Build Squid Server
Author:Liangzhi Zou
Date:2001/20/8
Squid is a high-performance proxy caching server for web clients,supporting FTP,gopher,and HTTP data objects.Unlike traditional caching software,Squid handles all requests in a single,non-blocking,I/O- driven process.
Squid keeps meta data and especially hot objects cached in RAM,caches DNS lookups,supports non-blocking DNS lookups,and implements negative caching of failed requests.
Squid supports SSL,extensive access controls,and full request logging.By using the lightweight Internet Cache Protocol,Squid caches can be arranged in a hierarchy or mesh for additional bandwidth savings.
Squid consists of a main server program squid ,a Domain Name System lookup program dnsserver ,some optional programs for rewriting requests and performing authentication,and some management and client tools.When squid starts up,it spawns a configurable number of dnsserver processes,each of which can perform a single,blocking Domain Name System(DNS) lookup.This reduces the amount of time the cache waits for DNS lookups.
1.Source
squid-2.3.STABLE1-5
2.Install
#rpm -ivh squid-2.3.STABLE1-5.i386.rpm
3.Configuration
We will modify /etc/squid/squid.conf file.
# NETWORK OPTIONS ---------------------------------------- # TAG: http_port http_port 8080 # OPTIONS WHICH AFFECT THE NEIGHBOR SELECTION ALGORITHM ---------------------------------------- # TAG: cache_peer cache_peer proxy.parentdomain parent 8080 3130 # TAG: hierarchy_stoplist hierarchy_stoplist cgi-bin? # TAG: no_cache acl QUERY urlpath_regex cgi-bin \? no_cache deny QUERY # OPTIONS FOR EXTERNAL SUPPORT PROGRAMS ---------------------------------------- # TAG: ftp_user ftp_user Master@domain # TAG: dns_children dns_children 32 # TAG: redirect_program redirect_program /usr/local/bin/squidGuard # ACCESS CONTROLS ---------------------------------------- # TAG: acl acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl SSL_ports port 443 563 acl Safe_ports port 80 21 443 563 70 210 1025-65535 acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT acl Domain src 192.168.0.0/255.255.255.0 # TAG: http_access http_access allow localhost http_access allow Demo http_access deny all # ADMINISTRATIVE PARAMETERS ---------------------------------------- cache_mgr Master@domainsample
3.Set Squid Server automatically ON in runlevel 345,even the system be reboot.
#chkconfig --level 345 squid on
