Squid配置反向代理
2013-04-19 09:47
253 查看
通过采用Squid的反向代理功能提高客户端对网站的浏览速度;
测试环境:
普通PC机+RedHat linux As4+Squid 2.6
技术概述:
以下分别采用了3种不同的模式在测试平台下对网站进行加速,原理:用户请求-〉DNS解析到Squid-Cache-〉Squid-Cache通过本地hosts进行解析-〉Web服务器(如果没有缓存)-〉Squid-Cache服务器-〉用户。 详细配置文档如下:
一、 Squid网路拓扑
二、 配置步骤
说明:粉红色标注是运行命令,红色标注关键的参数,蓝色标注是配置文件的代码;
Setp 1 – Download file and compiling Squid
1. 首先卸载自带的squid程序,使用命令如下
#rpm –q squid #检测是否已安装了squid
# rpm –e squid全文件名 #卸载系统自带已安装上的squid
2.下载最新稳定版squid以及编译安装
Address: http://www.squid-cache.org/
# tar zxvf squid-2.6.STABLE16.tar.gz
# cd squid-2.6.STABLE16
# vi config.sh #新建此配置文件
代码如下:
引用
#!/bin/bash
SQUID_ROOT="/Data/apps/squid"
./configure --prefix=$SQUID_ROOT \
--enable-useragent-log \
--enable-referer-log \
--enable-default-err-language=Simplify_Chinese \
--enable-err-languages="Simplify_Chinese English" \
--disable-internal-dns #停止本地的dns解析
# sh config.sh
# make
# make install
Setp 2 – Basic Configuration
引用
# cd /Data/apps/squid/
# mkdir cache
# chown squid.squid *
# chmod 777 -R var #目的是为了增加日志文件的写入权限
Setp 3 –Particular Configuration
引用
# cd /Data/apps/squid/etc
# mv squid.conf squid.conf.bak #备份原文件
# vi squid.conf #新建文件
A. 模式1:Squid对应多台web服务器
A1。在vi /etc/hosts中:加入内部的DNS解析,比如:
引用
192.168.0.1 www.pig2pig.com
192.168.0.2 bbs.pig2pig.com
A2。#vi /Data/apps/squid/etc/squid.conf
代码如下:
引用
# visible name
visible_hostname cache.pig2pig.com
# cache config: space use 1G and memory use 256M
cache_dir ufs /Data/apps/squid/cache 1024 16 256
cache_mem 256 MB
cache_effective_user squid #设置运行时的用户和组权限
cache_effective_group squid
# 反向加速配置
http_port 80 # squid监听的端口,客户访问网站的端口
httpd_accel_host virtual # WEB服务器的IP地址,此模式下设置为:virtual
httpd_accel_single_host off # 设置on时缓冲请求到单台Server,off对应virtual
httpd_accel_port 80 # WEB服务器的端口(对于多台web服务器,端口必须一致)
httpd_accel_uses_host_header on # 完成多个WEB服务器的反向代理功能
httpd_accel_with_proxy off # 停用代理本地上网
# accelerater my domain only
acl acceleratedHostA dstdomain www.pig2pig.com
acl acceleratedHostB dstdomain bbs.pig2pig.com
# accelerater http protocol on port 80
acl acceleratedProtocol protocol HTTP
acl acceleratedPort port 80
# access arc
acl all src 0.0.0.0/0.0.0.0
# Allow requests when they are to the accelerated machine
AND to the right port with right protocol
http_access allow acceleratedProtocol acceleratedPort
acceleratedHostA
http_access allow acceleratedProtocol acceleratedPort
acceleratedHostB
http_access allow all
# logging
emulate_httpd_log on
cache_store_log none
# manager
acl manager proto cache_object
http_access allow manager all
cachemgr_passwd pass all
cache_mgr admin@pig2pig.com
#swap 性能微调
half_closed_clients off
cache_swap_high 100%
cache_swap_low 95%
maximum_object_size 1024 KB
# 控制对象的超时时间 (S_Data-Data)refresh_pattern -i .html 60 90% 10080 reload-into-ims
#refresh_pattern -i \.html$ 60 90% 10080 reload-into-ims
refresh_pattern -i .png 60 90% 10080 reload-into-ims
refresh_pattern -i .jpg 1440 90% 129600 reload-into-ims
refresh_pattern -i .gif 1440 90% 129600 reload-into-ims
refresh_pattern -i .js 1440 90% 10080 reload-into-ims
refresh_pattern -i .swf 1440 90% 129600 reload-into-ims
refresh_pattern -i .bmp 1440 90% 129600 reload-into-ims
# refresh_pattern -i .shtml 1440 90% 129600 reload-into-ims
# refresh_pattern -i .hml 1440 90% 129600 reload-into-ims
# 禁止缓存
hierarchy_stoplist cgi-bin ?
hierarchy_stoplist -i ^https:\\ ?
acl QUERY urlpath_regex -i cgi-bin \? \.php \.xml
acl denyssl urlpath_regex -i ^https:\\
no_cache deny QUERY
no_cache deny denyssl
#logfile_rotate 可以用logfile_rotate 0来取消自动操作
logfile_rotate 4
B.模式2:Squid 与 web是单独两台服务器
# vi /Data/apps/squid/etc/squid.conf 代码如下:
引用
# visible name
visible_hostname cache.pig2pig.com
# cache config: space use 1G and memory use 256M
cache_dir ufs /Data/apps/squid/cache 1024 16 256
cache_mem 256 MB
cache_effective_user squid #设置运行时的用户和组权限
cache_effective_group squid
# 反向加速配置
http_port 80 # squid监听的端口,客户访问网站的端口
httpd_accel_host ip_address # WEB服务器的IP地址
httpd_accel_single_host on # 设置转发为缓冲的请求到一台单独的机器
httpd_accel_port 80 # WEB服务器的端口
httpd_accel_uses_host_header off # 完成单台WEB服务器的反向代理功能
httpd_accel_with_proxy off # 停用代理本地上网
# accelerater my domain only
acl acceleratedHostA dst ip_address # WEB服务器的IP地址
# accelerater http protocol on port 80
acl acceleratedProtocol protocol HTTP
acl acceleratedPort port 80
# access arc
acl all src 0.0.0.0/0.0.0.0
# Allow requests when they are to the accelerated machine
AND to the right port with right protocol
http_access allow acceleratedProtocol acceleratedPort
acceleratedHostA
http_access allow all
# logging
emulate_httpd_log on
cache_store_log none
# manager
acl manager proto cache_object
http_access allow manager all
cachemgr_passwd pass all
cache_mgr admin@pig2pig.com
#swap 性能微调
half_closed_clients off
cache_swap_high 100%
cache_swap_low 95%
maximum_object_size 1024 KB
# 控制对象的超时时间 (S_Data-Data)refresh_pattern -i .html 60 90% 10080 reload-into-ims
refresh_pattern -i .png 60 90% 10080 reload-into-ims
refresh_pattern -i .jpg 1440 90% 129600 reload-into-ims
refresh_pattern -i .gif 1440 90% 129600 reload-into-ims
refresh_pattern -i .js 1440 90% 10080 reload-into-ims
refresh_pattern -i .swf 1440 90% 129600 reload-into-ims
refresh_pattern -i .bmp 1440 90% 129600 reload-into-ims
# refresh_pattern -i .shtml 1440 90% 129600 reload-into-ims
# refresh_pattern -i .hml 1440 90% 129600 reload-into-ims
# 禁止缓存
hierarchy_stoplist cgi-bin ?
hierarchy_stoplist -i ^https:\\ ?
acl QUERY urlpath_regex -i cgi-bin \? \.php \.xml
acl denyssl urlpath_regex -i ^https:\\
no_cache deny QUERY
no_cache deny denyssl
#logfile_rotate 可以用logfile_rotate 0来取消自动操作
logfile_rotate 4
C.模式3:Squid 与 Web是同一台服务器
# vi /Data/apps/squid/etc/squid.conf 代码如下:
引用
# visible name
visible_hostname cache.pig2pig.com
# cache config: space use 1G and memory use 256M
cache_dir ufs /Data/apps/squid/cache 1024 16 256
cache_mem 256 MB
cache_effective_user squid #设置运行时的用户和组权限
cache_effective_group squid
# 反向加速配置
http_port 80 # squid监听的端口,客户访问网站的端口
httpd_accel_host ip_address # WEB服务器的IP地址
httpd_accel_single_host on # 设置转发为缓冲的请求到一台单独的机器
httpd_accel_port 81 # WEB服务器的端口
httpd_accel_uses_host_header off # 完成单台WEB服务器的反向代理功能
httpd_accel_with_proxy off # 停用代理本地上网
# accelerater my domain only
acl acceleratedHostA dst ip_address # WEB服务器的IP地址
# accelerater http protocol on port 80
acl acceleratedProtocol protocol HTTP
acl acceleratedPort port 80
# access arc
acl all src 0.0.0.0/0.0.0.0
# Allow requests when they are to the accelerated machine
AND to the right port with right protocol
http_access allow acceleratedProtocol acceleratedPort
acceleratedHostA
http_access allow all
# logging
emulate_httpd_log on
cache_store_log none
# manager
acl manager proto cache_object
http_access allow manager all
cachemgr_passwd pass all
cache_mgr admin@pig2pig.com
#swap 性能微调
half_closed_clients off
cache_swap_high 100%
cache_swap_low 95%
maximum_object_size 1024 KB
# 控制对象的超时时间 (S_Data-Data)refresh_pattern -i .html 60 90% 10080 reload-into-ims
refresh_pattern -i .png 60 90% 10080 reload-into-ims
refresh_pattern -i .jpg 1440 90% 129600 reload-into-ims
refresh_pattern -i .gif 1440 90% 129600 reload-into-ims
refresh_pattern -i .js 1440 90% 10080 reload-into-ims
refresh_pattern -i .swf 1440 90% 129600 reload-into-ims
refresh_pattern -i .bmp 1440 90% 129600 reload-into-ims
# refresh_pattern -i .shtml 1440 90% 129600 reload-into-ims
# refresh_pattern -i .hml 1440 90% 129600 reload-into-ims
# 禁止缓存
hierarchy_stoplist cgi-bin ?
hierarchy_stoplist -i ^https:\\ ?
acl QUERY urlpath_regex -i cgi-bin \? \.php \.xml
acl denyssl urlpath_regex -i ^https:\\
no_cache deny QUERY
no_cache deny denyssl
# logfile_rotate 可以用logfile_rotate 0来取消自动操作
logfile_rotate 4
Setp 3 –Starting Squid
1、 创建缓存目录
# cd /Data/apps/squid/sbin
#./squid –z # 出现Creating Swap Directories提示,表示建立成功
2、 运行Squid
# cd /Data/apps/squid/sbin
#./squid –NCd1 # 成功后将出现"Ready to serve requests".否则请检查配置文件
说明,用squid -NCd1来以debug模式启动,这样如果有错误会报出来,一般如果是ADSL拨号的,那么在没有拨号之前就启动squid的话是会出错的(FATAL: ipcache_init: DNS name lookup tests failed),因为squid启动时会去检查一些常用的DNS,但是这时候你并没有接入internet,自然就出错了,所以我们需要在启动的时候不检查DNS,这就需要用加上-D选项来启动squid,命令如下:
#./squid –NCDd1 # 参数Dd1的目的是禁止测试DNS的连通性并且把squid在开始运行后的一些提示信息显示在屏幕上)
三、 注意事项:
1、Squid的配置文件squid.conf更改后必须重新运行squid;
2、Squid服务器的hosts文件更改后必须重新运行squid;
测试环境:
普通PC机+RedHat linux As4+Squid 2.6
技术概述:
以下分别采用了3种不同的模式在测试平台下对网站进行加速,原理:用户请求-〉DNS解析到Squid-Cache-〉Squid-Cache通过本地hosts进行解析-〉Web服务器(如果没有缓存)-〉Squid-Cache服务器-〉用户。 详细配置文档如下:
一、 Squid网路拓扑
二、 配置步骤
说明:粉红色标注是运行命令,红色标注关键的参数,蓝色标注是配置文件的代码;
Setp 1 – Download file and compiling Squid
1. 首先卸载自带的squid程序,使用命令如下
#rpm –q squid #检测是否已安装了squid
# rpm –e squid全文件名 #卸载系统自带已安装上的squid
2.下载最新稳定版squid以及编译安装
Address: http://www.squid-cache.org/
# tar zxvf squid-2.6.STABLE16.tar.gz
# cd squid-2.6.STABLE16
# vi config.sh #新建此配置文件
代码如下:
引用
#!/bin/bash
SQUID_ROOT="/Data/apps/squid"
./configure --prefix=$SQUID_ROOT \
--enable-useragent-log \
--enable-referer-log \
--enable-default-err-language=Simplify_Chinese \
--enable-err-languages="Simplify_Chinese English" \
--disable-internal-dns #停止本地的dns解析
# sh config.sh
# make
# make install
Setp 2 – Basic Configuration
引用
# cd /Data/apps/squid/
# mkdir cache
# chown squid.squid *
# chmod 777 -R var #目的是为了增加日志文件的写入权限
Setp 3 –Particular Configuration
引用
# cd /Data/apps/squid/etc
# mv squid.conf squid.conf.bak #备份原文件
# vi squid.conf #新建文件
A. 模式1:Squid对应多台web服务器
A1。在vi /etc/hosts中:加入内部的DNS解析,比如:
引用
192.168.0.1 www.pig2pig.com
192.168.0.2 bbs.pig2pig.com
A2。#vi /Data/apps/squid/etc/squid.conf
代码如下:
引用
# visible name
visible_hostname cache.pig2pig.com
# cache config: space use 1G and memory use 256M
cache_dir ufs /Data/apps/squid/cache 1024 16 256
cache_mem 256 MB
cache_effective_user squid #设置运行时的用户和组权限
cache_effective_group squid
# 反向加速配置
http_port 80 # squid监听的端口,客户访问网站的端口
httpd_accel_host virtual # WEB服务器的IP地址,此模式下设置为:virtual
httpd_accel_single_host off # 设置on时缓冲请求到单台Server,off对应virtual
httpd_accel_port 80 # WEB服务器的端口(对于多台web服务器,端口必须一致)
httpd_accel_uses_host_header on # 完成多个WEB服务器的反向代理功能
httpd_accel_with_proxy off # 停用代理本地上网
# accelerater my domain only
acl acceleratedHostA dstdomain www.pig2pig.com
acl acceleratedHostB dstdomain bbs.pig2pig.com
# accelerater http protocol on port 80
acl acceleratedProtocol protocol HTTP
acl acceleratedPort port 80
# access arc
acl all src 0.0.0.0/0.0.0.0
# Allow requests when they are to the accelerated machine
AND to the right port with right protocol
http_access allow acceleratedProtocol acceleratedPort
acceleratedHostA
http_access allow acceleratedProtocol acceleratedPort
acceleratedHostB
http_access allow all
# logging
emulate_httpd_log on
cache_store_log none
# manager
acl manager proto cache_object
http_access allow manager all
cachemgr_passwd pass all
cache_mgr admin@pig2pig.com
#swap 性能微调
half_closed_clients off
cache_swap_high 100%
cache_swap_low 95%
maximum_object_size 1024 KB
# 控制对象的超时时间 (S_Data-Data)refresh_pattern -i .html 60 90% 10080 reload-into-ims
#refresh_pattern -i \.html$ 60 90% 10080 reload-into-ims
refresh_pattern -i .png 60 90% 10080 reload-into-ims
refresh_pattern -i .jpg 1440 90% 129600 reload-into-ims
refresh_pattern -i .gif 1440 90% 129600 reload-into-ims
refresh_pattern -i .js 1440 90% 10080 reload-into-ims
refresh_pattern -i .swf 1440 90% 129600 reload-into-ims
refresh_pattern -i .bmp 1440 90% 129600 reload-into-ims
# refresh_pattern -i .shtml 1440 90% 129600 reload-into-ims
# refresh_pattern -i .hml 1440 90% 129600 reload-into-ims
# 禁止缓存
hierarchy_stoplist cgi-bin ?
hierarchy_stoplist -i ^https:\\ ?
acl QUERY urlpath_regex -i cgi-bin \? \.php \.xml
acl denyssl urlpath_regex -i ^https:\\
no_cache deny QUERY
no_cache deny denyssl
#logfile_rotate 可以用logfile_rotate 0来取消自动操作
logfile_rotate 4
B.模式2:Squid 与 web是单独两台服务器
# vi /Data/apps/squid/etc/squid.conf 代码如下:
引用
# visible name
visible_hostname cache.pig2pig.com
# cache config: space use 1G and memory use 256M
cache_dir ufs /Data/apps/squid/cache 1024 16 256
cache_mem 256 MB
cache_effective_user squid #设置运行时的用户和组权限
cache_effective_group squid
# 反向加速配置
http_port 80 # squid监听的端口,客户访问网站的端口
httpd_accel_host ip_address # WEB服务器的IP地址
httpd_accel_single_host on # 设置转发为缓冲的请求到一台单独的机器
httpd_accel_port 80 # WEB服务器的端口
httpd_accel_uses_host_header off # 完成单台WEB服务器的反向代理功能
httpd_accel_with_proxy off # 停用代理本地上网
# accelerater my domain only
acl acceleratedHostA dst ip_address # WEB服务器的IP地址
# accelerater http protocol on port 80
acl acceleratedProtocol protocol HTTP
acl acceleratedPort port 80
# access arc
acl all src 0.0.0.0/0.0.0.0
# Allow requests when they are to the accelerated machine
AND to the right port with right protocol
http_access allow acceleratedProtocol acceleratedPort
acceleratedHostA
http_access allow all
# logging
emulate_httpd_log on
cache_store_log none
# manager
acl manager proto cache_object
http_access allow manager all
cachemgr_passwd pass all
cache_mgr admin@pig2pig.com
#swap 性能微调
half_closed_clients off
cache_swap_high 100%
cache_swap_low 95%
maximum_object_size 1024 KB
# 控制对象的超时时间 (S_Data-Data)refresh_pattern -i .html 60 90% 10080 reload-into-ims
refresh_pattern -i .png 60 90% 10080 reload-into-ims
refresh_pattern -i .jpg 1440 90% 129600 reload-into-ims
refresh_pattern -i .gif 1440 90% 129600 reload-into-ims
refresh_pattern -i .js 1440 90% 10080 reload-into-ims
refresh_pattern -i .swf 1440 90% 129600 reload-into-ims
refresh_pattern -i .bmp 1440 90% 129600 reload-into-ims
# refresh_pattern -i .shtml 1440 90% 129600 reload-into-ims
# refresh_pattern -i .hml 1440 90% 129600 reload-into-ims
# 禁止缓存
hierarchy_stoplist cgi-bin ?
hierarchy_stoplist -i ^https:\\ ?
acl QUERY urlpath_regex -i cgi-bin \? \.php \.xml
acl denyssl urlpath_regex -i ^https:\\
no_cache deny QUERY
no_cache deny denyssl
#logfile_rotate 可以用logfile_rotate 0来取消自动操作
logfile_rotate 4
C.模式3:Squid 与 Web是同一台服务器
# vi /Data/apps/squid/etc/squid.conf 代码如下:
引用
# visible name
visible_hostname cache.pig2pig.com
# cache config: space use 1G and memory use 256M
cache_dir ufs /Data/apps/squid/cache 1024 16 256
cache_mem 256 MB
cache_effective_user squid #设置运行时的用户和组权限
cache_effective_group squid
# 反向加速配置
http_port 80 # squid监听的端口,客户访问网站的端口
httpd_accel_host ip_address # WEB服务器的IP地址
httpd_accel_single_host on # 设置转发为缓冲的请求到一台单独的机器
httpd_accel_port 81 # WEB服务器的端口
httpd_accel_uses_host_header off # 完成单台WEB服务器的反向代理功能
httpd_accel_with_proxy off # 停用代理本地上网
# accelerater my domain only
acl acceleratedHostA dst ip_address # WEB服务器的IP地址
# accelerater http protocol on port 80
acl acceleratedProtocol protocol HTTP
acl acceleratedPort port 80
# access arc
acl all src 0.0.0.0/0.0.0.0
# Allow requests when they are to the accelerated machine
AND to the right port with right protocol
http_access allow acceleratedProtocol acceleratedPort
acceleratedHostA
http_access allow all
# logging
emulate_httpd_log on
cache_store_log none
# manager
acl manager proto cache_object
http_access allow manager all
cachemgr_passwd pass all
cache_mgr admin@pig2pig.com
#swap 性能微调
half_closed_clients off
cache_swap_high 100%
cache_swap_low 95%
maximum_object_size 1024 KB
# 控制对象的超时时间 (S_Data-Data)refresh_pattern -i .html 60 90% 10080 reload-into-ims
refresh_pattern -i .png 60 90% 10080 reload-into-ims
refresh_pattern -i .jpg 1440 90% 129600 reload-into-ims
refresh_pattern -i .gif 1440 90% 129600 reload-into-ims
refresh_pattern -i .js 1440 90% 10080 reload-into-ims
refresh_pattern -i .swf 1440 90% 129600 reload-into-ims
refresh_pattern -i .bmp 1440 90% 129600 reload-into-ims
# refresh_pattern -i .shtml 1440 90% 129600 reload-into-ims
# refresh_pattern -i .hml 1440 90% 129600 reload-into-ims
# 禁止缓存
hierarchy_stoplist cgi-bin ?
hierarchy_stoplist -i ^https:\\ ?
acl QUERY urlpath_regex -i cgi-bin \? \.php \.xml
acl denyssl urlpath_regex -i ^https:\\
no_cache deny QUERY
no_cache deny denyssl
# logfile_rotate 可以用logfile_rotate 0来取消自动操作
logfile_rotate 4
Setp 3 –Starting Squid
1、 创建缓存目录
# cd /Data/apps/squid/sbin
#./squid –z # 出现Creating Swap Directories提示,表示建立成功
2、 运行Squid
# cd /Data/apps/squid/sbin
#./squid –NCd1 # 成功后将出现"Ready to serve requests".否则请检查配置文件
说明,用squid -NCd1来以debug模式启动,这样如果有错误会报出来,一般如果是ADSL拨号的,那么在没有拨号之前就启动squid的话是会出错的(FATAL: ipcache_init: DNS name lookup tests failed),因为squid启动时会去检查一些常用的DNS,但是这时候你并没有接入internet,自然就出错了,所以我们需要在启动的时候不检查DNS,这就需要用加上-D选项来启动squid,命令如下:
#./squid –NCDd1 # 参数Dd1的目的是禁止测试DNS的连通性并且把squid在开始运行后的一些提示信息显示在屏幕上)
三、 注意事项:
1、Squid的配置文件squid.conf更改后必须重新运行squid;
2、Squid服务器的hosts文件更改后必须重新运行squid;
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- squid 2.7 设置反向代理配置
- 一份反向代理配置文件(squid-Webmail)
- 学习笔记之squid反向代理,加速的配置
- squid作反向代理的配置实例
- Squid 3.0 反向代理(加速模式)配置
- squid反向代理网站配置示例
- squid安装配置(反向代理)
- Squid 反向代理配置
- Linux下Squid正向/反向代理配置
- squid透明代理和反向代理配置过程
- Squid 3.0 反向代理(加速模式)配置及安装
- squid服务搭建与(正反向代理)配置
- squid配置 反向代理
- 使用Squid配置反向代理(HTTP 加速器)
- squid 配置web反向代理
- Squid3.0反向代理(加速模式)配置及安装
- Squid安装和反向代理配置简明指南
- squid 反向代理配置
- 【APP】squid 3.0反向代理配置 推荐
- 网站访问太慢,准备用用Squid实现反向代理进行加速