This needs the following information i. The proxy server's host name ii. The port by which the proxy server accepts connections. Next you have to configure your cache host to accept the redirected packets - any IP address, on port 80 - and deliver them to your cache application. In Linux they call this ipfilter kernel 2. To run Squid as an accelerator, you probably want to listen on port And you have to define the machine you are accelerating for.
After you've finished editing the configuration file, you can start Squid for the first time. Suitable for use in a title. If a version number is relevant state it in a separate paragraph below the name details. For example:. PP Version 1. Version 1.
If an option takes a parameter those parameter descriptors are to be left open for translation. All other parts of the syntax are to be marked not for translation. B squid. B ] documents: squid [-dh] [-f config-file ]. It should but is not required to begin with the file name in bold.
Paragraphs in the description are separated by. PP tags. Any words which name a file or binary should be marked out in bold. Unlike traditional caching software, Squid handles all requests in a single, non-blocking process. With an empty line between each. The table column offset of the description text is 12 characters, set on the first.
TP tag. The option switch and any accepted variable names are marked not for translation unlike in synopsis. The option description is open for translation. Any repetition of the variable name is highlighted in bold. To start Squid for the first time, no changes are necessary in this file, but external clients are initially denied access.
The proxy is available for localhost. The default port is Nearly all entries begin with the lines are commented and the relevant specifications can be found at the end of the line. The given values almost always correlate with the default values, so removing the comment signs without changing any of the parameters actually has little effect in most cases. If possible, leave the sample as it is and insert the options along with the modified parameters in the line below.
This way, the default values may easily be recovered and compared with the changes. If you try to use the old squid. This is the port on which Squid listens for client requests. The default port is , but is also common. If desired, specify several port numbers separated by blank spaces. Here, enter a parent proxy, for example, if you want to use the proxy of your ISP. As hostname , enter the name or IP address of the proxy to use and, as type , enter parent.
For proxy-port , enter the port number that is also given by the operator of the parent for use in the browser usually Set the icp-port to 7 or 0 if the ICP port of the parent is not known and its use is irrelevant to the provider.
In addition, default and no-query may be specified after the port numbers to prohibit the use of the ICP protocol. Squid then behaves like a normal browser as far as the provider's proxy is concerned. This entry defines the amount of memory Squid can use for very popular replies.
The default is 8 MB. This does not specify the memory usage of Squid and may be exceeded. The numbers at the end indicate the maximum disk space in MB to use and the number of directories in the first and second level. The ufs parameter should be left alone.
When specifying the disk space to use, leave sufficient reserve disk space. The last two numbers for the directories should only be increased with caution, because too many directories can also lead to performance problems.
These three entries specify the paths where Squid logs all its actions. Normally, nothing is changed here. If Squid is experiencing a heavy usage burden, it might make sense to distribute the cache and the log files over several disks. If the entry is set to on , obtain readable log files. Some evaluation programs cannot interpret this, however. With this entry, mask IP addresses of clients in the log files. The last digit of the IP address is set to zero if you enter You may protect the privacy of your clients this way.
With this, set the password Squid should use for the anonymous FTP login. It can make sense to specify a valid e-mail address here, because some FTP servers check these for validity. An e-mail address to which Squid sends a message if it unexpectedly crashes. The default is webmaster. If you run squid -k rotate , Squid can rotate secured log files. The files are numbered in this process and, after reaching the specified value, the oldest file is overwritten. Usually, your own domain is entered here, so entering www in the browser accesses your own Web server.
Otherwise it adds a line to the header like. Normally, you do not need to change these values. If you have a dial-up connection, however, the Internet may, at times, not be accessible. Squid makes a note of the failed requests then refuses to issue new ones, although the Internet connection has been reestablished.
In a case such as this, change the minutes to seconds. Then, after clicking Reload in the browser, the dial-up process should be reengaged after a few seconds. To prevent Squid from taking requests directly from the Internet, use the above command to force connection to another proxy. This might be necessary, for example, if you are using a provider that strictly stipulates the use of its proxies or denies its firewall direct Internet access.
Squid provides a detailed system for controlling the access to the proxy. By implementing ACLs, it can be configured easily and comprehensively. This involves lists with rules that are processed sequentially. ACLs must be defined before they can be used. Some default ACLs, such as all and localhost , already exist. However, the mere definition of an ACL does not mean that it is actually applied.
An ACL requires at least three specifications to define it. The following are some simple examples:. For this, ACLs must be given. In the following example, the localhost has free access to everything while all other hosts are denied access completely.
In another example using these rules, the group teachers always has access to the Internet. How do I configure Squid without re-compiling it? The squid. Please see the directory where you unpacked the source archive.
The configuration includes but not limited to HTTP port number, the ICP request port number, incoming and outgoing requests, information about firewall access, and various timeout information. There is still a fair bit of config knowledge buried in the old SquidFaq and Guide pages of this wiki.
We are endeavoring to pull them into a layout easier to use. Any complex tuning stuff mixing features and specific demos in ConfigExamples and usually linked from the related features or FAQ pages as well.
For Squid 2. From 2. They list all the options each version of Squid can accept in its squid. This minimal configuration does not work with versions earlier than 3. If you are behind a firewall which can't make direct connections to the outside world, you must use a parent cache. Normally Squid tries to be smart and only uses cache peers when it makes sense from a perspective of global hit ratio, and thus you need to tell Squid when it can not go direct and must use a parent proxy even if it knows the request will be a cache miss.
For example, if Squid must connect directly to all servers that end with mydomain. Your internal DNS servers may not be able to lookup external domains. The first is that squid is not very tolerant to running out of disk space.
So in any case make sure to leave some extra room for this, or your cache will enter an endless crash-restart cycle.
0コメント