How to install and setup squid on freebsd February 6th, 2010
Web Server IP Address –> 192.168.0.1
Public IP address (The Address that Squid will listen on to handle web requests) –> 10.10.10.10
web Server FQDN name —> http://linax.wordpress.com
# cd /usr/local/src/
# wget http://www.squid-cache.org/Versions/v2/2.7/squid-2.7.STABLE6.tar.bz2
# tar -jxf squid-2.7.STABLE6.tar.bz2
# cd squid-2.7.STABLE6/
# ./configure --prefix=/opt/squid2.7 --disable-internal-dns \
--enable-forward-log --enable-follow-x-forwarded-for --enable-snmp \
--enable-linux-netfilter --enable-http-violations --enable-delay-pools \
--enable-storeio=diskd,aufs,ufs,coss --with-coss-membuf-size=8388608 --with-large-files \
--enable-large-cache-files --with-maxfd=8192 --enable-async-io=64 \
--enable-removal-policies=lru,heap --enable-useragent-log --enable-referer-log \
--enable-err-languages=English --enable-default-err-language=English
# make && make install
# cd /opt/squid2.7/etc/
# cp squid.conf{,-bak}
here is my squid.conf :
—————————————————————
# cat squid.conf
acl all src all acl web-server dst 192.168.0.1/255.255.255.255 acl http_port port 80 acl manager proto cache_object acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow web-server http_port all http_access deny all deny_info http://linax.wordpress.com/ all icp_access deny all http_port 10.10.10.10:80 accel defaultsite=linax.wordpress.com cache_peer 192.168.0.1 parent 80 0 no-query originserver default icp_port 0 hierarchy_stoplist cgi-bin ? cache_mem 1024 MB maximum_object_size_in_memory 128 KB cache_dir aufs /opt/squid2.7/var/cache 4096 16 256 cache_replacement_policy heap LFUDA memory_replacement_policy heap GDSF maximum_object_size 104857 KB access_log /opt/squid2.7/var/logs/access.log squid logfile_rotate 1 refresh_pattern cgi-bin 1 40% 2 refresh_pattern \.asp$ 1 40% 2 refresh_pattern \.acgi$ 1 40% 2 refresh_pattern \.cgi$ 1 40% 2 refresh_pattern \.pl$ 1 40% 2 refresh_pattern \.shtml$ 1 40% 2 refresh_pattern \.php3$ 1 40% 2 refresh_pattern \? 1 40% 2 refresh_pattern \.gif$ 10080 90% 43200 reload-into-ims refresh_pattern \.jpg$ 10080 90% 43200 reload-into-ims refresh_pattern \.bom\.gov\.au 30 20% 120 reload-into-ims refresh_pattern \.html$ 480 50% 22160 reload-into-ims refresh_pattern \.htm$ 480 50% 22160 reload-into-ims refresh_pattern \.class$ 10080 90% 43200 reload-into-ims refresh_pattern \.zip$ 10080 90% 43200 reload-into-ims refresh_pattern \.jpeg$ 10080 90% 43200 reload-into-ims refresh_pattern \.mid$ 10080 90% 43200 reload-into-ims refresh_pattern \.shtml$ 480 50% 22160 reload-into-ims refresh_pattern \.exe$ 10080 90% 43200 reload-into-ims refresh_pattern \.thm$ 10080 90% 43200 reload-into-ims refresh_pattern \.wav$ 10080 90% 43200 reload-into-ims refresh_pattern \.txt$ 10080 90% 43200 reload-into-ims refresh_pattern \.cab$ 10080 90% 43200 reload-into-ims refresh_pattern \.au$ 10080 90% 43200 reload-into-ims refresh_pattern \.mov$ 10080 90% 43200 reload-into-ims refresh_pattern \.xbm$ 10080 90% 43200 reload-into-ims refresh_pattern \.ram$ 10080 90% 43200 reload-into-ims refresh_pattern \.avi$ 10080 90% 43200 reload-into-ims refresh_pattern \.chtml$ 480 50% 22160 reload-into-ims refresh_pattern \.thb$ 10080 90% 43200 reload-into-ims refresh_pattern \.dcr$ 10080 90% 43200 reload-into-ims refresh_pattern \.bmp$ 10080 90% 43200 reload-into-ims refresh_pattern \.phtml$ 480 50% 22160 reload-into-ims refresh_pattern \.mpg$ 10080 90% 43200 reload-into-ims refresh_pattern \.pdf$ 10080 90% 43200 reload-into-ims refresh_pattern \.art$ 10080 90% 43200 reload-into-ims refresh_pattern \.swf$ 10080 90% 43200 reload-into-ims refresh_pattern \.mp3$ 10080 90% 43200 reload-into-ims refresh_pattern \.ra$ 10080 90% 43200 reload-into-ims refresh_pattern \.spl$ 10080 90% 43200 reload-into-ims refresh_pattern \.viv$ 10080 90% 43200 reload-into-ims refresh_pattern \.doc$ 10080 90% 43200 reload-into-ims refresh_pattern \.gz$ 10080 90% 43200 reload-into-ims refresh_pattern \.Z$ 10080 90% 43200 reload-into-ims refresh_pattern \.tgz$ 10080 90% 43200 reload-into-ims refresh_pattern \.tar$ 10080 90% 43200 reload-into-ims refresh_pattern \.vrm$ 10080 90% 43200 reload-into-ims refresh_pattern \.vrml$ 10080 90% 43200 reload-into-ims refresh_pattern \.aif$ 10080 90% 43200 reload-into-ims refresh_pattern \.aifc$ 10080 90% 43200 reload-into-ims refresh_pattern \.aiff$ 10080 90% 43200 reload-into-ims refresh_pattern \.arj$ 10080 90% 43200 reload-into-ims refresh_pattern \.c$ 10080 90% 43200 reload-into-ims refresh_pattern \.cpt$ 10080 90% 43200 reload-into-ims refresh_pattern \.dir$ 10080 90% 43200 reload-into-ims refresh_pattern \.dxr$ 10080 90% 43200 reload-into-ims refresh_pattern \.hqx$ 10080 90% 43200 reload-into-ims refresh_pattern \.jpe$ 10080 90% 43200 reload-into-ims refresh_pattern \.lha$ 10080 90% 43200 reload-into-ims refresh_pattern \.lzh$ 10080 90% 43200 reload-into-ims refresh_pattern \.midi$ 10080 90% 43200 reload-into-ims refresh_pattern \.movie$ 10080 90% 43200 reload-into-ims refresh_pattern \.mp2$ 10080 90% 43200 reload-into-ims refresh_pattern \.mpe$ 10080 90% 43200 reload-into-ims refresh_pattern \.mpeg$ 10080 90% 43200 reload-into-ims refresh_pattern \.mpga$ 10080 90% 43200 reload-into-ims refresh_pattern \.pl$ 10080 90% 43200 reload-into-ims refresh_pattern \.ppt$ 10080 90% 43200 reload-into-ims refresh_pattern \.ps$ 10080 90% 43200 reload-into-ims refresh_pattern \.qt$ 10080 90% 43200 reload-into-ims refresh_pattern \.qtm$ 10080 90% 43200 reload-into-ims refresh_pattern \.ras$ 10080 90% 43200 reload-into-ims refresh_pattern \.sea$ 10080 90% 43200 reload-into-ims refresh_pattern \.sit$ 10080 90% 43200 reload-into-ims refresh_pattern \.tif$ 10080 90% 43200 reload-into-ims refresh_pattern \.tiff$ 10080 90% 43200 reload-into-ims refresh_pattern \.snd$ 10080 90% 43200 reload-into-ims refresh_pattern \.wrl$ 10080 90% 43200 reload-into-ims refresh_pattern ^ftp: 1440 60% 22160 refresh_pattern ^gopher: 1440 20% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern . 480 50% 22160 reload-into-ims quick_abort_min 32 KB quick_abort_max 32 KB quick_abort_pct 95 acl shoutcast rep_header X-HTTP09-First-Line ^ICY.[0-9] upgrade_http0.9 deny shoutcast acl apache rep_header Server ^Apache broken_vary_encoding allow apache coredump_dir /opt/squid2.7/var/cache cache_mgr nasser@linax.wordpress.com visible_hostname linax.wordpress.com dns_children 8 forwarded_for on emulate_httpd_log on redirect_rewrites_host_header off buffered_logs on
—————————————————————
First Start:
# chown -R nobody:nobody /usr/local/squid/var/logs
# mkdir /opt/squid2.7/var/cache
# chown -R nobody:nobody /opt/squid2.7/var/cache
# /opt/squid2.7/sbin/squid -z
# /opt/squid2.7/sbin/squid -D
check file descriptors
# /usr/local/squid/bin/squidclient mgr:info | grep ‘file descri’
Set the following at freebsd to increase ranges by editing /etc/sysctl.conf:
net.inet.ip.portrange.last=65535
net.inet.ip.portrange.first=1024
kern.maxfilesperproc=8192
kern.maxfiles=65535
Type the following at a shell prompt
sysctl net.inet.ip.portrange.last=65535
sysctl net.inet.ip.portrange.first=1024
sysctl kern.maxfilesperproc=8192
sysctl kern.maxfiles=65535
verify it
/usr/local/squid/bin/squidclient mgr:info | grep ‘file descri’
we will plan long term
for this we will rotate squid logs
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ /usr/local/etc/logrorate.conf ~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/usr/local/squid/var/logs/access.log {
daily
rotate 180
start 1
copytruncate
compress
compresscmd /usr/bin/bzip2
compressext .bz2
compressoptions -sq9
dateext
notifempty
missingok
}
/usr/local/squid/var/logs/cache.log {
daily
rotate 30
start 1
copytruncate
compress
compresscmd /usr/bin/bzip2
compressext .bz2
compressoptions -sq9
dateext
notifempty
missingok
}
/usr/local/squid/var/logs/store.log {
daily
rotate 30
start 1
copytruncate
compress
compresscmd /usr/bin/bzip2
compressext .bz2
compressoptions -sq9
dateext
notifempty
missingok
postrotate
/usr/local/squid/sbin/squid -k rotate
endscript
}
or Create a directory for specific logrotate files
mkdir -p /usr/local/etc/logrotate.d
First, create a logrotate file for Squid to rotate it’s access.log files for 90 days and cache.log for 7 days.
cd /usr/local/etc/logrotate.d/
vi /usr/local/etc/logrotate.d/squid
#Copy and paste the above squid logrotation, that was copied to logrotate.conf.
Thanks to Almighty Allah and Author .
source here
also watch Squid 2.7 – aufs
Tags: compile squid, freebsd, how to, proxy, reverse proxy, Squid, Web Accelerator
This entry was posted on Saturday, February 6th, 2010 at 11:58 am and is filed under feebsd, Networking. You can follow any responses to this entry through the RSS 2.0 feed.You can leave a response, or trackback from your own site.
This entry was posted on Saturday, February 6th, 2010 at 11:58 am and is filed under feebsd, Networking. You can follow any responses to this entry through the RSS 2.0 feed.You can leave a response, or trackback from your own site.
One Response
February 8th, 2010 at 9:03 pm
Alex Says:
Alex Says:
Getting fairly tough to find a RELIABLE open source server these days! Thanks for the post! Fortunately, I found a GREAT company to use!
