WWW.NOGNOG.COM

Last modified: Sat, 02 May 2009 11:45:51 +0900

Squid - インストール

　squid をインストールして、プロキシ（キャッシュ）サーバを構築します。
diskdを使用するので、次のサイトを参考にチューニングしています。

http://wiki.squid-cache.org/SquidFaq/DiskDaemon#head-0326ff77448388449b62fc6fb25262e9368cb01a

用意するもの

squid-2.7.STABLE6.tar.gz

公式サイト

http://www.squid-cache.org/

ダウンロードサイト

http://www.squid-cache.org/Versions/v2/2.7/

専用アカウントの作成

コンパイル＆インストール

--- src/errorpage.c.orig        2007-11-22 00:06:13.000000000 +0900
+++ src/errorpage.c     2008-10-01 15:42:04.786524000 +0900
@@ -66,7 +66,7 @@
            "\n<BR clear=\"all\">\n"
            "<HR noshade size=\"1px\">\n"
            "<ADDRESS>\n"
-           "Generated %T by %h (%s)\n"
+           "Generated %t by %h\n"
            "</ADDRESS>\n"
            "</BODY></HTML>\n"
     },

--- /usr/local/bin/RunCache.orig        2008-10-01 15:52:05.094992000 +0900
+++ /usr/local/bin/RunCache     2008-10-01 16:08:07.996482000 +0900
@@ -19,7 +19,7 @@
        echo "Running: squid -sY $conf >> $logdir/squid.out 2>&1"
        echo "Startup: `date`" >> $logdir/squid.out
        start=`date '+%d%H%M%S'`
-       squid -NsY $conf >> $logdir/squid.out 2>&1
+       squid -NY $conf >> $logdir/squid.out 2>&1
        stop=`date '+%d%H%M%S'`
        t=`expr $stop - $start`
        if test 0 -le $t -a $t -lt 5 ; then

コンフィグレーション

--- squid.conf.default  2008-01-31 17:30:45.000000000 +0900
+++ squid.conf  2008-02-12 13:07:00.000000000 +0900
@@ -625,6 +625,10 @@
 #http_access deny to_localhost
 #
 # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
+acl private_networks src 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16
+acl cache_delete method PURGE
+http_access allow private_networks
+http_access allow cache_delete

 # Example rule allowing access from your local networks. Adapt
 # to list your (internal) IP networks from where browsing should
@@ -1599,6 +1605,7 @@
 #
 #Default:
 # memory_replacement_policy lru
+memory_replacement_policy heap GDSF


 # DISK CACHE OPTIONS
@@ -1641,6 +1648,7 @@
 #
 #Default:
 # cache_replacement_policy lru
+cache_replacement_policy heap GDSF

 #  TAG: cache_dir
 #      Usage:
@@ -1788,6 +1796,7 @@
 #
 #Default:
 # cache_dir ufs /var/squid/cache 100 16 256
+cache_dir diskd /var/squid/cache 100 16 256

 #  TAG: store_dir_select_algorithm
 #      Set this to 'round-robin' as an alternative.
@@ -1921,6 +1930,7 @@
 #
 #Default:
 # none
+logformat myformat %>a %ui %un [%{%d/%b/%Y:%H:%M:%S +0900}tl] "%rm %ru HTTP/%rv" %Hs %<st "%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh

 #  TAG: access_log
 #      These files log client request activities. Has a line every HTTP or
@@ -1947,7 +1957,7 @@
 #
 #      Note: 2.6.STABLE14 and earlier only supports a slightly different
 #      and undocumented format with all uppercase LOG_FACILITY|LOG_PRIORITY
-access_log /var/squid/logs/access.log squid
+access_log /var/squid/logs/access.log myformat

 #  TAG: log_access     allow|deny acl acl...
 #      This options allows you to control which requests gets logged
@@ -2024,6 +2034,7 @@
 #
 #Default:
 # logfile_rotate 10
+logfile_rotate 12

 #  TAG: emulate_httpd_log      on|off
 #      The Cache can emulate the log file format which many 'httpd'
@@ -2084,6 +2095,7 @@
 #
 #Default:
 # pid_filename /var/squid/logs/squid.pid
+pid_filename /var/run/squid.pid

 #  TAG: debug_options
 #      Logging options are set as section,level where each source file
@@ -2160,6 +2172,7 @@
 #
 #Default:
 # ftp_user Squid@
+ftp_user ftp@example.com

 #  TAG: ftp_list_width
 #      Sets the width of ftp listings. This should be set to fit in
@@ -2689,6 +2702,7 @@
 #
 #Default:
 # ie_refresh off
+ie_refresh on

 #  TAG: vary_ignore_expire     on|off
 #      Many HTTP servers supporting Vary gives such objects
@@ -2786,6 +2800,8 @@
 #
 #Default:
 # none
+header_access Cache-Control deny all
+header_access Via deny all

 #  TAG: header_replace
 #      Usage:   header_replace header_name message
@@ -2941,6 +2957,7 @@
 #
 #Default:
 # cache_mgr webmaster
+cache_mgr root@example.com

 #  TAG: mail_from
 #      From: email-address for mail sent when the cache dies.
@@ -2991,6 +3008,7 @@
 #
 #Default:
 # httpd_suppress_version_string off
+httpd_suppress_version_string on

 #  TAG: visible_hostname
 #      If you want to present a special hostname in error messages, etc,
@@ -3001,6 +3019,7 @@
 #
 #Default:
 # none
+visible_hostname proxy.example.com

 #  TAG: unique_hostname
 #      If you want to have multiple machines with the same
@@ -3483,6 +3493,7 @@
 #
 #Default:
 # snmp_port 0
+snmp_port 3401

 #  TAG: snmp_access
 #      Allowing or denying access to the SNMP port.
@@ -3498,6 +3509,9 @@
 #
 #Default:
 # snmp_access deny all
+acl snmppublic snmp_community public
+snmp_access allow snmppublic localhost
+snmp_access deny all

 #  TAG: snmp_incoming_address
 #  TAG: snmp_outgoing_address
@@ -4117,6 +4136,7 @@
 #
 #Default:
 # dns_timeout 2 minutes
+dns_timeout 10 seconds

 #  TAG: dns_defnames   on|off
 #      Normally the RES_DEFNAMES resolver option is disabled
@@ -4175,6 +4195,7 @@
 #
 #Default:
 # dns_testnames netscape.com internic.net nlanr.net microsoft.com
+dns_testnames example.com

 #  TAG: append_domain
 #      Appends local domain name to hostnames without any dots in
@@ -4189,6 +4210,7 @@
 #
 #Default:
 # none
+append_domain .example.com

 #  TAG: ignore_unknown_nameservers
 #      By default Squid checks that DNS responses are received
@@ -4268,6 +4290,7 @@
 #
 #Default:
 # forwarded_for on
+forwarded_for off

 #  TAG: cachemgr_passwd
 #      Specify passwords for cachemgr operations.
@@ -4329,6 +4352,8 @@
 #
 #Default:
 # none
+cachemgr_passwd disable shutdown
+cachemgr_passwd password all

 #  TAG: client_db      on|off
 #      If you want to disable collecting per-client statistics,

キャッシュディレクトリの作成

起動

うにっくすさんの覚え書きについて

Home >> うにっくすさんの覚え書き >> Squid - インストール

Total Access:357995 Today:45 Yesterday:284