squid安装与反向代理的配置

目前两台服务器,IP地址分别为
192.168.1.120
192.168.2.50
其中192.168.2.50提供web服务,可直接通过192.168.2.50访问该站点,现在要在192.168.1.120上安装squid来做192.168.2.50的反向代理,当用户访问192.168.1.120时,120服务器将用户的请求转给50,50响应后将响应内容转给120,然后再由120返回给用户。
1. 安装squid

下载最新squid安装包.
squid-3.0.STABLE21.tar.gz
解压
tar zxvf squid-3.0.STABLE21.tar.gz
配置

./configure --prefix=/usr/local/squid \
--disable-carp \
--with-aufs-threads=32 \
--with-pthreads \
--enable-storeio='ufs,aufs,null' \
--enable-disk-io='AIO,Blocking' \
--enable-removal-policies='heap,lru' \
--disable-wccp \
--enable-kill-parent-hack \
--disable-snmp \
--disable-poll \
--disable-select \
--enable-auth=basic \
--with-aio \
--disable-ident-lookup \
--with-filedescriptors=65536

编译和安装

make && make install

2. 配置squid
三、配置/usr/local/squid/etc/squid.conf
#vim /usr/local/squid/etc/squid.conf
直接在配置文件最后加入即可

# 主机名(3.0加入配置),无此项无法启动
visible_hostname 192.168.1.120 
 
# 管理员邮箱,会显示在错误信息页面上,方便发生错误时联系!
cache_mgr root@localhost.localdomain
 
# 实现透明代理(squid2.7以上),其中vhost是必须的
http_port 80 vhost vport
 
# 缓存设置
cache_mem 256 MB
maximum_object_size_in_memory 2 MB
 
# 替换机制(lru叫做“最近不常用的单元”unit一般就是常说object, 也就是当cache
# 中的内容比如内存或硬盘达到上限时就需要进行数据的换进和换出工作)
memory_replacement_policy lru
 
# 缓存目录512M,其中一级目录16个,二级256个(每个一级下16个二级)
cache_dir ufs /usr/local/squid/var/cache 512 16 256
max_open_disk_fds 0
 
#缓存内容大小控制,当cache目录被占用到97%时,内容将被清空20%
cache_swap_low 80
cache_swap_high 97
 
# 错误信息目录
error_directory /usr/local/squid/share/errors/Simplify_Chinese
 
# 最大和最小缓存对象
minimum_object_size 0 KB
maximum_object_size 30 MB
 
# 日志格式
logformat combined %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %<st "%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh
access_log /usr/local/squid/var/logs/page_zs_access_log combined
pid_filename /usr/local/squid/var/logs/squid.pid
 
# 不记录store.log
cache_store_log none
 
# 指定代理服务器IP,2.5版本以上都是以cache_peer指定
# 需要将apache端口改成81(包括其虚拟机端口< 这里最后补充说明>)
cache_peer 192.168.2.50 parent 80 0 no-query no-digest originserver 
 
# 允许客户端所有请求(这里可以设置拦截url,格式如下面两行缓存设置)
http_access allow all
 
# 设置不缓存url类型(空格隔开)
acl QUERY urlpath_regex .php .jsp .asp .pl .cgi
cache deny QUERY
 
#设置运行squid用户,一般不能以root运行
cache_effective_user squid
cache_effective_group squid
</st>

创建缓存目录
#/usr/local/squid/sbin/squid –z

启动squid
#/usr/local/squid/sbin/squid

停止squid:
#/usr/local/squid/sbin/squid -k shutdown

使用新配置启动:
#/usr/local/squid/sbin/squid -k reconfigure

3.测试
这时访问192.168.1.120就能访问192.168.2.50了。

4.性能监测

可能通过squidclient这个工具来查看squid的运行情况,缓存命中率等。

/usr/local/squid/bin/squidclient -p 80 mgr:info

通过

/usr/local/squid/bin/squidclient -p 80 mgr:

可查看各选项的使用说明.

内存使用情况可通过如下选项查看

squidclient -p 80 mgr:mem

参考资料
http://blog.sina.com.cn/s/blog_5f3867c90100f10a.html~type=v5_one&label=rela_prevarticle
http://bbs3.chinaunix.net/thread-1066625-1-1.html
http://www.360doc.com/content/09/0707/18/32573_4177754.shtml
Squid中文权威指南

祝大家圣诞节快乐

机器人 2009年12月14日 16:56 于 北京 阴

此条目发表在 系统架构 分类目录,贴了 , , 标签。将固定链接加入收藏夹。

squid安装与反向代理的配置》有 11 条评论

  1. 谢谢啊 找了好久才找到

  2. I appreciate the approach you sound so excited concerning what one is posting. Keep ones excellent posts…

  3. giclee prints 说:

    Thanks for helping out, great information.

  4. Jeffie Rathe 说:

    Wow! Thank you! I permanently needed to write on my website something like that. Can I include a portion of your post to my blog?

  5. What i do not realize is in fact how you are not actually much more neatly-favored than you might be right now. You’re very intelligent. You recognize thus significantly in terms of this subject, produced me in my opinion believe it from numerous varied angles. Its like women and men don’t seem to be interested unless it is one thing to accomplish with Girl gaga! Your own stuffs nice. Always maintain it up!

  6. We were all offered a free meal in the hospital cafeteria on Christmas Day, so we claimed that meal and prepared a banquet for our Christmas guests. We needed presents. We put together oranges and apples in a basket. We collected from different departments candies, crayons and other things available that could be presents. As seriously as we met the physical needs of the patients that came to us that day, our team worked to meet the needs, and exceed the expectations, of a family who just wanted to be warm on Christmas Day.

  7. The next time I read a weblog, I hope that it doesnt disappoint me as a lot as this one. I mean, I know it was my selection to read, but I essentially believed youd have something intriguing to say. All I hear is often a bunch of whining about some thing which you could fix if you werent too busy seeking attention.

  8. I am 69 years old and I was searching for this and final i find here. This is just awesome site and article based or true handwork. Thanks for sharing with us.

  9. Edwardgep 说:

    powermtaexpert

  10. 夏使友坐 说:

    杭州最好的夜场是杭州东方魅力www.dongfangmeili.cn

    杭州最好的ktv是哪儿?是杭州东方魅力www.dongfangmeili.cn
    杭州夜场招聘首选杭州东方魅力www.dongfangmeili.com.cn

    杭州最好的夜总会是杭州东方魅力www.dongfangmeili.com.cn

    杭州东方魅力官方网站欢迎你 联系电话:13666653761 官方微信:dongfangmeili

  11. Pingback 引用通告: fuck google

发表评论

电子邮件地址不会被公开。 必填项已用*标注

您可以使用这些HTML标签和属性: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>