Squid (squid.conf)

Configuração para Squid 2.5 stable13

Categoria: Miscelânea

Software: Squid

[ Hits: 7.449 ]

Por: Delcimar Martins


Estou postando aqui uma configuração de Squid bem simples e limpa para a versão 2.5 stable13 compilado com os seguintes parâmetros, onde não tem quase nada, somente o armazenamento de cache da rede.

Esta configuração é para uma máquina de 2G de RAM com 600G de HD para o cache.

./configure --enable-underscores --enable-icmp --enable-delay-pools --enable-htcp --enable-linux-netfilter --enable-arp-acl --enable-cache-digests


# [ NETWORK OPTIONS ] ####
http_port 3128 
udp_outgoing_address 255.255.255.255

#### [ OPTIONS WHICH AFFECT THE NEIGHBOR SELECTION ALGORITHM ] ####
icp_query_timeout 2000
maximum_icp_query_timeout 2000
mcast_icp_query_timeout 2000
dead_peer_timeout 10 seconds
acl all src 0/0
acl QUERY urlpath_regex cgi-bin \?

#### [ OPTIONS WHICH AFFECT THE CACHE SIZE ] ####
cache_mem 2000 MB
cache_swap_low 95
cache_swap_high 98
maximum_object_size 4194240 KB 
minimum_object_size 0 KB
maximum_object_size_in_memory 8192 KB
ipcache_size 4096
ipcache_low 90
ipcache_high 95
fqdncache_size 4096
cache_replacement_policy lru 
memory_replacement_policy lru 

#### [ LOGFILE PATHNAMES AND CACHE DIRECTORIES ] ####
cache_dir ufs /usr/local/squid/var/cache/ 550000 16 256 
cache_access_log /usr/local/squid/var/logs/access.log
cache_log /usr/local/squid/var/logs/cache.log
cache_store_log /usr/local/squid/var/logs/store.log
cache_swap_log /usr/local/squid/var/cache/swap.lo%1
emulate_httpd_log off 
log_ip_on_direct on
mime_table /usr/local/squid/etc/mime.conf
log_mime_hdrs off
pid_filename /usr/local/squid/var/logs/squid.pid
debug_options ALL,1
log_fqdn off
client_netmask 255.255.255.255

#### [ OPTIONS FOR EXTERNAL SUPPORT PROGRAMS ] ####
##############################################################################
ftp_list_width 32
ftp_passive on 
ftp_sanitycheck on
ftp_telnet_protocol on
dns_retransmit_interval 5 seconds
dns_timeout 3 minutes
hosts_file /etc/hosts
unlinkd_program /usr/local/squid/libexec/unlinkd
authenticate_cache_garbage_interval 1 hour
authenticate_ttl 1 hour 
authenticate_ip_ttl 60 seconds


#### [ OPTIONS FOR TUNING THE CACHE ] ####
#############################################################################
wais_relay_host proxy
wais_relay_port 80
request_header_max_size 10 KB
refresh_pattern ^ftp:      1440   80%   10080
refresh_pattern ^gopher:   1440   0%   1440
refresh_pattern .      0   80%   4320
quick_abort_min 0 KB
quick_abort_max 10 MB
quick_abort_pct 95
negative_ttl 30 second
positive_dns_ttl 6 hour
negative_dns_ttl 60 second
range_offset_limit 0 KB

#### [ TIMEOUTS ] ####
#############################################################################
connect_timeout 2 minute
peer_connect_timeout 30 seconds
request_timeout 60 second
persistent_request_timeout 1 minute
client_lifetime 1 hour
half_closed_clients on
pconn_timeout 120 second
ident_timeout 10 seconds
shutdown_lifetime 30 second

#### [ ACCESS CONTROLS ] ####
############################################################################
acl fileupload req_mime_type -i ^multipart/form-data$
acl javascript rep_mime_type -i ^application/x-javascript$

acl localhost src 127.0.0.1/255.255.255.255

acl Safe_ports port 80
acl Safe_ports port 21 20
acl Safe_ports port 53
acl Safe_ports port 1025-65535

http_access allow fileupload javascript

http_access deny !Safe_ports 
http_access allow all 

http_reply_access allow all
no_cache deny QUERY localhost
miss_access allow all
ident_lookup_access allow all

#### [ ADMINISTRATIVE PARAMETERS ] ####
###############################################################################
cache_mgr eu@eu.com.br
cache_effective_user nobody
cache_effective_group nogroup
visible_hostname proxy
hostname_aliases proxy.comp.com.br

#### [ HTTPD-ACCELERATOR OPTIONS versao anterior a 2.6] ####
#############################################################################
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

#### [ MISCELLANEOUS ] ####
##############################################################################
dns_testnames 200.20.57.2 200.20.57.22
#dns_testnames 10.0.0.31
logfile_rotate 10
append_domain .comp.com.br
memory_pools on
forwarded_for on
log_icp_queries on
icp_hit_stale off
minimum_direct_hops 8
minimum_direct_rtt 400
store_objects_per_bucket 20
client_db on
netdb_low 900
netdb_high 1000
netdb_ping_period 5 minutes
query_icmp off
test_reachability off
buffered_logs off
header_access http allow all
icon_directory /usr/local/squid/share/icons
error_directory /usr/local/squid/share/errors/Portuguese
#snmp_port 3401
#snmp_access deny all
#snmp_incoming_address 0.0.0.0
#snmp_outgoing_address 255.255.255.255
wccp_router 0.0.0.0
wccp_version 4
wccp_incoming_address 0.0.0.0
wccp_outgoing_address 255.255.255.255

#### [ DELAY POOL PARAMETERS (all require DELAY_POOLS compilation option) ] ####
################################################################################
incoming_icp_average 6
incoming_http_average 4
incoming_dns_average 4
min_icp_poll_cnt 8
min_dns_poll_cnt 8
min_http_poll_cnt 8
max_open_disk_fds 0
offline_mode off
uri_whitespace strip
nonhierarchical_direct off
prefer_direct off
strip_query_terms on
coredump_dir /usr/local/squid/var/cache
redirector_bypass off
ignore_unknown_nameservers on
digest_generation on
digest_bits_per_entry 5
digest_rebuild_period 1 hour
digest_rewrite_period 1 hour
digest_swapout_chunk_size 4096 bytes
digest_rebuild_chunk_percentage 10
client_persistent_connections on
server_persistent_connections on
pipeline_prefetch on
request_entities off
high_response_time_warning 1 hour
high_page_fault_warning 5 minutes
high_memory_warning 99 MB 
store_dir_select_algorithm least-load
ie_refresh off
vary_ignore_expire off
sleep_after_fork 0
  


Comentários

Nenhum comentário foi encontrado.


Contribuir com comentário

  



Patrocínio

Site hospedado pelo provedor RedeHost.
Linux banner

Destaques

Artigos

Dicas

Tópicos

Top 10 do mês

Scripts