?View Code SQUID_CONF
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113

#squid.conf
#服务器IP 192.168.108.109
 
#Squid信息设置
visible_hostname squid2.jobkoo.com
cache_mgr root@localhost.localdomain
 
 
#监听服务器的80端口,透明代理,支持域名和IP的虚拟主机
http_port 80 accel vhost vport defaultsite=www.myhome2.com
 
 
#基本ACL设置
acl all src 0.0.0.0/0.0.0.0
acl Localhost src 127.0.0.1
acl myhost src 192.168.108.108 192.168.108.109 192.168.108.161 192.168.108.162
acl localnet  src 127.0.0.1 192.168.108.108 192.168.108.109
 
#仅允许80端口的代理
acl Safe_ports port 80 3130
 
# 定义可以清理缓存的访问权限
acl PURGE method PURGE
 
#允许本地管理
acl Manager proto cache_object # cache_object机制是squid的特性。它用于访问squid的缓存管理接口
 
# 防盗链
acl allow_ref referer_regex -i ^http://.+\.myhome2\.com/.*$ ^http://.+\.jobkoo\.com/.*$
acl deny_ref referer_regex -i .+
http_access allow allow_ref
http_access deny deny_ref
 
#deny_info http://www.baidu.com/img/baidu_logo.gif fdlacl
 
# icp 配置
icp_port 3130
log_icp_queries on
icp_hit_stale on
icp_query_timeout 200
# 只允许定义的localhost 主机执行icp查询
icp_access allow localnet
icp_access deny all
 
# 访问控制
http_access allow myhost
http_access allow Manager Localhost
http_access deny Manager
http_access deny !Safe_ports
http_access allow all
http_access allow PURGE localhost
http_access deny PURGE
 
 
 
#基本设置
cache_effective_user squid
cache_effective_group squid
tcp_recv_bufsize 65535 bytes
 
 
# 配置 squid2 为其邻居,当 squid1 在其缓存中没有找到请求的资源
# 时,通过 ICP 查询去其邻居中取得缓存
cache_peer		squid1.jobkoo.com sibling 80  3130 proxy-only
cache_peer_access	squid1.jobkoo.com allow  all
 
# squid1 的2个父节点,originserver 参数指明是源服务器,round-robin
# 参数指明 squid 通过轮询方式将请求分发到其中一台父节点;squid 同时会对这些
# 父节点的健康状态进行检查,如果父节点 down 了,那么 squid 会从剩余的 origin 
# 服务器中抓取数据
cache_peer 192.168.108.161 parent 80 0 no-query originserver round-robin name=webServer1
cache_peer 192.168.108.162 parent 80 0 no-query originserver round-robin name=webServer2
 
# www.myhome.com 域的请求通过 RR 轮询方式转发到2个父节点中的一个
cache_peer_domain webServer1 webServer2 www.myhome2.com
 
# hierarchy_stoplist cgi-bin ?
 
# squid 用于缓存的内存量
cache_mem 256 MB
 
# Cooper:内存中缓存的最大对象 512K 
maximum_object_size_in_memory 512 KB
 
# 缓存目录
cache_dir ufs /var/spool/squid 1000 16 256
 
# 能缓存的最大对象为 10M
maximum_object_size 10240 KB
 
# 访问日志
logformat squid  %ts.%03tu %6tr %>a %Ss/%03Hs %<st %rm %ru %un %Sh/%<A %mt
logformat combined %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %<st "%{Referer}>h" "%{User-Agent}>h"
access_log /var/log/squid/access.log squid
access_log /var/log/squid/access_apache.log combined
 
# Cache 日志
cache_log /var/log/squid/cache.log
 
refresh_pattern -i .html 60 90% 10080 ignore-reload
refresh_pattern -i .png 60 90% 10080 reload-into-ims
refresh_pattern -i .jpg 1440 90% 129600 ignore-reload 
refresh_pattern -i .gif 1440 90% 129600 ignore-reload 
refresh_pattern -i .js 1440 90% 10080 ignore-reload 
refresh_pattern -i .css 1440 90% 10080 reload-into-ims
refresh_pattern -i .swf 1440 90% 129600 reload-into-ims 
refresh_pattern -i .bmp 1440 90% 129600 reload-into-ims 
 
# 定义不缓存的对象
acl QUERY urlpath_regex cgi-bin \? \.php
cache deny QUERY
 
coredump_dir /var/spool/squid