<b>CentOS下配置Squid节点(CDN)</b>[服务器安全]
本文“<b>CentOS下配置Squid节点(CDN)</b>[服务器安全]”是由七道奇为您精心收集,来源于网络转载,文章版权归文章作者所有,本站不对其观点以及内容做任何评价,请读者自行判断,以下是其具体内容:
/usr/include/bits/typesizes.h
/usr/include/linux/posix_types.h
找到#define __FD_SETSIZE 1024
把1024改成65536
并履行
ulimit -Hs 65536
ulimit -n 65536
下载Squid
wget http://www.linuxidc.com/system/systemfiles/2010/6/squid-2.6.STABLE13.tar.gz
解压
tar zxvf squid-2.6.STABLE13.tar.gz
进入目录
cd squid-2.6.STABLE13
在configure之前先设置cflags
进入http://gentoo-wiki.com/Safe_Cflags
查看机械所用CPU对应的优化参数
用export设置
export CHOST="i686-pc-linux-gnu"
export CFLAGS="-march=prescott -O2 -pipe -fomit-frame-pointer"
export CXXFLAGS="${CFLAGS}"
开始configure
./configure --prefix=/usr/local/squid --enable-follow-x-forwarded-for --enable-storeio=aufs,ufs --with-maxfd=65536 --with-pthreads --enable-dlmalloc --enable-poll --enable-stacktraces --enable-removal-policies=heap,lru --enable-delay-pools
然后Make
呈现
make[1]: Nothing to be done for `all-am'.
make[1]: Leaving directory `/root/squid-2.6.STABLE13'
[root@cnc squid-2.6.STABLE13]#
为Make成功
make install安装
make[2]: Leaving directory `/root/squid-2.6.STABLE13'
make[1]: Leaving directory `/root/squid-2.6.STABLE13'
[root@cnc squid-2.6.STABLE13]#
完毕
假如呈现报错则需求make clean再重新Make
配置Squid.conf
RM掉Squid.conf
vi squid.conf成立新文件
并把以下内容粘贴进去
http_port 80 vhost vport=80
acl apache rep_header Server Apache
broken_vary_encoding allow apache
cache_mem 1024 MB
maximum_object_size 4096 KB
minimum_object_size 0 KB
maximum_object_size_in_memory 256 KB
cache_dir ufs /var/spool/squid 20480 16 256
cache_swap_low 80
cache_swap_high 97
strip_query_terms off
request_body_max_size 5 MB
memory_pools on
memory_pools_limit 50 MB
access_log none
cache_log /var/log/squid/cache.log
cache_store_log none
pid_filename /var/run/squid.pid
hosts_file /etc/hosts
refresh_pattern ftp: 1440 20% 10080
refresh_pattern gopher: 1440 0% 1440
refresh_pattern -i yongchuibuxiu\.cn 240 100% 1440 ignore-reload
refresh_pattern -i www\.yongchuibuxiu\.cn 240 100% 1440 ignore-reload
refresh_pattern -i .gif 180 20% 10080 override-expire ignore-reload reload-into-ims
refresh_pattern -i .jpg 180 20% 10080 override-expire ignore-reload reload-into-ims
refresh_pattern . 120 50% 1440
acl all src 0.0.0.0/0.0.0.0
acl p-manager proto cache_object
acl s-localhost src 127.0.0.1/255.255.255.255
acl d-localhost dst 127.0.0.0/8
acl d-domains dstdomain .6688.cc
acl p-ssl port 443 563
acl p-safe port 80 443 563
acl m-conn method CONNECT
acl m-purge method PURGE
acl n-maxconn maxconn 15
http_access allow p-manager s-localhost
http_access allow m-purge
http_access deny !p-safe
http_access deny m-conn !p-ssl
http_access deny n-maxconn
http_access allow p-manager
http_access allow d-domains
http_access deny all
http_reply_access allow all
acl r-url urlpath_regex realtime
cache deny r-url
icp_access allow all
follow_x_forwarded_for allow all
acl_uses_indirect_client offrange_offset_limit -1
dns_timeout 2 seconds
forward_timeout 10 seconds
connect_timeout 10 seconds
peer_connect_timeout 6 seconds
read_timeout 10 seconds
request_timeout 6 seconds
persistent_request_timeout 16 seconds
cache_mgr cs@enkj.com
cache_effective_user nobody
cache_effective_group nobody
visible_hostname 6688.cc
logfile_rotate 0
always_direct allow all
error_directory /usr/local/squid/share/errors/Simplify_Chinese
coredump_dir /var/spool/squid
保存退出
设置文件夹权限
mkdir /var/log/squid
chown nobody:nobody /var/log/squid
chown nobody:nobody /var/spool/squid
在/usr/local/squid/sbin目录下运行
./squid -z
没有报错的话阐明目录成立成功
./squid -Nd 10
让Squid跑起来
curl -I http://www.6688.cc/
看一下有没有缓存
没有的话
X-Cache: MISS from 6688.cc
然后再
curl -I http://www.6688.cc/
ulimit -Hs 65536
ulimit -n 65536
./squid
上面的号令可以让Squid正式跑起来
编辑/etc/rc.local
在文件最后增添
ulimit -Hs 65536
ulimit -n 65536
/usr/local/squid/sbin/squid
让Squid随系统启动
以上是“<b>CentOS下配置Squid节点(CDN)</b>[服务器安全]”的内容,如果你对以上该文章内容感兴趣,你可以看看七道奇为您推荐以下文章:
本文地址: | 与您的QQ/BBS好友分享! |