准备:
两台服务器,一台web,一台squid缓存代理
squid机域名:www.dannylinux.top
web机IP:12.1.1.1
1.版本:
[root@danny squid]# squid -v Squid Cache: Version 3.5.20
2.安装:略,直接yum安装
3.配置
vim /etc/squid/squid.conf acl localnet src 172.31.16.128/32 acl localnet src 10.0.0.0/8 # RFC1918 possible internal network acl localnet src 192.168.0.0/16 # RFC1918 possible internal network acl localnet src fc00::/7 # RFC 4193 local private network range acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localhost manager http_access deny manager http_access allow localnet http_access allow localhost #允许所有IP访问,新版squid的all字段及代表0.0.0.0/0 http_access allow all #http_access deny all #http_port 3128 #设置反向代理服务器监听的端口为3128,accel表示开启squid的accel加速模式 #vhost和vport表示支持虚拟主机和虚拟端口 http_port 3128 accel vhost vport #反向代理地址设置,将3128接收的请求转发到12.1.1.1的80端口 cache_peer 12.1.1.1 parent 80 0 no-query no-digest originserver cache_dir ufs /var/spool/squid 100 16 256 coredump_dir /var/spool/squid refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|?) 0 0% 0 refresh_pattern . 0 20% 4320 #强制匹配 refresh_pattern -i .css$ 360 50% 2880 reload-into-ims refresh_pattern -i .js$ 1440 50% 2880 reload-into-ims refresh_pattern -i .html$ 720 50% 1440 reload-into-ims refresh_pattern -i .jpg$ 1440 90% 2880 ignore-reload refresh_pattern -i .gif$ 1440 90% 2880 ignore-reload refresh_pattern -i .swf$ 1440 90% 2880 ignore-reload refresh_pattern -i .jpg$ 1440 50% 2880 ignore-reload refresh_pattern -i .png$ 1440 50% 2880 ignore-reload refresh_pattern -i .bmp$ 1440 50% 2880 ignore-reload refresh_pattern -i .doc$ 1440 50% 2880 ignore-reload refresh_pattern -i .ppt$ 1440 50% 2880 ignore-reload refresh_pattern -i .xls$ 1440 50% 2880 ignore-reload refresh_pattern -i .pdf$ 1440 50% 2880 ignore-reload refresh_pattern -i .rar$ 1440 50% 2880 ignore-reload refresh_pattern -i .zip$ 1440 50% 2880 ignore-reload refresh_pattern -i .txt$ 1440 50% 2880 ignore-reload
4.检查配置文件
squid -k parse
5.初始化缓存目录
squid -z
6.启动squid
service squid start
7.iptables设置请求重定向
iptables -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128
8.访问域名
www.dannylinux.top 会跳转到web机页面
9.查看缓存情况
squidclient -p 3128 mgr:info
