Squid 2 cache configuration

Selasa, 7 Disember 2010, 12:42 am0

Get source (get the latest stable version):

cd /tmp
wget http://www.squid-cache.org/Versions/v2/2.7/squid-2.7.STABLE9.tar.bz2

Install compiler

yum install gcc

Compile & install squid

./configure --prefix=/opt/squid
make all
make install

Squid configuration (in /opt/squid/etc folder):

squid.conf

acl all src all
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl SSL_ports port 443
acl Safe_ports port 80      # http
acl Safe_ports port 21      # ftp
acl Safe_ports port 443     # https
acl Safe_ports port 70      # gopher
acl Safe_ports port 210     # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280     # http-mgmt
acl Safe_ports port 488     # gss-http
acl Safe_ports port 591     # filemaker
acl Safe_ports port 777     # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow localnet
http_access deny all
icp_access allow localnet
icp_access deny all
http_port 3128
hierarchy_stoplist cgi-bin ?
cache_mem 2048 MB
maximum_object_size_in_memory 1024 KB
cache_dir ufs /var/cache/squid 10000 16 256
maximum_object_size 128 MB
access_log /var/log/squid/access.log squid
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
pid_filename /var/run/squid.pid
netdb_filename /var/log/squid/netdb.state
storeurl_rewrite_children 50
refresh_pattern ^ftp: 1440 20% 10080 ignore-no-cache override-expire ignore-private
refresh_pattern ^http://[A-Za-z0-9]+.lscache[0-9].c.youtube.com    9999999 90% 999999999 ignore-no-cache override-expire ignore-private
refresh_pattern ^http://[a-z0-9]+.youtube.com                        9999999 90% 999999999 ignore-no-cache override-expire ignore-private
refresh_pattern ^http://[a-z]+.youtube.com                           9999999 90% 999999999 ignore-no-cache override-expire ignore-private
refresh_pattern ^http://[a-z0-9]+.ytimg.com                          9999999 90% 999999999 ignore-no-cache override-expire ignore-private
refresh_pattern ^http://*.youtube.com     9999999  90%  999999999 ignore-no-cache override-expire ignore-private
refresh_pattern get_video?video_id         9999999  90%  999999999 ignore-no-cache override-expire ignore-private
refresh_pattern youtube.com/get_video?    9999999  90%  999999999 ignore-no-cache override-expire ignore-private
refresh_pattern ^http://*.youtube.com/.*    9999999  100% 999999999 ignore-no-cache override-expire ignore-private
refresh_pattern (get_video?|videoplayback?|videodownload?)    10080 99.99999% 999999 override-expire ignore-reload ignore-private negative-ttl=0
refresh_pattern -i ^http://kh(.*?).google.com(.*?)/(.*?)$   999999 90% 9999999 override-expire ignore-reload ignore-no-cache ignore-private
refresh_pattern -i ^http://mt(.*?).google.com(.*?)/(.*?)$   999999 90% 9999999 override-expire ignore-reload ignore-no-cache ignore-private
refresh_pattern -i ^http://i(.*?).wikimapia.org(.*?)/(.*?)$ 999999 90% 9999999 override-expire ignore-reload ignore-no-cache ignore-private
refresh_pattern -i .(gif|png|jpg|jpeg|ico)$                                           999999 90% 9999999 override-expire ignore-reload ignore-no-cache ignore-private
refresh_pattern -i .(iso|avi|wav|mp3|mp4|mpeg|swf|flv|x-flv|mpg|wma|ogg|wmv|asx|asf)$ 999999 90% 9999999 override-expire ignore-reload ignore-no-cache ignore-private
refresh_pattern -i .(deb|rpm|exe|zip|tar|tgz|ram|rar|bin|ppt|doc|tiff|pdf|jar)$       999999 90% 9999999 override-expire ignore-reload ignore-no-cache ignore-private
refresh_pattern ^gopher:          1440 0%  1440
refresh_pattern -i (/cgi-bin/|?) 0    0%  0
refresh_pattern .                 0    40% 4320
acl store_rewrite_list url_regex -i .youtube.com/get_video?
acl store_rewrite_list url_regex -i .youtube.com/videoplayback.youtube.com/videoplay .youtube.com/get_video?
acl store_rewrite_list url_regex -i .youtube.[a-z][a-z]/videoplayback.youtube.[a-z][a-z]/videoplay .youtube.[a-z][a-z]/get_video?
acl store_rewrite_list url_regex -i .googlevideo.com/videoplayback.googlevideo.com/videoplay .googlevideo.com/get_video?
acl store_rewrite_list url_regex -i .google.com/videoplayback.google.com/videoplay .google.com/get_video?
acl store_rewrite_list url_regex -i .google.[a-z][a-z]/videoplayback.google.[a-z][a-z]/videoplay .google.[a-z][a-z]/get_video?
acl store_rewrite_list url_regex -i (25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)/videoplayback?
acl store_rewrite_list url_regex -i (25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)/videoplay?
acl store_rewrite_list url_regex -i (25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)/get_video?
acl store_rewrite_list url_regex -i http://video..*fbcdn.net.*.mp4.*
acl store_rewrite_list url_regex -i http://.[0-9].[0-9][0-9].channel.facebook.com/.*
acl store_rewrite_list url_regex -i http://.*.mp4?
acl store_rewrite_list url_regex -i http://www.facebook.com/ajax/flash/.*
acl store_rewrite_list url_regex -i http://.*.ak.fbcdn.net/.*
acl store_rewrite_list url_regex -i .geo.yahoo.com?
storeurl_access allow store_rewrite_list
storeurl_access deny all
storeurl_rewrite_program /opt/squid/etc/youtube.pl
redirect_program /opt/squid/etc/adzap.pl
quick_abort_min 500 KB
acl shoutcast rep_header X-HTTP09-First-Line ^ICY.[0-9]
upgrade_http0.9 deny shoutcast
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
cache_mgr admin@datacenter
cache_effective_user squid
cache_effective_group squid
dns_nameservers 208.67.222.222
dns_nameservers 208.67.220.220
visible_hostname datacenter
coredump_dir /var/cache/squid

adzap.pl – Get from http://adzapper.sourceforge.net/

wget http://adzapper.sourceforge.net/scripts/squid_redirect
mv squid_redirect adzap.pl
chmod +x adzap.pl

youtube.pl (this file need to set as executable too – chmox +x youtube.pl)

#!/usr/bin/perl
$|=1;
while (<>) {
@X = split;
$url = $X[0];
if ($url=~s@^http://(.*?)/videoplayback?(.*)id=(.*?)&.*@squid://videos.youtube.INTERNAL/ID=$3@){}
elsif
($url=~s@^http://(.*?)/videoplayback?(.*)id=(.*?)@squid://videos.youtube.INTERNAL/ID=$3@){}
elsif
($url=~s@^http://(.*?)/videoplay?(.*)id=(.*?)&.*@squid://videos.youtube.INTERNAL/ID=$3@){}
elsif
($url=~s@^http://(.*?)/videoplay?(.*)id=(.*?)@squid://videos.youtube.INTERNAL/ID=$3@){}
elsif
($url=~s@^http://(.*?)/get_video?(.*)video_id=(.*?)&.*@squid://videos.youtube.INTERNAL/ID=$3@){}
elsif
($url=~s@^http://(.*?)/get_video?(.*)video_id=(.*?)@squid://videos.youtube.INTERNAL/ID=$3@){}
elsif
($url=~s@^http://(.*?)rapidshare(.*?)/files/(.*?)/(.*?)/(.*?)@squid://files.rapidshare.INTERNAL/$5@){}
elsif
($url=~s@^http://(.*?)fbcdn.net/(.*?)/(.*?)/(.*?.jpg)@squid://files.facebook.INTERNAL/$4@){}
elsif
($url=~s@^http://contenidos2(.*?)/(.*?)@squid://files.contenidos2.INTERNAL/$2@){}
elsif
($url=~s@^http://cdn(.*?)/([0-9a-zA-Z_-]*?.flv)@squid://files.cdn.INTERNAL/$2@){}
elsif
($url=~s@^http://web.vxv.com/data/media/(.*?)@squid://files.vxv.INTERNAL/$1@){}
elsif
($url=~s@^http://(.*?)megaupload.com/files/(.*?)/(.*?)@squid://files.megaupload.INTERNAL/$3@){}
elsif
($url=~s@^http://(.*?)mediafire.com/(.*?)/(.*?)@squid://files.megaupload.INTERNAL/$3@){}
elsif
($url=~s@^http://(.*?)depositfiles.com/(.*?)/(.*?)/(.*?)@squid://files.megaupload.INTERNAL/$4@){}
elsif
($url=~s@^http://(.*?).files.youporn.com/(.*?)/([0-9a-zA-Z_-]*?.flv)?.*@squid://videos.youporn.INTERNAL/$3@){}
elsif
($url=~s@^http://(.*?).tube8.com/(.*?)/([0-9a-zA-Z_-]*?.flv)?.*@squid://videos.tube8.INTERNAL/$3@){}
elsif
($url=~s@^http://(.*?).tube8.com/(.*?)/([0-9a-zA-Z_-]*?.flv)@squid://videos.tube8.INTERNAL/$3@){}
elsif
($url=~s@^http://(.*?)megaporn.com/files/(.*?)/(.*?)@squid://files.megaporn.INTERNAL/$3@){}
print "$urln"; }

Initialize squid swap directories

mkdir /var/cache/squid
chown squid.squid /var/cache/squid
/opt/squid/sbin/squid -z

Create log folder

mkdir /var/log/squid
chown squid.squid /var/log/squid

/etc/rc.d/init.d/squid

#!/bin/bash
### BEGIN INIT INFO
# Provides: squid
# chkconfig: - 90 25
# pidfile: /var/run/squid.pid
# config: /opt/squid/etc/squid.conf
# Short-Description: starting and stopping Squid Internet Object Cache
# Description: Squid - Internet Object Cache. Internet object caching is 
# 	a way to store requested Internet objects (i.e., data available 
# 	via the HTTP, FTP, and gopher protocols) on a system closer to the 
#	requesting site than to the source. Web browsers can then use the 
#	local Squid cache as a proxy HTTP server, reducing access time as 
#	well as bandwidth consumption.
### END INIT INFO

PATH=/usr/bin:/sbin:/bin:/usr/sbin
export PATH

# Source function library.
. /etc/rc.d/init.d/functions

# Source networking configuration.
. /etc/sysconfig/network

#if [ -f /etc/sysconfig/squid ]; then
#  . /etc/sysconfig/squid
#fi

# don't raise an error if the config file is incomplete
# set defaults instead:
SQUID_OPTS=${SQUID_OPTS:-"-D"}
SQUID_PIDFILE_TIMEOUT=${SQUID_PIDFILE_TIMEOUT:-20}
SQUID_SHUTDOWN_TIMEOUT=${SQUID_SHUTDOWN_TIMEOUT:-100}

# determine the name of the squid binary
#[ -f /opt/squid/sbin/squid ] && SQUID=squid
SQUID=/opt/squid/sbin/squid

if [ $1 == 'status' ]; then
	[ -z "$SQUID" ] && exit 4
else
	[ -z "$SQUID" ] && exit 1
fi

prog="$SQUID"

# determine which one is the cache_swap directory
CACHE_SWAP=`sed -e 's/#.*//g' /opt/squid/etc/squid.conf | 
	grep cache_dir |  awk '{ print $3 }'`
[ -z "$CACHE_SWAP" ] && CACHE_SWAP=/var/spool/squid

RETVAL=0

probe() {
	# Check that networking is up.
	[ ${NETWORKING} = "no" ] && exit 1

	# check if the squid conf file is present
	[ -f /opt/squid/etc/squid.conf ] || exit 6
}    

start() {
	probe

    for adir in $CACHE_SWAP; do
		if [ ! -d $adir/00 ]; then
			 echo -n "init_cache_dir $adir... "
			 $SQUID -z -F -D >> /var/log/squid/squid.out 2>&1
		fi
    done
    echo -n $"Starting $prog: "
    $SQUID $SQUID_OPTS >> /var/log/squid/squid.out 2>&1
    RETVAL=$?
    if [ $RETVAL -eq 0 ]; then
       timeout=0;
       while : ; do
          [ ! -f /var/run/squid.pid ] || break
	  if [ $timeout -ge $SQUID_PIDFILE_TIMEOUT ]; then
	     RETVAL=1
	     break
	  fi
	  sleep 1 && echo -n "."
	  timeout=$((timeout+1))
       done
    fi
    [ $RETVAL -eq 0 ] && touch /var/lock/subsys/$SQUID
    [ $RETVAL -eq 0 ] && echo_success
    [ $RETVAL -ne 0 ] && echo_failure
    echo
    return $RETVAL
}



stop() {
    echo -n  $"Stopping $prog: "
    $SQUID -k check >> /var/log/squid/squid.out 2>&1
    RETVAL=$?
    if [ $RETVAL -eq 0 ] ; then
        $SQUID -k shutdown &
    	rm -f /var/lock/subsys/$SQUID
	timeout=0
 	while : ; do
		[ -f /var/run/squid.pid ] || break
		if [ $timeout -ge $SQUID_SHUTDOWN_TIMEOUT ]; then
		    echo
		    return 1
		fi
		sleep 2 && echo -n "."
		timeout=$((timeout+2))
    	done
	echo_success
	echo
    else
    	echo_failure
	echo
    fi
    return $RETVAL
}    

reload() {


    $SQUID $SQUID_OPTS -k reconfigure
}

restart() {
    stop
    start
}    

condrestart() {
    [ -e /var/lock/subsys/squid ] && restart || :
}

rhstatus() {
    status $SQUID && $SQUID -k check
}

case "$1" in
start)
    start
    ;;

stop)
    stop
    ;;

reload)
    reload
    ;;

restart)
    restart
    ;;

condrestart)
    condrestart
    ;;

status)
    rhstatus
    ;;

probe)
    probe
	return 0
    ;;

*)
    echo $"Usage: $0 {start|stop|status|reload|restart|condrestart|probe}"
    exit 2
esac

exit $?

Install squid service

chmod +x /etc/rc.d/init.d/squid
chkconfig --add squid
chkconfig squid on
service squid start