Squid 2 cache configuration
Selasa, 7 Disember 2010, 12:42 am
Get source (get the latest stable version):
cd /tmp wget http://www.squid-cache.org/Versions/v2/2.7/squid-2.7.STABLE9.tar.bz2
Install compiler
yum install gcc
Compile & install squid
./configure --prefix=/opt/squid make all make install
Squid configuration (in /opt/squid/etc folder):
squid.conf
acl all src all acl manager proto cache_object acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 acl localnet src 10.0.0.0/8 # RFC1918 possible internal network acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localhost http_access allow localnet http_access deny all icp_access allow localnet icp_access deny all http_port 3128 hierarchy_stoplist cgi-bin ? cache_mem 2048 MB maximum_object_size_in_memory 1024 KB cache_dir ufs /var/cache/squid 10000 16 256 maximum_object_size 128 MB access_log /var/log/squid/access.log squid cache_log /var/log/squid/cache.log cache_store_log /var/log/squid/store.log pid_filename /var/run/squid.pid netdb_filename /var/log/squid/netdb.state storeurl_rewrite_children 50 refresh_pattern ^ftp: 1440 20% 10080 ignore-no-cache override-expire ignore-private refresh_pattern ^http://[A-Za-z0-9]+.lscache[0-9].c.youtube.com 9999999 90% 999999999 ignore-no-cache override-expire ignore-private refresh_pattern ^http://[a-z0-9]+.youtube.com 9999999 90% 999999999 ignore-no-cache override-expire ignore-private refresh_pattern ^http://[a-z]+.youtube.com 9999999 90% 999999999 ignore-no-cache override-expire ignore-private refresh_pattern ^http://[a-z0-9]+.ytimg.com 9999999 90% 999999999 ignore-no-cache override-expire ignore-private refresh_pattern ^http://*.youtube.com 9999999 90% 999999999 ignore-no-cache override-expire ignore-private refresh_pattern get_video?video_id 9999999 90% 999999999 ignore-no-cache override-expire ignore-private refresh_pattern youtube.com/get_video? 9999999 90% 999999999 ignore-no-cache override-expire ignore-private refresh_pattern ^http://*.youtube.com/.* 9999999 100% 999999999 ignore-no-cache override-expire ignore-private refresh_pattern (get_video?|videoplayback?|videodownload?) 10080 99.99999% 999999 override-expire ignore-reload ignore-private negative-ttl=0 refresh_pattern -i ^http://kh(.*?).google.com(.*?)/(.*?)$ 999999 90% 9999999 override-expire ignore-reload ignore-no-cache ignore-private refresh_pattern -i ^http://mt(.*?).google.com(.*?)/(.*?)$ 999999 90% 9999999 override-expire ignore-reload ignore-no-cache ignore-private refresh_pattern -i ^http://i(.*?).wikimapia.org(.*?)/(.*?)$ 999999 90% 9999999 override-expire ignore-reload ignore-no-cache ignore-private refresh_pattern -i .(gif|png|jpg|jpeg|ico)$ 999999 90% 9999999 override-expire ignore-reload ignore-no-cache ignore-private refresh_pattern -i .(iso|avi|wav|mp3|mp4|mpeg|swf|flv|x-flv|mpg|wma|ogg|wmv|asx|asf)$ 999999 90% 9999999 override-expire ignore-reload ignore-no-cache ignore-private refresh_pattern -i .(deb|rpm|exe|zip|tar|tgz|ram|rar|bin|ppt|doc|tiff|pdf|jar)$ 999999 90% 9999999 override-expire ignore-reload ignore-no-cache ignore-private refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|?) 0 0% 0 refresh_pattern . 0 40% 4320 acl store_rewrite_list url_regex -i .youtube.com/get_video? acl store_rewrite_list url_regex -i .youtube.com/videoplayback.youtube.com/videoplay .youtube.com/get_video? acl store_rewrite_list url_regex -i .youtube.[a-z][a-z]/videoplayback.youtube.[a-z][a-z]/videoplay .youtube.[a-z][a-z]/get_video? acl store_rewrite_list url_regex -i .googlevideo.com/videoplayback.googlevideo.com/videoplay .googlevideo.com/get_video? acl store_rewrite_list url_regex -i .google.com/videoplayback.google.com/videoplay .google.com/get_video? acl store_rewrite_list url_regex -i .google.[a-z][a-z]/videoplayback.google.[a-z][a-z]/videoplay .google.[a-z][a-z]/get_video? acl store_rewrite_list url_regex -i (25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)/videoplayback? acl store_rewrite_list url_regex -i (25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)/videoplay? acl store_rewrite_list url_regex -i (25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)/get_video? acl store_rewrite_list url_regex -i http://video..*fbcdn.net.*.mp4.* acl store_rewrite_list url_regex -i http://.[0-9].[0-9][0-9].channel.facebook.com/.* acl store_rewrite_list url_regex -i http://.*.mp4? acl store_rewrite_list url_regex -i http://www.facebook.com/ajax/flash/.* acl store_rewrite_list url_regex -i http://.*.ak.fbcdn.net/.* acl store_rewrite_list url_regex -i .geo.yahoo.com? storeurl_access allow store_rewrite_list storeurl_access deny all storeurl_rewrite_program /opt/squid/etc/youtube.pl redirect_program /opt/squid/etc/adzap.pl quick_abort_min 500 KB acl shoutcast rep_header X-HTTP09-First-Line ^ICY.[0-9] upgrade_http0.9 deny shoutcast acl apache rep_header Server ^Apache broken_vary_encoding allow apache cache_mgr admin@datacenter cache_effective_user squid cache_effective_group squid dns_nameservers 208.67.222.222 dns_nameservers 208.67.220.220 visible_hostname datacenter coredump_dir /var/cache/squid
adzap.pl – Get from http://adzapper.sourceforge.net/
wget http://adzapper.sourceforge.net/scripts/squid_redirect mv squid_redirect adzap.pl chmod +x adzap.pl
youtube.pl (this file need to set as executable too – chmox +x youtube.pl)
#!/usr/bin/perl
$|=1;
while (<>) {
@X = split;
$url = $X[0];
if ($url=~s@^http://(.*?)/videoplayback?(.*)id=(.*?)&.*@squid://videos.youtube.INTERNAL/ID=$3@){}
elsif
($url=~s@^http://(.*?)/videoplayback?(.*)id=(.*?)@squid://videos.youtube.INTERNAL/ID=$3@){}
elsif
($url=~s@^http://(.*?)/videoplay?(.*)id=(.*?)&.*@squid://videos.youtube.INTERNAL/ID=$3@){}
elsif
($url=~s@^http://(.*?)/videoplay?(.*)id=(.*?)@squid://videos.youtube.INTERNAL/ID=$3@){}
elsif
($url=~s@^http://(.*?)/get_video?(.*)video_id=(.*?)&.*@squid://videos.youtube.INTERNAL/ID=$3@){}
elsif
($url=~s@^http://(.*?)/get_video?(.*)video_id=(.*?)@squid://videos.youtube.INTERNAL/ID=$3@){}
elsif
($url=~s@^http://(.*?)rapidshare(.*?)/files/(.*?)/(.*?)/(.*?)@squid://files.rapidshare.INTERNAL/$5@){}
elsif
($url=~s@^http://(.*?)fbcdn.net/(.*?)/(.*?)/(.*?.jpg)@squid://files.facebook.INTERNAL/$4@){}
elsif
($url=~s@^http://contenidos2(.*?)/(.*?)@squid://files.contenidos2.INTERNAL/$2@){}
elsif
($url=~s@^http://cdn(.*?)/([0-9a-zA-Z_-]*?.flv)@squid://files.cdn.INTERNAL/$2@){}
elsif
($url=~s@^http://web.vxv.com/data/media/(.*?)@squid://files.vxv.INTERNAL/$1@){}
elsif
($url=~s@^http://(.*?)megaupload.com/files/(.*?)/(.*?)@squid://files.megaupload.INTERNAL/$3@){}
elsif
($url=~s@^http://(.*?)mediafire.com/(.*?)/(.*?)@squid://files.megaupload.INTERNAL/$3@){}
elsif
($url=~s@^http://(.*?)depositfiles.com/(.*?)/(.*?)/(.*?)@squid://files.megaupload.INTERNAL/$4@){}
elsif
($url=~s@^http://(.*?).files.youporn.com/(.*?)/([0-9a-zA-Z_-]*?.flv)?.*@squid://videos.youporn.INTERNAL/$3@){}
elsif
($url=~s@^http://(.*?).tube8.com/(.*?)/([0-9a-zA-Z_-]*?.flv)?.*@squid://videos.tube8.INTERNAL/$3@){}
elsif
($url=~s@^http://(.*?).tube8.com/(.*?)/([0-9a-zA-Z_-]*?.flv)@squid://videos.tube8.INTERNAL/$3@){}
elsif
($url=~s@^http://(.*?)megaporn.com/files/(.*?)/(.*?)@squid://files.megaporn.INTERNAL/$3@){}
print "$urln"; }
Initialize squid swap directories
mkdir /var/cache/squid chown squid.squid /var/cache/squid /opt/squid/sbin/squid -z
Create log folder
mkdir /var/log/squid chown squid.squid /var/log/squid
/etc/rc.d/init.d/squid
#!/bin/bash
### BEGIN INIT INFO
# Provides: squid
# chkconfig: - 90 25
# pidfile: /var/run/squid.pid
# config: /opt/squid/etc/squid.conf
# Short-Description: starting and stopping Squid Internet Object Cache
# Description: Squid - Internet Object Cache. Internet object caching is
# a way to store requested Internet objects (i.e., data available
# via the HTTP, FTP, and gopher protocols) on a system closer to the
# requesting site than to the source. Web browsers can then use the
# local Squid cache as a proxy HTTP server, reducing access time as
# well as bandwidth consumption.
### END INIT INFO
PATH=/usr/bin:/sbin:/bin:/usr/sbin
export PATH
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
#if [ -f /etc/sysconfig/squid ]; then
# . /etc/sysconfig/squid
#fi
# don't raise an error if the config file is incomplete
# set defaults instead:
SQUID_OPTS=${SQUID_OPTS:-"-D"}
SQUID_PIDFILE_TIMEOUT=${SQUID_PIDFILE_TIMEOUT:-20}
SQUID_SHUTDOWN_TIMEOUT=${SQUID_SHUTDOWN_TIMEOUT:-100}
# determine the name of the squid binary
#[ -f /opt/squid/sbin/squid ] && SQUID=squid
SQUID=/opt/squid/sbin/squid
if [ $1 == 'status' ]; then
[ -z "$SQUID" ] && exit 4
else
[ -z "$SQUID" ] && exit 1
fi
prog="$SQUID"
# determine which one is the cache_swap directory
CACHE_SWAP=`sed -e 's/#.*//g' /opt/squid/etc/squid.conf |
grep cache_dir | awk '{ print $3 }'`
[ -z "$CACHE_SWAP" ] && CACHE_SWAP=/var/spool/squid
RETVAL=0
probe() {
# Check that networking is up.
[ ${NETWORKING} = "no" ] && exit 1
# check if the squid conf file is present
[ -f /opt/squid/etc/squid.conf ] || exit 6
}
start() {
probe
for adir in $CACHE_SWAP; do
if [ ! -d $adir/00 ]; then
echo -n "init_cache_dir $adir... "
$SQUID -z -F -D >> /var/log/squid/squid.out 2>&1
fi
done
echo -n $"Starting $prog: "
$SQUID $SQUID_OPTS >> /var/log/squid/squid.out 2>&1
RETVAL=$?
if [ $RETVAL -eq 0 ]; then
timeout=0;
while : ; do
[ ! -f /var/run/squid.pid ] || break
if [ $timeout -ge $SQUID_PIDFILE_TIMEOUT ]; then
RETVAL=1
break
fi
sleep 1 && echo -n "."
timeout=$((timeout+1))
done
fi
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/$SQUID
[ $RETVAL -eq 0 ] && echo_success
[ $RETVAL -ne 0 ] && echo_failure
echo
return $RETVAL
}
stop() {
echo -n $"Stopping $prog: "
$SQUID -k check >> /var/log/squid/squid.out 2>&1
RETVAL=$?
if [ $RETVAL -eq 0 ] ; then
$SQUID -k shutdown &
rm -f /var/lock/subsys/$SQUID
timeout=0
while : ; do
[ -f /var/run/squid.pid ] || break
if [ $timeout -ge $SQUID_SHUTDOWN_TIMEOUT ]; then
echo
return 1
fi
sleep 2 && echo -n "."
timeout=$((timeout+2))
done
echo_success
echo
else
echo_failure
echo
fi
return $RETVAL
}
reload() {
$SQUID $SQUID_OPTS -k reconfigure
}
restart() {
stop
start
}
condrestart() {
[ -e /var/lock/subsys/squid ] && restart || :
}
rhstatus() {
status $SQUID && $SQUID -k check
}
case "$1" in
start)
start
;;
stop)
stop
;;
reload)
reload
;;
restart)
restart
;;
condrestart)
condrestart
;;
status)
rhstatus
;;
probe)
probe
return 0
;;
*)
echo $"Usage: $0 {start|stop|status|reload|restart|condrestart|probe}"
exit 2
esac
exit $?
Install squid service
chmod +x /etc/rc.d/init.d/squid chkconfig --add squid chkconfig squid on service squid start
12 Disember 2010
24 November 2010
