[FUG-BR] Ajuda com squid
William David Armstrong - FUGBr
fugbr em biosystems.ath.cx
Sábado Outubro 16 11:26:20 BRT 2010
Faz uma configuração básica sem muita coisa.
instala um dns server local apenas pra resolver os nomes sem ter que recorrer aos dns das operadoras de telecom
( configura direitinho o named. root dns ( dig ) )
instala o squid ou o cacheboy ( lusca )
cache dir com a padrão do squid ( diskd ) não esqueça de recompilar o kernel para funcionar certinho com o squid
options MSGMNB=8192 # max # of bytes in a queue
options MSGMNI=40 # number of message queue identifiers
options MSGSEG=512 # number of message segments per queue
options MSGSSZ=64 # size of a message segment
options MSGTQL=2048 # max messages in system
options SHMSEG=16 # max shared mem id's per process
options SHMMNI=32 # max shared mem id's per system
options SHMMAX=2097152 # max shared memory segment size (bytes)
options SHMALL=4096 # max amount of shared memory (pages)
options VFS_AIO
segue um modelo básico de um squid que utilizo para cientes.
http_port 3128
icp_port 3130
visible_hostname Bartelby.schwarz
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA
maximum_object_size 500 MB
max_open_disk_fds 0
cache_swap_low 95
cache_swap_high 99
cache_dir diskd /usr/local/squid/cache/a 300 4 64 Q1=72 Q2=64
cache_dir diskd /usr/local/squid/cache/b 300 4 64 Q1=72 Q2=64
cache_dir diskd /usr/local/squid/cache/c 300 4 64 Q1=72 Q2=64
cache_dir diskd /usr/local/squid/cache/d 300 4 64 Q1=72 Q2=64
cache_dir diskd /usr/local/squid/cache/e 300 4 64 Q1=72 Q2=64
cache_dir diskd /usr/local/squid/cache/f 300 4 64 Q1=72 Q2=64
cache_dir diskd /usr/local/squid/cache/g 300 4 64 Q1=72 Q2=64
cache_swap_state /usr/local/squid/logs/%s
access_log /usr/local/squid/logs/access.log
error_directory /usr/local/etc/squid/errors/Portuguese
#Recommended minimum configuration:
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443
acl Safe_ports port 80 81 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
# Only allow cachemgr access from localhost
http_access allow manager localhost
http_access deny manager
# Deny requests to unknown ports
http_access deny !Safe_ports
# Deny CONNECT to other than SSL ports
http_access deny CONNECT !SSL_ports
url_rewrite_program /usr/local/bin/squidGuard -c /usr/local/etc/squid/squidGuard.conf
url_rewrite_children 5
http_access allow localhost
acl schwarz src 192.168.1.0/24
http_access allow schwarz
acl alforja src 192.168.3.0/24
http_access allow alforja
miss_access allow schwarz
miss_access deny !schwarz
icp_access allow schwarz
icp_access deny !schwarz
Caso você obtenha uma performance que deseja vai modificando aos poucos o squid e testando até achar o seu ideal.
mes 0,2 centavos
Em 16/10/2010, às 10:41, Fabiano Carlos Heringer escreveu:
> Em 16/10/2010 09:34, Celso Viana escreveu:
>> Em 16 de outubro de 2010 09:14, Fabiano Carlos Heringer
Mais detalhes sobre a lista de discussão freebsd