FreeBsd squid安装

pkg_add ftp://ftp.cn.FreeBSD.org/pub/FreeBSD/releases/i386/6.2-RELEASE/packages/editors/vim6-6.4.9.tbz

/usr/local/squid/sbin/squid -f /usr/local/squid/etc/squid.conf -z

/usr/local/squid/sbin/squid -s -N -f /usr/local/squid/etc/squid.conf &
sysctl net.inet.tcp.msl=2000

//Freebsd 内核修改

sysctl kern.ipc.nmbclusters=135168

/etc/sysctl.conf

kern.ipc.nmbclusters=135168
 

'--bindir=/usr/local/sbin' '--sbindir=/usr/local/sbin' '--datadir=/usr/local/etc/squid' '--libexecdir=/usr/local/libexec/squid' '--localstatedir=/usr/local/squid' '--sysconfdir=/usr/local/etc/squid' '--enable-removal-policies=lru heap' '--disable-linux-netfilter' '--disable-linux-tproxy' '--disable-epoll' '--enable-auth=basic ntlm digest' '--enable-basic-auth-helpers=DB NCSA PAM MSNT SMB YP' '--enable-digest-auth-helpers=password' '--enable-external-acl-helpers=ip_user session unix_group wbinfo_group' '--enable-ntlm-auth-helpers=SMB' '--enable-negotiate-auth-helpers=squid_kerb_auth' '--enable-storeio=ufs diskd null' '--enable-err-languages=Simplify_Chinese English' '--enable-default-err-language=English' '--enable-dlmalloc' '--enable-x-accelerator-vary' '--with-aufs-threads=16' '--with-aio' '--with-maxfd=32768' '--disable-poll' '--disable-wccpv2' 'CFLAGS=-O3 -pipe -msse2 -mfpmath=sse,387 -mmmx -fomit-frame-pointer' '--prefix=/usr/local' '--mandir=/usr/local/man' '--infodir=/usr/local/info/' 'i386-portbld-freebsd6.2' 'build_alias=i386-portbld-freebsd6.2' 'host_alias=i386-portbld-freebsd6.2' 'target_alias=i386-portbld-freebsd6.2' 'CC=cc' 'LDFLAGS=' 'CPPFLAGS='

squid.conf 配置文件

#http_port 10.68.2.87:80 vhost vhost defaultsite=x.bbs.sina.com.cn
http_port 8080 vhost
#cache_peer 10.69.2.241 parent 80 0 no-query originserver name=a
cache_peer_domain static.photo.sina.com.cn
icp_port 0
udp_incoming_address 127.0.0.1
udp_outgoing_address 0.0.0.0
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin
no_cache deny QUERY
cache_mem 512 MB
cache_swap_low 90
cache_swap_high 95
maximum_object_size 16384 KB
minimum_object_size 0 KB
maximum_object_size_in_memory 384 KB
ipcache_size 1024
ipcache_low 90
ipcache_high 95
fqdncache_size 1024
#cache_replacement_policy heap GDSF
cache_replacement_policy lru
memory_replacement_policy lru
cache_dir ufs /data1/cache 40960 32 64
#cache_dir ufs /data2/squid/cache 40960 32 64
#cache_dir ufs /data3/squid/cache 40960 32 64

cache_access_log /data0/logs/access.log
cache_log /data0/logs/squid.log
cache_store_log none
emulate_httpd_log on
log_ip_on_direct on
mime_table /usr/local/etc/squid/mime.conf
log_mime_hdrs off
pid_filename /data0/logs/squid.pid
debug_options ALL,1
log_fqdn off
client_netmask 255.255.255.255
hosts_file /usr/local/etc/squid/hosts.squid
request_header_max_size 16 KB
request_body_max_size 2 KB
refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern .               0       20%     4320
quick_abort_pct 1
negative_ttl 30 seconds
range_offset_limit 1 KB
connect_timeout 60 seconds
peer_connect_timeout 30 seconds
read_timeout 60 seconds
request_timeout 60 seconds
persistent_request_timeout 5 seconds
client_lifetime 1 hour
half_closed_clients off
pconn_timeout 120 seconds
shutdown_lifetime 30 seconds
#acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443 563     # https, snews
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl CONNECT method CONNECT 
acl allowed_ports port 80
acl allowed_ports port 8080
acl allowed_hosts dst 127.0.0.0/8
acl allowed_hosts dst 10.68.2.0/24
acl allowed_doms dstdomain .sina.com.cn
acl allowed_methods method GET
acl allowed_methods method HEAD
acl denied_doms  dstdomain classad.img.sina.com.cn

acl all src 0.0.0.0/0.0.0.0
http_access allow all

acl AdminBoxes src 10.69.2.0/24
acl PURGE method PURGE

http_access allow PURGE AdminBoxes
http_access deny PURGE

acl samba src 202.106.184.186/32
acl netmon src 202.106.184.186/32
no_cache deny netmon  
http_access allow manager samba
http_access deny manager all
http_access deny !allowed_methods
http_access deny !allowed_ports
http_access deny !allowed_doms
always_direct allow allowed_doms
http_access deny to_localhost
http_access deny QUERY
http_access allow all
http_reply_access allow all
icp_access deny all
reply_body_max_size 0 allow all
# httpd_accel_host virtual
# httpd_accel_port 80
# httpd_accel_single_host off 
# httpd_accel_with_proxy off
# httpd_accel_uses_host_header on
httpd_accel_no_pmtu_disc off
logfile_rotate 20
memory_pools on
memory_pools_limit 2048 MB
log_icp_queries on
cachemgr_passwd none all
store_avg_object_size 7 KB
client_db on
reload_into_ims on
error_directory /usr/local/etc/squid/errors/English
offline_mode off
uri_whitespace strip
coredump_dir /data0/logs
ignore_unknown_nameservers on
client_persistent_connections off
server_persistent_connections on
# client_no_cache off
store_dir_select_algorithm least-load

acl apache rep_header Server ^Apache

visible_hostname 108

cache_effective_user www
cache_effective_group www