[FUG-BR] Ajuda com squid

William David Armstrong - FUGBr fugbr em biosystems.ath.cx
Sábado Outubro 16 11:26:20 BRT 2010


Faz uma configuração básica  sem muita coisa.

 
instala um dns server local apenas pra  resolver os nomes sem ter que recorrer aos dns das operadoras de telecom 
( configura direitinho o named.  root dns ( dig ) )
instala o squid ou o cacheboy ( lusca ) 
cache dir com a padrão do squid ( diskd )  não esqueça de recompilar o kernel para funcionar certinho com o squid

 options         MSGMNB=8192     # max # of bytes in a queue
 options         MSGMNI=40       # number of message queue identifiers
 options         MSGSEG=512      # number of message segments per queue
 options         MSGSSZ=64       # size of a message segment
 options         MSGTQL=2048     # max messages in system

 options         SHMSEG=16       # max shared mem id's per process
 options         SHMMNI=32       # max shared mem id's per system
 options         SHMMAX=2097152  # max shared memory segment size (bytes)
 options         SHMALL=4096     # max amount of shared memory (pages)

 options         VFS_AIO

segue um modelo básico de um squid que utilizo para cientes.

http_port 3128
icp_port  3130
visible_hostname Bartelby.schwarz

memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA

maximum_object_size 500 MB
max_open_disk_fds 0

cache_swap_low  95
cache_swap_high 99
cache_dir diskd /usr/local/squid/cache/a 300 4 64 Q1=72 Q2=64
cache_dir diskd /usr/local/squid/cache/b 300 4 64 Q1=72 Q2=64
cache_dir diskd /usr/local/squid/cache/c 300 4 64 Q1=72 Q2=64
cache_dir diskd /usr/local/squid/cache/d 300 4 64 Q1=72 Q2=64
cache_dir diskd /usr/local/squid/cache/e 300 4 64 Q1=72 Q2=64
cache_dir diskd /usr/local/squid/cache/f 300 4 64 Q1=72 Q2=64
cache_dir diskd /usr/local/squid/cache/g 300 4 64 Q1=72 Q2=64

cache_swap_state /usr/local/squid/logs/%s
access_log /usr/local/squid/logs/access.log

error_directory /usr/local/etc/squid/errors/Portuguese

#Recommended minimum configuration:
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443
acl Safe_ports port 80 81       # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl CONNECT method CONNECT

# Only allow cachemgr access from localhost
http_access allow manager localhost
http_access deny manager
# Deny requests to unknown ports
http_access deny !Safe_ports
# Deny CONNECT to other than SSL ports
http_access deny CONNECT !SSL_ports


url_rewrite_program /usr/local/bin/squidGuard -c /usr/local/etc/squid/squidGuard.conf
url_rewrite_children 5

http_access allow localhost

acl schwarz src 192.168.1.0/24
http_access allow  schwarz

acl alforja src 192.168.3.0/24
http_access allow alforja

miss_access allow schwarz
miss_access deny !schwarz

icp_access  allow schwarz
icp_access  deny !schwarz

Caso você obtenha uma performance que deseja vai modificando aos poucos o squid e testando até achar o seu ideal.

mes 0,2 centavos


Em 16/10/2010, às 10:41, Fabiano Carlos Heringer escreveu:

>  Em 16/10/2010 09:34, Celso Viana escreveu:
>> Em 16 de outubro de 2010 09:14, Fabiano Carlos Heringer



Mais detalhes sobre a lista de discussão freebsd