存万维网,域名系统和其他网络搜索,到通过过滤流量帮助网络安全,到局域网通过代理上网。Squid主要设计用于在Unix一类系统运行。
以下介绍它的第一个作用:正向代理
正向代理 是一个位于客户端和原始服务器(origin server)之间的服务器,为了从原始服务器取得内容,客户端向代理发送一个请求并指定目标(原始服务器),然后代理向原始服务器转交请求并将获得的内容返回给客户端。客户端必须要进行一些特别的设置才能使用正向代理
# yum install squid -y //yum安装squid
# vim /etc/sysctl.conf //修改开启路由转发功能
# grep -i ip_forward /etc/sysctl.conf
net.ipv4.ip_forward= 1
# sysctl -p //使路由转发功能生效
net.ipv4.ip_forward = 1
net.ipv4.conf.default.rp_filter= 1
... ...
#
配置文件修改
# vim /etc/squid/squid.conf //修改squid主配置文件
# grep -vE '^#|^$'/etc/squid/squid.conf
acl manager proto cache_object
acl localhost src 127.0.0.1/32::1
acl to_localhost dst 127.0.0.0/80.0.0.0/32 ::1
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl localnet src fc00::/7 # RFC 4193 local private network range
acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged)machines
acl host1 src192.168.0.0/24 # 自定义主机
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow managerlocalhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT!SSL_ports
http_accessallow host1 #允许自定义主机访问
http_access allow localnet
http_access allow localhost
http_access deny all
http_port 8080 #代理端口,习惯上使用8080端口
hierarchy_stoplist cgi-bin ?
cache_dir ufs/var/spool/squid 100 16 256
#ufs为缓存存储类型,在该目录下使用的缓冲值为100MB,允许在“/var/spool/squid”下创建的第一级子目录数为16,每个第一级子目录下可以创建的第二级子目录数量为256
coredump_dir /var/spool/squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i(/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
//添加修改以上红色部分就能搭建简单的squid正向代理了
//注:cache_men不能超过cache_dir中的一个数值,否则会出现如下报错,
停止 squid:2012/08/21 16:05:46| WARNING cache_mem is larger than totaldisk cache space!
# squid -z //初始化缓存空间
2012/08/21 15:29:37| WARNINGcache_mem is larger than total disk cache space!
2012/08/21 15:29:37| CreatingSwap Directories //查看swap缓存目录
2012/08/21 15:29:37|/var/spool/squid exists
2012/08/21 15:29:37| Makingdirectories in /var/spool/squid/00
2012/08/21 15:29:37| Makingdirectories in /var/spool/squid/01
2012/08/21 15:29:37| Makingdirectories in /var/spool/squid/02
2012/08/21 15:29:37| Makingdirectories in /var/spool/squid/03
2012/08/21 15:29:37| Makingdirectories in /var/spool/squid/04
2012/08/21 15:29:37| Makingdirectories in /var/spool/squid/05
2012/08/21 15:29:37| Makingdirectories in /var/spool/squid/06
2012/08/21 15:29:37| Makingdirectories in /var/spool/squid/07
2012/08/21 15:29:37| Makingdirectories in /var/spool/squid/08
2012/08/21 15:29:37| Makingdirectories in /var/spool/squid/09
2012/08/21 15:29:37| Makingdirectories in /var/spool/squid/0A
2012/08/21 15:29:37| Makingdirectories in /var/spool/squid/0B
2012/08/21 15:29:37| Makingdirectories in /var/spool/squid/0C
2012/08/21 15:29:37| Makingdirectories in /var/spool/squid/0D
2012/08/21 15:29:37| Makingdirectories in /var/spool/squid/0E
2012/08/21 15:29:37| Making directoriesin /var/spool/squid/0F
[root@localhost ~]#
# /etc/init.d/squid start