I.H.Maleki
کاربر تازه وارد
- تاریخ عضویت
- 2 ژانویه 2004
- نوشتهها
- 22
- لایکها
- 0
جان من يكي به دادم برسه , تو configuration اين squid گير كردم.
تلافي ميكنم به مولا
h34r:
تلافي ميكنم به مولا
h34r:
-
پایان فعالیت بخشهای انجمن: امکان ایجاد موضوع یا نوشته جدید برای عموم کاربران غیرفعال شده است
كوومه كsquid
- شروع کننده موضوع I.H.Maleki
- تاریخ شروع
koorosh
Registered User
تو کدوم قسمتش مشکل داری؟
کدوم خطش رو متوجه نشدی؟ بگو با دوستان ديگه سعی ميکنيم راهنمايی کنيم.
کدوم خطش رو متوجه نشدی؟ بگو با دوستان ديگه سعی ميکنيم راهنمايی کنيم.
koorosh
Registered User
عزيزم، برای چيزی که ميخوای بايد وقت بگذاری و باهاش سر و کله بزنی. نميشه تو يه خط توضيح داد.
http://www.squid-cache.org/
http://squid-docs.sourceforge.net/latest/html/
http://www.brandonhutchinson.com/installing_squid.html
http://www.linuxhelp.net/guides/squid/
http://www.google.com/search?q=redhat+squid+installation&num=20&hl=en&lr=&ie=UTF-8&oe=UTF-8&safe=off
http://www.squid-cache.org/
http://squid-docs.sourceforge.net/latest/html/
http://www.brandonhutchinson.com/installing_squid.html
http://www.linuxhelp.net/guides/squid/
http://www.google.com/search?q=redhat+squid+installation&num=20&hl=en&lr=&ie=UTF-8&oe=UTF-8&safe=off
AliMH
Registered User
- تاریخ عضویت
- 25 ژانویه 2004
- نوشتهها
- 770
- لایکها
- 1
mavade lazem :
yek adad system ba linux nasb shode
ye adam ba hosale va nesbatan bikar
yekam aghl (in yeki ro nadashte bashi ham mishe man emtahan kardam shod )
va
GCC
PERL
source squid ( alan ine squid-2.5.STABLE4.tar.gz) mitoni az inja down load koni
http://www.squid-cache.org/Versions/v2/2.5/squid-2.5.STABLE4.tar.gz
MRTG
az inja begir
ftp://ftp.falsehope.com/home/gomez/mrtg/
APACHE SERVER
-----------------------------------------------------compile squid --------------------------------
aval squid ro compile mikonim
------------------------
ba in dastor az zip dar miyari
tar -xzf squid-2.5.STABLE4.tar.gz
cd squid-2.5.STABLE4
"tamamesh dar ye khat"
./configure --host=i386-redhat-linux --build=i386-redhat-linux --target=i386-redhat-linux-gnu --program-prefix= --prefix=/usr --exec-prefix=/usr --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc --datadir=/usr/share --includedir=/usr/include --libdir=/usr/lib --libexecdir=/usr/libexec --localstatedir=/var --sharedstatedir=/usr/com --mandir=/usr/share/man --infodir=/usr/share/info --exec_prefix=/usr --bindir=/usr/sbin --libexecdir=/usr/lib/squid --localstatedir=/var --sysconfdir=/etc/squid --enable-poll --enable-snmp --enable-removal-policies=heap,lru --enable-storeio=aufs,coss,diskd,ufs --enable-ssl --with-openssl=/usr/kerberos --enable-delay-pools --enable-linux-netfilterYou have new mail in /var/spool/mail/root
"koli peygham bayad bede"
make all
"alan bayad ye chand daghigheyyi alaf beshini vasat cherto pert benvise "
make install
---------------
khob alan squid ro darim albate age error meror nade
khob ye folder ya drive ro dar root misazim
maslan
mkdir /cache
"behtare ke mogheye partishen basndi ye partishene joda be name cache be sazi "
bad permision full behesh midim
chown -v 777 /cache
to ye /var/log foldere squid ro besaz
mkdir /var/log/squid
chown -v 777 /var/log/squid
khob haa bayad toye /etc/squid/squid.conf
dastkari bokoni va config bokoni
ba in dastor
vi /etc/squid/squid.conf
-------------------------------------------squid.conf---------------------------------------
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
ipcache_size 16384 #4096
fqdncache_size 16384 #4096
cache_dir aufs /cache 35000 16 256
visible_hostname hostname
cache_mgr webmaster
acl nimda1 urlpath_regex -i \.elm$
acl nimda2 urlpath_regex -i root.exe
acl nimda3 urlpath_regex -i cmd.exe
acl nimda4 urlpath_regex -i ^http://.*www
acl nimda5 urlpath_regex -i readme.exe
acl nimda6 urlpath_regex -i default.id
acl nimda7 urlpath_regex -i :25
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access deny nimda1
http_access deny nimda2
http_access deny nimda3
http_access deny nimda4
http_access deny nimda5
http_access deny nimda6
http_access deny nimda7
http_access allow all
icp_access allow all
httpd_accel_port 80
httpd_accel_host virtual
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
ie_refresh on
#snmp
acl snmppublic snmp_community public
snmp_access allow snmppublic all
snmp_incoming_address 0.0.0.0
snmp_outgoing_address 0.0.0.0
cache_mem 128 MB # 8 MB
maximum_object_size 1000 MB # 4096 KB
maximum_object_size_in_memory 256 KB # 8 KB
dns_nameservers 10.169.254.1 192.9.9.3
request_header_max_size 10000 KB # 10 KB
request_timeout 120 second # 30 seconds
refresh_pattern -i ^ftp: 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.jpg$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.html$ 57600 50 60000 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.class$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.zip$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.jpeg$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.mid$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.shtml$ 57600 50 60000 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.exe$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.thm$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.wav$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.txt$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.cab$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.au$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.mov$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.xbm$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.ram$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.avi$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.chtml$ 57600 50 60000 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.thb$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.dcr$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.bmp$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.phtml$ 57600 50 60000 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.mpg$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.pdf$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.art$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.swf$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.mp3$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.ra$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.spl$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.viv$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.doc$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.gz$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.Z$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.tgz$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.tar$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.vrm$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.vrml$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.aif$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.aifc$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.aiff$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.arj$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.c$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.cpt$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.dir$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.dxr$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.hqx$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.jpe$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.lha$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.lzh$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.midi$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.movie$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.mp2$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.mpe$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.mpeg$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.mpga$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.pl$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.ppt$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.ps$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.qt$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.qtm$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.ras$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.sea$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.sit$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.tif$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.tiff$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.asp$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.aspx$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.php$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.js$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.jsp$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.perl$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.cgi$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.fla$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.xml$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.xhtml$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.sxml$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.ocx$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.java$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.css$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \. 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.htmx 57600 90 86400 override-expire override-lastmod reload-into-ims
cache_access_log /var/log/squid/access.log
cache_store_log /var/log/squid/store.log
cache_log /var/log/squid/cache.log
-------------------------------------------END---------------------------------------------
khob hala tagriban squid amade be kare
ba in dastor drive cache ro misazin
squid -z
bad mizani
squid
hichi neminvise
ama age baraye bare dovom bezani squid bayad benvise "Squid is already running!"
hala mondesh trasparent proxy
ba ye iptables dorost mishe
iptables -A PREROUTING -p tcp -t nat -d <ip cache server> --dport 3128 -j DROP
iptables -A PREROUTING -p tcp -t nat -s 10.169.254.0/24 --dport 80 -j REDIRECT --to 3128
iptables -A PREROUTING -p tcp -t nat --dport 80 -j DROP
vaseye inke in dastorato hamishe nazani in file ro baz kon
/etc/rc.d/rc.local
va in khataro behesh azafe kon
iptables -A PREROUTING -p tcp -t nat -d <ip cache server> --dport 3128 -j DROP
iptables -A PREROUTING -p tcp -t nat -s 10.169.254.0/24 --dport 80 -j REDIRECT --to 3128
iptables -A PREROUTING -p tcp -t nat --dport 80 -j DROP
/usr/sbin/squid
--------------------------
mond faghat ye chiz onam ip forwardinge ke bayad in file ro baz koni
/etc/sysctl.conf
net.ipv4.ip_forward = 1
---------------
hala ye restart kon systemo
boro hale sho bebar
ba in dastor mitoni requesthaye systemo nigah koni
tail -f /var/log/squid/access.log
-----------------------------------MRTG-----------------------------------
khob mrtg ro nasb kon (rpm)
az inja begir ftp://ftp.falsehope.com/home/gomez/mrtg/
badesh
in file haro dar /lib beriz
libcrypto.so.2
libgd.so.2
boro in file ro edit kon
/etc/mrtg/mrtg.cfg
-----------------------------------------------start----------------------------
########################################################
# Squid related sections #
########################################################
RunAsDaemon: Yes
# Change this to the correct location of squid/mib.txt
LoadMIBS: /etc/squid/mib.txt
Target[proxy-hit]: cacheHttpHits&cacheServerRequestsublic@localhost:3401
MaxBytes[proxy-hit]: 10000
Title[proxy-hit]: HTTP Hits
PageTop[proxy-hit]: <H2>Proxy Cache Statistics: HTTP Hits / Requests</H2>
<TABLE>
<TR><TD>System:</TD> <TD>proxy.domain.com</TD></TR>
<TR><TD>Maintainer:</TD> <TD>Squid Maintainer</TD></TR>
<TR><TD>Description:</TD><TD>Squid Proxy server</TD></TR>
</TABLE>
Suppress[proxy-hit]: y
LegendI[proxy-hit]: HTTP hits
LegendO[proxy-hit]: HTTP requests
Legend1[proxy-hit]: HTTP hits
Legend2[proxy-hit]: HTTP requests
YLegend[proxy-hit]: perminute
ShortLegend[proxy-hit]: req/min
Options[proxy-hit]: nopercent, perminute, dorelpercent, unknaszero
Target[proxy-srvkbinout]: cacheServerInKb&cacheServerOutKbublic@localhost:3401
MaxBytes[proxy-srvkbinout]: 10000
Title[proxy-srvkbinout]: Cache Server Traffic In / Out
PageTop[proxy-srvkbinout]: <H2>Cache Statistics: Server Traffic Volume (In/Out) </H2>
<TABLE>
<TR><TD>System:</TD> <TD>proxy.mydomain.com</TD></TR>
<TR><TD>Maintainer:</TD> <TD>Squid Maintainer</TD></TR>
<TR><TD>Description:</TD><TD>Squid Proxy server</TD></TR>
</TABLE>
Suppress[proxy-srvkbinout]: y
LegendI[proxy-srvkbinout]: Traffic In
LegendO[proxy-srvkbinout]: Traffic Out
Legend1[proxy-srvkbinout]: Traffic In
Legend2[proxy-srvkbinout]: Traffic Out
YLegend[proxy-srvkbinout]: per minute
ShortLegend[proxy-srvkbinout]: b/min
kMG[proxy-srvkbinout]: k,M,G,T
kilo[proxy-srvkbinout]: 1024
Options[proxy-srvkbinout]: nopercent, perminute, unknaszero
-----------------------------------------------------end---------------
hala in dastoro bezan
# mrtg /etc/mrtg/mrtg.cfg
ye sri error mide mesle in payin
age nashod ino bezan "env LANG=C mrtg /etc/mrtg/mrtg.cfg"
Rateup WARNING: /usr/bin/rateup could not read the primary log file for proxy-hit
Rateup WARNING: /usr/bin/rateup The backup log file for proxy-hit was invalid as well
Rateup WARNING: /usr/bin/rateup Can't remove proxy-hit.old updating log file
Rateup WARNING: /usr/bin/rateup Can't rename proxy-hit.log to proxy-hit.old updating log file
Rateup WARNING: /usr/bin/rateup could not read the primary log file for proxy-srvkbinout
Rateup WARNING: /usr/bin/rateup The backup log file for proxy-srvkbinout was invalid as well
Rateup WARNING: /usr/bin/rateup Can't remove proxy-srvkbinout.old updating log file
Rateup WARNING: /usr/bin/rateup Can't rename proxy-srvkbinout.log to proxy-srvkbinout.old updating log file
baz az aval ejra kon
baza error mide ama kamtar
# mrtg /etc/mrtg/mrtg.cfg
Rateup WARNING: /usr/bin/rateup Can't remove proxy-hit.old updating log file
Rateup WARNING: /usr/bin/rateup Can't remove proxy-srvkbinout.old updating log file
bare servom ke ejra koni dige error nemide
# mrtg /etc/mrtg/mrtg.cfg
----------------------------------------------------------
zemnan
in ro ham be rc.local ezafe koni bad nist
env LANG=C mrtg /etc/mrtg/mrtg.cfg
khob hala age web server dashte bash mitoni ro in address graph ro bebini
http://localhost/mrtg/proxy-srvkbinout.html
http://localhost/mrtg/proxy-hit.html
ama age nadashti chi ?!
----------------------------------------------------Apache--------------------------------
ino nasb kon httpd-2.0.40-21.i386.rpm
in file ro edit kon
/etc/httpd/conf/httpd.conf
inaro avaz kon
Listen <ip server>:3100
ServerName 127.0.0.1:3000
DocumentRoot "/var/www/mrtg/"
<Directory "/var/www/mrtg/">
----------------------------------------
khob hala bezan
httpd
age error nadad boro ro ye system bezan
http://serverip:3100/proxy-hit.html
halesho bebar
----------------------------------------
ye pish nahad
az masir /usr/lib/cachemgr.cgi ro dar /var/www/cgi-bin copy kon bad bezan
http://10.169.254.2:3000/cgi-bin/cachemgr.cgi
halesho bebar
ye pish nahade dige
------------------------------------------------------Filter killing-----------------------------------
age khasti filter haye maskhareye mokhaberato rad koni ham khodet ham tamame kesayi ke be
in server vasl mishan faghat bayad ye khat be squid.conf ezafe koni hamin
cahche_peer <proxy server> parent 3128 3130
list proxy server hayi ke man test kardam ro inja mizaram bebin kodom be karet miyad ono bezar
---------------------------------
age squid ejra nemishod az in estefade kon
squid -d 1
mige dardesh chiye
age be moshkel bar khordi mesle man inaro bekhon ye chizayi dastgiret mishe
http://shankerbalan.com/tech/squid_config.txt
http://squid.visolve.com/squid24s1/squid24s1.pdf
http://people.ee.ethz.ch/~oetiker/webtools/mrtg/unix-guide.html
http://people.ee.ethz.ch/~oetiker/webtools/mrtg/squid.html
http://shankerbalan.com/tech/squid_mrtg.txt
http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/ref-guide/s1-apache-config.html
vaseye contorole pahnaye band ham mitoni az hamin squid estefade koni
http://shankerbalan.com/tech/squid_delaypools.txt
age soal dashti baham chat kon
yek adad system ba linux nasb shode
ye adam ba hosale va nesbatan bikar
yekam aghl (in yeki ro nadashte bashi ham mishe man emtahan kardam shod )
va
GCC
PERL
source squid ( alan ine squid-2.5.STABLE4.tar.gz) mitoni az inja down load koni
http://www.squid-cache.org/Versions/v2/2.5/squid-2.5.STABLE4.tar.gz
MRTG
az inja begir
ftp://ftp.falsehope.com/home/gomez/mrtg/
APACHE SERVER
-----------------------------------------------------compile squid --------------------------------
aval squid ro compile mikonim
------------------------
ba in dastor az zip dar miyari
tar -xzf squid-2.5.STABLE4.tar.gz
cd squid-2.5.STABLE4
"tamamesh dar ye khat"
./configure --host=i386-redhat-linux --build=i386-redhat-linux --target=i386-redhat-linux-gnu --program-prefix= --prefix=/usr --exec-prefix=/usr --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc --datadir=/usr/share --includedir=/usr/include --libdir=/usr/lib --libexecdir=/usr/libexec --localstatedir=/var --sharedstatedir=/usr/com --mandir=/usr/share/man --infodir=/usr/share/info --exec_prefix=/usr --bindir=/usr/sbin --libexecdir=/usr/lib/squid --localstatedir=/var --sysconfdir=/etc/squid --enable-poll --enable-snmp --enable-removal-policies=heap,lru --enable-storeio=aufs,coss,diskd,ufs --enable-ssl --with-openssl=/usr/kerberos --enable-delay-pools --enable-linux-netfilterYou have new mail in /var/spool/mail/root
"koli peygham bayad bede"
make all
"alan bayad ye chand daghigheyyi alaf beshini vasat cherto pert benvise "
make install
---------------
khob alan squid ro darim albate age error meror nade
khob ye folder ya drive ro dar root misazim
maslan
mkdir /cache
"behtare ke mogheye partishen basndi ye partishene joda be name cache be sazi "
bad permision full behesh midim
chown -v 777 /cache
to ye /var/log foldere squid ro besaz
mkdir /var/log/squid
chown -v 777 /var/log/squid
khob haa bayad toye /etc/squid/squid.conf
dastkari bokoni va config bokoni
ba in dastor
vi /etc/squid/squid.conf
-------------------------------------------squid.conf---------------------------------------
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
ipcache_size 16384 #4096
fqdncache_size 16384 #4096
cache_dir aufs /cache 35000 16 256
visible_hostname hostname
cache_mgr webmaster
acl nimda1 urlpath_regex -i \.elm$
acl nimda2 urlpath_regex -i root.exe
acl nimda3 urlpath_regex -i cmd.exe
acl nimda4 urlpath_regex -i ^http://.*www
acl nimda5 urlpath_regex -i readme.exe
acl nimda6 urlpath_regex -i default.id
acl nimda7 urlpath_regex -i :25
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access deny nimda1
http_access deny nimda2
http_access deny nimda3
http_access deny nimda4
http_access deny nimda5
http_access deny nimda6
http_access deny nimda7
http_access allow all
icp_access allow all
httpd_accel_port 80
httpd_accel_host virtual
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
ie_refresh on
#snmp
acl snmppublic snmp_community public
snmp_access allow snmppublic all
snmp_incoming_address 0.0.0.0
snmp_outgoing_address 0.0.0.0
cache_mem 128 MB # 8 MB
maximum_object_size 1000 MB # 4096 KB
maximum_object_size_in_memory 256 KB # 8 KB
dns_nameservers 10.169.254.1 192.9.9.3
request_header_max_size 10000 KB # 10 KB
request_timeout 120 second # 30 seconds
refresh_pattern -i ^ftp: 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.jpg$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.html$ 57600 50 60000 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.class$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.zip$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.jpeg$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.mid$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.shtml$ 57600 50 60000 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.exe$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.thm$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.wav$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.txt$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.cab$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.au$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.mov$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.xbm$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.ram$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.avi$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.chtml$ 57600 50 60000 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.thb$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.dcr$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.bmp$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.phtml$ 57600 50 60000 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.mpg$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.pdf$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.art$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.swf$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.mp3$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.ra$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.spl$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.viv$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.doc$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.gz$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.Z$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.tgz$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.tar$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.vrm$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.vrml$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.aif$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.aifc$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.aiff$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.arj$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.c$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.cpt$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.dir$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.dxr$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.hqx$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.jpe$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.lha$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.lzh$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.midi$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.movie$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.mp2$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.mpe$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.mpeg$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.mpga$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.pl$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.ppt$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.ps$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.qt$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.qtm$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.ras$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.sea$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.sit$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.tif$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.tiff$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.asp$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.aspx$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.php$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.js$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.jsp$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.perl$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.cgi$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.fla$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.xml$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.xhtml$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.sxml$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.ocx$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.java$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.css$ 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \. 57600 90 86400 override-expire override-lastmod reload-into-ims
refresh_pattern -i \.htmx 57600 90 86400 override-expire override-lastmod reload-into-ims
cache_access_log /var/log/squid/access.log
cache_store_log /var/log/squid/store.log
cache_log /var/log/squid/cache.log
-------------------------------------------END---------------------------------------------
khob hala tagriban squid amade be kare
ba in dastor drive cache ro misazin
squid -z
bad mizani
squid
hichi neminvise
ama age baraye bare dovom bezani squid bayad benvise "Squid is already running!"
hala mondesh trasparent proxy
ba ye iptables dorost mishe
iptables -A PREROUTING -p tcp -t nat -d <ip cache server> --dport 3128 -j DROP
iptables -A PREROUTING -p tcp -t nat -s 10.169.254.0/24 --dport 80 -j REDIRECT --to 3128
iptables -A PREROUTING -p tcp -t nat --dport 80 -j DROP
vaseye inke in dastorato hamishe nazani in file ro baz kon
/etc/rc.d/rc.local
va in khataro behesh azafe kon
iptables -A PREROUTING -p tcp -t nat -d <ip cache server> --dport 3128 -j DROP
iptables -A PREROUTING -p tcp -t nat -s 10.169.254.0/24 --dport 80 -j REDIRECT --to 3128
iptables -A PREROUTING -p tcp -t nat --dport 80 -j DROP
/usr/sbin/squid
--------------------------
mond faghat ye chiz onam ip forwardinge ke bayad in file ro baz koni
/etc/sysctl.conf
net.ipv4.ip_forward = 1
---------------
hala ye restart kon systemo
boro hale sho bebar
ba in dastor mitoni requesthaye systemo nigah koni
tail -f /var/log/squid/access.log
-----------------------------------MRTG-----------------------------------
khob mrtg ro nasb kon (rpm)
az inja begir ftp://ftp.falsehope.com/home/gomez/mrtg/
badesh
in file haro dar /lib beriz
libcrypto.so.2
libgd.so.2
boro in file ro edit kon
/etc/mrtg/mrtg.cfg
-----------------------------------------------start----------------------------
########################################################
# Squid related sections #
########################################################
RunAsDaemon: Yes
# Change this to the correct location of squid/mib.txt
LoadMIBS: /etc/squid/mib.txt
Target[proxy-hit]: cacheHttpHits&cacheServerRequests
ublic@localhost:3401MaxBytes[proxy-hit]: 10000
Title[proxy-hit]: HTTP Hits
PageTop[proxy-hit]: <H2>Proxy Cache Statistics: HTTP Hits / Requests</H2>
<TABLE>
<TR><TD>System:</TD> <TD>proxy.domain.com</TD></TR>
<TR><TD>Maintainer:</TD> <TD>Squid Maintainer</TD></TR>
<TR><TD>Description:</TD><TD>Squid Proxy server</TD></TR>
</TABLE>
Suppress[proxy-hit]: y
LegendI[proxy-hit]: HTTP hits
LegendO[proxy-hit]: HTTP requests
Legend1[proxy-hit]: HTTP hits
Legend2[proxy-hit]: HTTP requests
YLegend[proxy-hit]: perminute
ShortLegend[proxy-hit]: req/min
Options[proxy-hit]: nopercent, perminute, dorelpercent, unknaszero
Target[proxy-srvkbinout]: cacheServerInKb&cacheServerOutKb
ublic@localhost:3401MaxBytes[proxy-srvkbinout]: 10000
Title[proxy-srvkbinout]: Cache Server Traffic In / Out
PageTop[proxy-srvkbinout]: <H2>Cache Statistics: Server Traffic Volume (In/Out) </H2>
<TABLE>
<TR><TD>System:</TD> <TD>proxy.mydomain.com</TD></TR>
<TR><TD>Maintainer:</TD> <TD>Squid Maintainer</TD></TR>
<TR><TD>Description:</TD><TD>Squid Proxy server</TD></TR>
</TABLE>
Suppress[proxy-srvkbinout]: y
LegendI[proxy-srvkbinout]: Traffic In
LegendO[proxy-srvkbinout]: Traffic Out
Legend1[proxy-srvkbinout]: Traffic In
Legend2[proxy-srvkbinout]: Traffic Out
YLegend[proxy-srvkbinout]: per minute
ShortLegend[proxy-srvkbinout]: b/min
kMG[proxy-srvkbinout]: k,M,G,T
kilo[proxy-srvkbinout]: 1024
Options[proxy-srvkbinout]: nopercent, perminute, unknaszero
-----------------------------------------------------end---------------
hala in dastoro bezan
# mrtg /etc/mrtg/mrtg.cfg
ye sri error mide mesle in payin
age nashod ino bezan "env LANG=C mrtg /etc/mrtg/mrtg.cfg"
Rateup WARNING: /usr/bin/rateup could not read the primary log file for proxy-hit
Rateup WARNING: /usr/bin/rateup The backup log file for proxy-hit was invalid as well
Rateup WARNING: /usr/bin/rateup Can't remove proxy-hit.old updating log file
Rateup WARNING: /usr/bin/rateup Can't rename proxy-hit.log to proxy-hit.old updating log file
Rateup WARNING: /usr/bin/rateup could not read the primary log file for proxy-srvkbinout
Rateup WARNING: /usr/bin/rateup The backup log file for proxy-srvkbinout was invalid as well
Rateup WARNING: /usr/bin/rateup Can't remove proxy-srvkbinout.old updating log file
Rateup WARNING: /usr/bin/rateup Can't rename proxy-srvkbinout.log to proxy-srvkbinout.old updating log file
baz az aval ejra kon
baza error mide ama kamtar
# mrtg /etc/mrtg/mrtg.cfg
Rateup WARNING: /usr/bin/rateup Can't remove proxy-hit.old updating log file
Rateup WARNING: /usr/bin/rateup Can't remove proxy-srvkbinout.old updating log file
bare servom ke ejra koni dige error nemide
# mrtg /etc/mrtg/mrtg.cfg
----------------------------------------------------------
zemnan
in ro ham be rc.local ezafe koni bad nist
env LANG=C mrtg /etc/mrtg/mrtg.cfg
khob hala age web server dashte bash mitoni ro in address graph ro bebini
http://localhost/mrtg/proxy-srvkbinout.html
http://localhost/mrtg/proxy-hit.html
ama age nadashti chi ?!
----------------------------------------------------Apache--------------------------------
ino nasb kon httpd-2.0.40-21.i386.rpm
in file ro edit kon
/etc/httpd/conf/httpd.conf
inaro avaz kon
Listen <ip server>:3100
ServerName 127.0.0.1:3000
DocumentRoot "/var/www/mrtg/"
<Directory "/var/www/mrtg/">
----------------------------------------
khob hala bezan
httpd
age error nadad boro ro ye system bezan
http://serverip:3100/proxy-hit.html
halesho bebar
----------------------------------------
ye pish nahad
az masir /usr/lib/cachemgr.cgi ro dar /var/www/cgi-bin copy kon bad bezan
http://10.169.254.2:3000/cgi-bin/cachemgr.cgi
halesho bebar
ye pish nahade dige
------------------------------------------------------Filter killing-----------------------------------
age khasti filter haye maskhareye mokhaberato rad koni ham khodet ham tamame kesayi ke be
in server vasl mishan faghat bayad ye khat be squid.conf ezafe koni hamin
cahche_peer <proxy server> parent 3128 3130
list proxy server hayi ke man test kardam ro inja mizaram bebin kodom be karet miyad ono bezar
---------------------------------
age squid ejra nemishod az in estefade kon
squid -d 1
mige dardesh chiye
age be moshkel bar khordi mesle man inaro bekhon ye chizayi dastgiret mishe
http://shankerbalan.com/tech/squid_config.txt
http://squid.visolve.com/squid24s1/squid24s1.pdf
http://people.ee.ethz.ch/~oetiker/webtools/mrtg/unix-guide.html
http://people.ee.ethz.ch/~oetiker/webtools/mrtg/squid.html
http://shankerbalan.com/tech/squid_mrtg.txt
http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/ref-guide/s1-apache-config.html
vaseye contorole pahnaye band ham mitoni az hamin squid estefade koni
http://shankerbalan.com/tech/squid_delaypools.txt
age soal dashti baham chat kon
koorosh
Registered User
AliMH جان، ممنون که وقت گذاشتی و پاسخ کامل دادی
فقط اگه اطلاعاتی بصورت خصوصی به کسی دادی، ازش بخواه که در Forum هم بنويسه تا بقيه دوستان هم فيض ببرن
فقط اگه اطلاعاتی بصورت خصوصی به کسی دادی، ازش بخواه که در Forum هم بنويسه تا بقيه دوستان هم فيض ببرن
sdsl
کاربر تازه وارد
خيلي راه رو سخت كردين!!
براتون يه راه فوق العاده ساده تر مي نويسم به زودي..
موفق باشيد
براتون يه راه فوق العاده ساده تر مي نويسم به زودي..
موفق باشيد
mshajarian
کاربر تازه وارد
- تاریخ عضویت
- 13 آپریل 2004
- نوشتهها
- 20
- لایکها
- 0
به نقل از AliMH :
با سلام
عالی بود مرسی.
لطفا اگه میشه یه پروکسی سرور براي من بفرستيد. ممنون ميشم
[email protected]
به نقل از I.H.Maleki :جان من يكي به دادم برسه , تو configuration اين squid گير كردم.
تلافي ميكنم به مولا
فكر كنم اين راحت تر باشه
Squid - A quick start guide
Introduction
This document is a concise guide meant to step you through the basic steps needed to install and configure Squid. It is dedicated for beginners who want to get Squid running quickly in Linux. Use this only if you have quite a simple setup. For detailed configurations please have a look at our Configuration Manual
Step I - Downloading and compiling Squid
You can download squid source archive file as a gzipped tar ball of the form (eg.squid-*-src.tar.gz) available at http://www.squid-cache.org/ or from ftp://www.squid-cache.org/pub, Next you have to untar the file and change the working directory to squid-*
tar -xvzf squid-*-src.tar.gz
cd squid -*
Now enter the following commands in order to configure, compile and install squid
./configure
make
make install
This will by default, install into "/usr/local/squid". Type ./configure --help to view all available options.
Step II - Basic Configuration
Some basic Configuration is to be done in Configuration file. By default this file is in the following path "usr/local/squid/etc/squid.conf". In the configuration file uncomment and edit the following lines.
cache_dir
Set cache_dir to an area that has a large amount of hard disk space in order to devote to caching.
Cache_dir ufs /usr/local/squid/cache 100 16 256 is common.
http_port
Check http_port, 3128 is a default.
http_access
By default http_access is denied to all. You have to set ACL rules as per your requirements. This is important because it prevents people from stealing your network resources
cache_effective_user & cache_effective_ group
Set cache_effective_user and cache_effective_ group to a user and group. This user should have the permission to read and write in the cache directory and in the log files.
Step III - Custom configuration based on your network needs
For Configuring squid for proxy
By default, squid is configured in proxy mode. In order to cache web traffic and to use the squid system as a proxy, you have to configure your browser, which needs at least two pieces of information:
i. _____ the proxy server's host name
ii. ______ the port that the proxy server is accepting requests on
For Configuring squid for transparency
Using squid transparently is a two part process, requiring first that squid be configured properly to accept non-proxy requests (performed in the squid module) , and second that web traffic gets redirected to the squid port (achieved in three ways namely policy based routing, Using smart switching or by setting squid Box as a gateway).
Getting transparent caching to work requires the following steps:
i. ___For some operating systems, you have to configure and build a version of Squid which can recognize the hijacked connections and discern the destination addresses. For Linux this seems to work automatically. For BSD-based systems, you probably have to configure squid with the --enable-ipf-transparent option, and you have to configure squid as:
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
ii. __________ Next you have to configure your cache host to accept the redirected packets - any IP address, on port 80 - and deliver them to your cache application. This is typically done with IP filtering/forwarding features built into the kernel. In Linux they call this ipfilter (kernel 2.4.x), ipchains (2.2.x) or ipfwadm (2.0.x).
For Configuring squid for Reverse Proxy
To run Squid as an accelerator, you probably want to listen on port 80. And you have to define the machine you are accelerating for. This is done in squid module,
http_port 80
httpd_accel_host visolve.com
httpd_accel_port 81
httpd_accel_single_host on
httpd_accel_with_proxy on
If you are using Squid as an accelerator for a virtual host system, then instead of a 'hostname' here you have to use the word virtual as:
http_port 80
httpd_accel_host virtual
httpd_accel_port 81
httpd_accel_with_proxy on
httpd_accel_single_host off
Step IV - Starting Squid
After you've finished editing the configuration file, you can start Squid for the first time. First, you must create the swap directories. Do this by running Squid with the -z option:
/usr/local/squid/bin/squid -z
Once that completes, you can start Squid and try it out. Probably the best thing to do is run it from your terminal and watch the debugging output. Use this command:
/usr/local/squid/bin/squid -NCd1
If everything is working okay, then your console displays: "Ready to serve requests".
If you want to run squid in the background, as a daemon process, just leave off all options:
/usr/local/squid/bin/squid
Here depending on your configuration, you may need to start squid as root.
Step V - To check if Squid is working
Check the cache.log file in your logs directory. This file generates run time error messages that Squid generates.
References:
ViSolve Squid Configuration Manual
The Squid FAQ site
Introduction
This document is a concise guide meant to step you through the basic steps needed to install and configure Squid. It is dedicated for beginners who want to get Squid running quickly in Linux. Use this only if you have quite a simple setup. For detailed configurations please have a look at our Configuration Manual
Step I - Downloading and compiling Squid
You can download squid source archive file as a gzipped tar ball of the form (eg.squid-*-src.tar.gz) available at http://www.squid-cache.org/ or from ftp://www.squid-cache.org/pub, Next you have to untar the file and change the working directory to squid-*
tar -xvzf squid-*-src.tar.gz
cd squid -*
Now enter the following commands in order to configure, compile and install squid
./configure
make
make install
This will by default, install into "/usr/local/squid". Type ./configure --help to view all available options.
Step II - Basic Configuration
Some basic Configuration is to be done in Configuration file. By default this file is in the following path "usr/local/squid/etc/squid.conf". In the configuration file uncomment and edit the following lines.
cache_dir
Set cache_dir to an area that has a large amount of hard disk space in order to devote to caching.
Cache_dir ufs /usr/local/squid/cache 100 16 256 is common.
http_port
Check http_port, 3128 is a default.
http_access
By default http_access is denied to all. You have to set ACL rules as per your requirements. This is important because it prevents people from stealing your network resources
cache_effective_user & cache_effective_ group
Set cache_effective_user and cache_effective_ group to a user and group. This user should have the permission to read and write in the cache directory and in the log files.
Step III - Custom configuration based on your network needs
For Configuring squid for proxy
By default, squid is configured in proxy mode. In order to cache web traffic and to use the squid system as a proxy, you have to configure your browser, which needs at least two pieces of information:
i. _____ the proxy server's host name
ii. ______ the port that the proxy server is accepting requests on
For Configuring squid for transparency
Using squid transparently is a two part process, requiring first that squid be configured properly to accept non-proxy requests (performed in the squid module) , and second that web traffic gets redirected to the squid port (achieved in three ways namely policy based routing, Using smart switching or by setting squid Box as a gateway).
Getting transparent caching to work requires the following steps:
i. ___For some operating systems, you have to configure and build a version of Squid which can recognize the hijacked connections and discern the destination addresses. For Linux this seems to work automatically. For BSD-based systems, you probably have to configure squid with the --enable-ipf-transparent option, and you have to configure squid as:
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
ii. __________ Next you have to configure your cache host to accept the redirected packets - any IP address, on port 80 - and deliver them to your cache application. This is typically done with IP filtering/forwarding features built into the kernel. In Linux they call this ipfilter (kernel 2.4.x), ipchains (2.2.x) or ipfwadm (2.0.x).
For Configuring squid for Reverse Proxy
To run Squid as an accelerator, you probably want to listen on port 80. And you have to define the machine you are accelerating for. This is done in squid module,
http_port 80
httpd_accel_host visolve.com
httpd_accel_port 81
httpd_accel_single_host on
httpd_accel_with_proxy on
If you are using Squid as an accelerator for a virtual host system, then instead of a 'hostname' here you have to use the word virtual as:
http_port 80
httpd_accel_host virtual
httpd_accel_port 81
httpd_accel_with_proxy on
httpd_accel_single_host off
Step IV - Starting Squid
After you've finished editing the configuration file, you can start Squid for the first time. First, you must create the swap directories. Do this by running Squid with the -z option:
/usr/local/squid/bin/squid -z
Once that completes, you can start Squid and try it out. Probably the best thing to do is run it from your terminal and watch the debugging output. Use this command:
/usr/local/squid/bin/squid -NCd1
If everything is working okay, then your console displays: "Ready to serve requests".
If you want to run squid in the background, as a daemon process, just leave off all options:
/usr/local/squid/bin/squid
Here depending on your configuration, you may need to start squid as root.
Step V - To check if Squid is working
Check the cache.log file in your logs directory. This file generates run time error messages that Squid generates.
References:
ViSolve Squid Configuration Manual
The Squid FAQ site
koorosh
Registered User
در مورد Cache نشدن سايت های دلخواه، با ACL ها ميتونيد اين کار رو انجام بدين.
توضيحات بيشتر در راهنمای Squid و FAQ های اون موجود است.
کد:
acl someserver dstdomain .someserver.com
no_cache deny someserverتوضيحات بيشتر در راهنمای Squid و FAQ های اون موجود است.
mshajarian
کاربر تازه وارد
- تاریخ عضویت
- 13 آپریل 2004
- نوشتهها
- 20
- لایکها
- 0
Man Mogheye Compile Kardane Squid dochare moshkel misham
Vaghti make all
va
make install
ro ejra mikonam : Akharesh in errore miad:
/usr/bin/ld: cannot find -lz
collect2: ld returned 1 exit status
make[2]: *** [squid] Error 1
make[2]: Leaving directory `/root/squid-2.5.STABLE6/src'
make[1]: *** [install-recursive] Error 1
make[1]: Leaving directory `/root/squid-2.5.STABLE6/src'
make: *** [install-recursive] Error 1
mano rahnamaei konid.
Vaghti make all
va
make install
ro ejra mikonam : Akharesh in errore miad:
/usr/bin/ld: cannot find -lz
collect2: ld returned 1 exit status
make[2]: *** [squid] Error 1
make[2]: Leaving directory `/root/squid-2.5.STABLE6/src'
make[1]: *** [install-recursive] Error 1
make[1]: Leaving directory `/root/squid-2.5.STABLE6/src'
make: *** [install-recursive] Error 1
mano rahnamaei konid.