首先升级openssl(为了系统更安全)
详见 http://blog.platinum.net.cn/index.php?op=ViewArticle&articleId=16&blogId=1
编译squid
./configure --prefix=/usr/local/squid --mandir=/usr/share/man --enable-carp --with-dl --enable-storeio=aufs,ufs,diskd,coss,null --with-pthreads --enable-icmp --enable-delay-pools --enable-useragent-log --enable-referer-log --enable-kill-parent-hack --enable-snmp --enable-arp-acl --enable-htcp --enable-ssl --with-openssl=/usr/local/openssl-0.9.7e --enable-external-acl-helpers=ip_user --enable-err-language="Simplify_Chinese" --enable-err-language="Simplify_Chinese" --enable-linux-netfilter --enable-auth="basic" --enable-baisc-auth-helpers="NCSA" --enable-underscores --enable-x-accelerator-vary --disable-internal-dns
修改src/fs/aufs/store_asyncufs.h,使其可以用异步IO写文件,以提高存储速度
将#define ASYNC_WRITE改为1
make
make install
进入helpers/basic_auth/NCSA,编译出nasa_auth
make
make install
利用apache里面的htpasswd生成密码文件
/path/htpasswd -c /etc/squid.pass test
123
123
配置squid.conf
详见 http://blog.platinum.net.cn/index.php?op=ViewArticle&articleId=16&blogId=1
编译squid
./configure --prefix=/usr/local/squid --mandir=/usr/share/man --enable-carp --with-dl --enable-storeio=aufs,ufs,diskd,coss,null --with-pthreads --enable-icmp --enable-delay-pools --enable-useragent-log --enable-referer-log --enable-kill-parent-hack --enable-snmp --enable-arp-acl --enable-htcp --enable-ssl --with-openssl=/usr/local/openssl-0.9.7e --enable-external-acl-helpers=ip_user --enable-err-language="Simplify_Chinese" --enable-err-language="Simplify_Chinese" --enable-linux-netfilter --enable-auth="basic" --enable-baisc-auth-helpers="NCSA" --enable-underscores --enable-x-accelerator-vary --disable-internal-dns
修改src/fs/aufs/store_asyncufs.h,使其可以用异步IO写文件,以提高存储速度
将#define ASYNC_WRITE改为1
make
make install
进入helpers/basic_auth/NCSA,编译出nasa_auth
make
make install
利用apache里面的htpasswd生成密码文件
/path/htpasswd -c /etc/squid.pass test
123
123
配置squid.conf
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
emulate_httpd_log on
auth_param basic program /usr/local/squid/libexec/ncsa_auth /etc/squid.pass
auth_param basic children 5
auth_param basic realm Platinum proxy-caching server
auth_param basic credentialsttl 1 minutes
auth_param basic casesensitive off
refresh_pattern ^ftp: & & & & & 1440 & &20% & & 10080
refresh_pattern ^gopher: & & & &1440 & &0% & & &1440
refresh_pattern . & & & & & & & 0 & & & 20% & & 4320
cachemgr_passwd platinum all
acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl AUTHUSER proxy_auth REQUIRED
http_access allow AUTHUSER
http_access allow localhost
http_access allow to_localhost
http_access deny &all
http_reply_access allow all
icp_access allow all
cache_effective_user squid
visible_hostname platinum
httpd_accel_host platinum
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
error_directory /usr/local/squid/share/errors/Simplify_Chinese
coredump_dir /usr/local/squid/var/cache
cache_dir aufs /usr/local/squid/var/cache 100 16 256
cache_access_log /usr/local/squid/var/logs/access.log
cache_log /usr/local/squid/var/logs/cache.log
cache_store_log /usr/local/squid/var/logs/store.log
cache_mem 32 MB
创建交换文件
useradd squid -s /sbin/nologin
mkdir -p /usr/local/squid/var/cache
chown -R squid.squid /usr/local/squid/var
/usr/local/squid/sbin/squid -z
运行squid
/usr/local/squid/sbin/squid
若使开机自动运行,在/etc/rc.local里添加即可
注意:
用户认证模式不能与透明模式一起使用,否则会出错,用户验证无法通过
用户认证模式不能与透明模式一起使用,否则会出错,用户验证无法通过
