安装squid ( for 2.7 stable )
修改源代码:vi src/errorpage.c 60行处将
"\n
\n"
"
\n"
"
\n" "Generated %T by %h (%s)\n" " \n"
删除,让squid错误页面不产生服务器信息。
mkdir -p /usr/local/squid
./configure
configure options: '--prefix=/usr/local/squid' '--enable-storeio=diskd,ufs,aufs,null' '--enable-async-io=80' '--enable-icmp' '--enable-removal-policies=heap,lru' '--enable-useragent-log' '--enable-snmp' '--enable-referer-log' '--enable-kill-parent-hack' '--enable-cache-digests' '--enable-default-err-language=Simplify_Chinese' '--enable-err-languages=Simplify_Chinese' '--enable-gnuregex' '--enable-ipf-transparent' '--enable-pf-transparent' '--enable-follow-x-forwarded-for' '--disable-wccp' '--disable-delay-pools' '--disable-ident-lookups' '--disable-arp-acl' '--with-large-files
make; make install; make clean
mkdir /usr/local/squid/helper
mkdir /usr/local/squid/che
cd hepler/external_acl/session; make
cp squid_session /usr/local/squid/helper
chmod 777 /usr/local/squid/che
chmod 777 /usr/local/squid/var
chmod 777 /usr/local/squid/var/logs
grep –v “^#” /etc/squid/squid.conf | sed –e ‘/^$/d’ > /etc/squid/squid.conf.orig
mv /etc/squid.conf /etc/squid.conf.system
mv /etc/squid/squid.conf.orig /etc/squid/squid.conf
squid.conf 内容: external_acl_type session ttl=300 negative_ttl=0 children=1 concurrency=200 %SRC /usr/local/squid/helper/squid_session -t 900 //客户端第一个网页转向 acl session external session //
acl all src all acl manager proto cache_object acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 acl localnet src 10.0.0.0/8 # RFC1918 possible internal network acl localnet src 172.16.0.0/12 # RFC1918 possible internal network acl localnet src 192.168.0.0/16 # RFC1918 possible internal network acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT
acl rangeget req_header Range .* //定义多线程下载规则
http_access deny !session //只有第一个执行才能打开 deny_info firstpage session //deny_info指定的页面
http_access deny rangeget //不允许多线程下载
#http_access allow manager localhost #http_access deny manager #http_access deny !Safe_ports #http_access deny CONNECT !SSL_ports #http_access allow localnet http_access allow all
icp_access allow localnet icp_access deny all
http_port 127.0.0.1:3128 transparent // http_port 192.168.101.1:3128 transparent //绑定IP和端口,透明代理 http_port 192.168.188.1:3128 transparent //
access_log /usr/local/squid/var/logs/access.log squid //各种日志信息存放路径 cache_log /usr/local/squid/var/logs/cache.log cache_store_log /usr/local/squid/var/logs/store.log pid_filename /usr/local/squid/var/squid.pid coredump_dir /usr/local/squid/var/coredump
cache_mem 100 MB //使用内存 总内存的一半 maximum_object_size_in_memory 40 KB //内存中对像大小 cache_swap_low 90 cache_swap_high 95
cache_dir aufs /usr/local/squid/che 500 16 256 //缓存目录
hierarchy_stoplist cgi-bin ? acl QUERY urlpath_regex cgi-bin \? cache deny QUERY
refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern . 0 20% 4320 acl shoutcast rep_header X-HTTP09-First-Line ^ICY.[0-9] upgrade_http0.9 deny shoutcast acl apache rep_header Server ^Apache broken_vary_encoding allow apache
header_access Via deny all // header_access X-Cache deny all //隐藏服务器信息 header_access X-Cache-Lookup deny all // header_access X-Forward-For deny all // via off // 隐藏服务器信息 check_hostnames on //检查主机名称 allow_underscore //允许出现下划线 logfile_rotate 4 //rotate后保存日志数量 cache_mgr visible_hostname rain httpd_suppress_version_string on // 隐藏服务器信息
建立firstpage (用户每次开IE自动显示)放在/usr/local/squid/share/errors/Simplify_Chinese:
rainren 热诚欢迎您 吃饭了吗?
有您的参与,网络更精彩!
/usr/local/squid/sbin/squid -z /usr/local/squid/sbin/squid -D -sYC &
阅读(6820) | 评论(0) | 转发(0) |