¦øªA¾¹squid 2.5 stable§Ö³t¦w¸Ë«ü«n

squid 2.5 stable§Ö³t¦w¸Ë«ü«n

ªü¤g/Aborigen Yin

http://www.bsdbase.com

¥Ø¼Ð¡G¦bºôÃö¤W¬°¤ººô´£¨Ñ´¶³q¥N²z¥H¤Î³z©ú¥N²zªA°È¡A¥Hip¦a§}¬°³X°Ý±±¨î±ø¥ó¡A¤£»Ý­n¨ä¥L³X°Ý±±¨î¡C

#¦w¸Ë

#¦pªG¬OFreeBSD¡A«Øij¦w¸Ë¦p¤Uports¡G

cd /usr/ports/devel/autoconf

make clean

make install clean

cd /usr/ports/devel/automake

make clean

make install clean

#­º¥ý¡A°t¸m¦n§Aªººô¸ô¡A«OÃÒ¦w¸Ësquidªº¥D¾÷¯à¥¿±`¤Wºô¡F

ping www.163.com

#¥Î°ì¦W¬O¬°¤F´ú¸ÕDNS¸ÑªR¡F

#¥H¤U¥Hroot¨­¥÷°õ¦æ¡C

#Àò±o³Ì·sstable·½½X

http://www.squid-cache.org

mkdir -p /usr/local/src/distfiles

cd /usr/local/src/distfiles

#FreeBSD

fetch http://www.squid-cache.org/Versions/v2/2.5/squid-2.5.STABLE1.tar.gz

#Linux

wget http://www.squid-cache.org/Versions/v2/2.5/squid-2.5.STABLE1.tar.gz

tar xfz squid-2.5.STABLE1.tar.gz -C ..

cd ../squid-2.5.STABLE1

./configure --prefix=/usr/local/squid

make

make install

#³\¥iÅv§ïÅܬO¥²­nªº¡F°Ñ¦Òsquid.conf

#cache_effective_user nobody

#cache_effective_group nobody

#Àq»{¨Ï¥Î

chown -R nobody:nobody /usr/local/squid/var

#«ö·Ó§Aªº»Ý­n°t¸m¡F

#vi /usr/local/squid/etc/squid.conf

# TAG: http_port

# Usage: port

# hostname:port

# 1.2.3.4:port

#Default:

# http_port 3128

http_port 60080

#°kÁ×°Q¹½ªº¥N²z±½´y¡A¨Ï¥Î¤@­Ó¦Û©w¸qªººÝ¤f¡F

#³]¸m¤£¥N²zªºurl¡A¤@¨Ç°ÊºAºô­¶¡A¤ñ¦p¦¿´ò¡B²á¤Ñ«Ç¡C

# TAG: no_cache

# A list of ACL elements which, if matched, cause the request to

# not be satisfied from the cache and the reply to not be cached.

# In other words, use this to force certain objects to never be cached.

#

# You must use the word 'DENY' to indicate the ACL names which should

# NOT be cached.

#

#We recommend you to use the following two lines.

acl QUERY urlpath_regex cgi-bin \? asp php shtml php3 cgi

no_cache deny QUERY

# ACCESS CONTROLS

# -----------------------------------------------------------------------------

# TAG: acl

# Defining an Access List

#

# acl aclname acltype string1 ...

# acl aclname acltype "file" ...

#

# when using "file", the file should contain one item per line

#©w¸q¤ººô¡]°²³]¦³172.16.0.0/16;192.168.0.0/16;10.0.0.0/8¡^;

acl lan-a src 172.16.0.0/16

acl lan-b src 192.168.0.0/16

acl lan-c src 10.0.0.0/8

#squidªºÀq»{°t¸m¬O©Úµ´©Ò¦³³s±µ¡F

#Default:

# http_access deny all

#

#¹ï¤W­z¤ººô¦a§}¶}©ñ

http_access allow lan-a

http_access allow lan-b

http_access allow lan-c

#Recommended minimum configuration:

#

#¥H¤U³]¸m³z©ú¥N²z¡A¦pªG§A¤£¥Î³z©ú¥N²z¡A¥i¥H¸õ¹L¡C

#¦bºôÃöªº¨¾¤õÀð¤W³]¸m­«©w¦V¡A§â¤ººô¹ï80ªº³X°Ý½Ð¨D­«©w¦V¨ìsquid¡G

#Ipfilter rules

#rdr $LAN_NIC 0/0 port 80 ->; $SQUID_HOST_ADDR port $SQUID_PROXY_PORT tcp

#Iptables rules

#iptables -t nat -A PREROUTING -i $LAN_NIC -p tcp -m tcp --dport 80 -j DNAT --to $SQUID_HOST_ADDR:$SQUID_PROXY_PORT

#­­©w¹ï«ü©w¨Ó·½ªº½Ð¨D°µ­«©w¦V¡F

#iptables -t nat -A PREROUTING -i $LAN_NIC -p tcp -m tcp -s $INTERNAL_NETWORK/$INTERNAL_MASK --dport 80 -j DNAT --to $SQUID_HOST_ADDR:$SQUID_PROXY_PORT

#±Ò¥Î³z©ú¥N²z

httpd_accel_host virtual

httpd_accel_port 80

httpd_accel_with_proxy on

#§@³z©ú¥N²zªº¦P®É½w¦s

#ª`·N¤U­±¤@¦æ¡AÀq»{¬Ooffªº.

httpd_accel_uses_host_header on

#ªì©l¤Æ½w½Ä¥Ø¿ý

/usr/local/squid/sbin/squid -z

#¶}¾÷Ãö¾÷ºÞ²z¸}¥»

#vi /usr/local/sbin/squid.sh

#!/bin/sh

case "$1" in

start)

if [ -x /usr/local/squid/sbin/squid ]; then

/usr/local/squid/sbin/squid && echo . && echo 'Squid proxy server started.'

fi

;;

stop)

killall squid && echo . && echo 'Squid proxy server stopped.'

;;

restart)

echo .

echo "Restart Squid proxy server ......"

$0 stop

sleep 30

$0 start

;;

*)

echo "$0 start | stop | restart"

;;

esac

#end of /usr/local/sbin/squid.sh

chmod 700 /usr/local/sbin/squid.sh

#¶}¾÷¦Û°Ê°õ¦æ

#FreeBSD

ln -s /usr/local/sbin/squid.sh /usr/local/etc/rc.d

#Linux

ln -s /usr/local/sbin/squid.sh /etc/rc.d/rc3.d/S99Squid-prxoy