基于Squid的反向加速多个WEB服务器[配置文档]

#Support for External functions

##############
# Auth
############

auth_param basic children 5

auth_param basic realm Squid proxy-caching web server

auth_param basic credentialsttl 2 hours

auth_param basic casesensitive off

#Tuning the Squid Cache

###############

#refresh_pattern

#控制对象的超时时间

################

refresh_pattern ^ftp: 1440 20% 10080

refresh_pattern ^gopher: 1440 0% 1440

refresh_pattern . 0 20% 4320

refresh_pattern -i \.gif$ 10 1000% 10 ignore-reload

refresh_pattern -i \.jpg$ 10 1000% 10 ignore-reload

refresh_pattern -i \.png$ 10 1000% 10 ignore-reload

refresh_pattern -i \.bmp$ 10 1000% 10 ignore-reload

refresh_pattern -i \.css$ 10 50% 60 reload-into-ims

refresh_pattern -i \.js$ 10 50% 60 reload-into-ims

refresh_pattern -i \.htm$ 5 50% 10 reload-into-ims

refresh_pattern -i \.shtm$ 5 50% 10 reload-into-ims

refresh_pattern -i \.html$ 5 50% 10 reload-into-ims

#refresh_pattern -i \.aspx$ 5 50% 10 reload-into-ims

quick_abort_min 0 KB

quick_abort_max 0 KB

range_offset_limit -1 KB

###negative_ttl 30 seconds

# Timeouts

# forward_timeout 4 minutes

forward_timeout 20 seconds

# connect_timeout 1 minute

connect_timeout 15 seconds

# read_timeout 15 minutes

read_timeout 3 minutes

# request_timeout 5 minutes

request_timeout 1 minutes

# persistent_request_timeout 1 minute

persistent_request_timeout 15 seconds

# client_lifetime 1 day

client_lifetime 15 minutes

# pconn_timeout 120 seconds

# shutdown_lifetime 30 seconds

shutdown_lifetime 5 seconds

# Administrative parameters

#设置管理信息

visible_hostname cache.dm.net

#cachemgr_passwd csdnadmin all

#设置运行时的用户和组权限

cache_effective_user squid

cache_effective_group squid

# Peer cache servers and Squid hierarchy

#hierarchy_stoplist cgi-bin ?

###acl QUERY urlpath_regex cgi-bin \?

#acl QUERY urlpath_regex \?

#no_cache deny QUERY

#Cache size

#设置squid用户hot object的物理内存的大小以及设置cache目录

cache_mem 512 MB

maximum_object_size 32768 KB

maximum_object_size_in_memory 512 KB

#Swap性能微调

half_closed_clients off

cache_swap_high 95%

cache_swap_low 80%

maximum_object_size 1024 KB

###cache_replacement_policy heap GDSF

###memory_replacement_policy heap GDSF

#Log file path names and cache directories

cache_dir ufs /Data/apps/squid/cache 40960 56 256

###cache_dir null /Data/apps/squid/cache

coredump_dir /Data/apps/squid/cache

#对日志文件和pid文件位置进行设置

#cache_access_log /Data/apps/squid/var/logs/access.log

###cache_access_log none

cache_log /Data/apps/squid/var/logs/cache.log

###cache_log /dev/null

###useragent_log /opt/itc/squid/logs/useragent.log

cache_store_log none

emulate_httpd_log on

# logfile_rotate 10

logfile_rotate 0

#pid_filename /Data/apps/squid/var/logs/squid.pid

# TAG: relaxed_header_parser on|off|warn

# relaxed_header_parser on

# Delaypool parameters (all require delay_pools compilation options)

#####

#Tag Name strip_query_terms

#Usage strip_query_terms on|off

#Description

#Squid by default does not log query parameters.

#These parameters are however forwarded to the server verbatim.

#If we want to enable logging of query parameters, the strip_query_terms

#directive can be used .

#By default, Squid strips query terms from requested URLs before logging.

#This protects your user's privacy

#Default strip_query_terms on

strip_query_terms off

client_persistent_connections off

# if need "long" connection set it to on

server_persistent_connections on

# Tag Name dns_children

#Usage dns_children number (1 to 32)

#Description

#The number of processes spawn to service DNS name lookups are specified here.

#For heavily loaded caches on large servers, There is probably need to increase

#this value to at least 10. The maximum is 32. The default is 5. This option is

#only available if Squid is rebuilt with the --disable-internal-dns option. The

#number of processes increases, the performance of DNS lookups also increases.

#It is recommended to use maximum child processes (32).

#

dns_children 5

#dns_nameservers 202.99.8.1

####

# Network

http_port 80

# Access controls

####

acl all src <chsdate w:st="on" isrocdate="False" islunardate="False" day="30" month="12" year="1899">0.0.0</chsdate>.0/0.0.0.0

acl manager proto cache_object

acl localhost src 127.0.0.1/255.255.255.255

acl Srvip dst 211.100.23.0/24 61.135.131.0/24 202.108.33.32/24 202.108.9.0/24 202.108.12.0/24

acl Srvdm dstdomain .sina.com .sohu.com .163.com .tom.com

acl to_localhost dst 127.0.0.0/8 61.135.170.231/255.255.255.255

acl purgehost src 127.0.0.0/8 61.135.170.231/255.255.255.255

acl purgemethod method PURGE

acl SSL_ports port 443 563

acl Safe_ports port 80 # http

acl Safe_ports port 81 # http

acl CONNECT method CONNECT

###always_direct allow Srvdm

###never_direct allow !Srvdm

http_access allow manager localhost

http_access deny manager

http_access allow purgemethod purgehost

http_access deny !Safe_ports

http_access deny CONNECT all

http_access allow localhost

http_access allow Srvip

http_access allow Srvdm

http_access deny all

# http_reply_access allow all

icp_access deny all

#透明代理设置

httpd_accel_port 80

httpd_accel_host virtual

httpd_accel_single_host off

httpd_accel_with_proxy on

httpd_accel_uses_host_header on

# Miscellaneous

tcp_recv_bufsize 4096 bytes

client_db off

# reload_into_ims off