Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum. |
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
 |
GNU/Linux Basic Guide
This 255-page guide will provide you with the keys to understand the philosophy of free software, teach you how to use and handle it, and give you the tools required to move easily in the world of GNU/Linux. Many users and administrators will be taking their first steps with this GNU/Linux Basic guide and it will show you how to approach and solve the problems you encounter.
Click Here to receive this Complete Guide absolutely free. |
|
 |
10-27-2006, 04:40 AM
|
#1
|
|
Member
Registered: Jul 2006
Distribution: UBUNTU, CentOS, FEDORA 8
Posts: 474
Rep: 
|
Squid.conf?
----------------------------------------------------------
http_port 80
cache_mem 32 MB
cache_swap_low 90
cache_swap_high 95
maximum_object_size 64 MB
minimum_object_size 0 KB
maximum_object_size_in_memory 8 MB
ipcache_size 1024
ipcache_low 90
ipcache_high 95
fqdncache_size 1024
cache_replacement_policy lru
memory_replacement_policy lru
cache_effective_user administrator
cache_dir ufs /usr/local/squid/var/cache 800 16 256
access_log /usr/local/squid/var/logs/access.log squid
cache_log /usr/local/squid/var/logs/cache.log
cache_store_log /usr/local/squid/var/logs/store.log
ftp_list_width 32
ftp_sanitycheck on
ftp_telnet_protocol on
check_hostnames on
allow_underscore on
dns_timeout 2 minutes
authenticate_ttl 1 hour
request_header_max_size 2 MB
request_body_max_size 8 MB
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
quick_abort_min 16 KB
quick_abort_max 16 KB
quick_abort_pct 95
read_ahead_gap 16 KB
negative_ttl 5 minutes
positive_dns_ttl 6 hours
negative_dns_ttl 1 minute
range_offset_limit 0 KB
forward_timeout 4 minutes
connect_timeout 120 seconds
peer_connect_timeout 30 seconds
request_timeout 30 seconds
persistent_request_timeout 1 minute
client_lifetime 1 day
half_closed_clients off
pconn_timeout 120 seconds
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl myclients src 192.168.0.101-192.168.0.200
acl SSL_ports port 443 563
acl Safe_ports port 80
acl Safe_ports port 21
acl Safe_ports port 22
acl Safe_ports port 443 563
acl Safe_ports port 70
acl Safe_ports port 210
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777
acl CONNECT method CONNECT
acl allowedsites dstdomain "/usr/local/squid/etc/allowedsites.txt"
http_access allow myclients allowedsites
http_access deny !Safe_ports
http_reply_access allow all
http_access allow manager localhost
http_access deny manager
http_access deny CONNECT !SSL_ports
http_access deny all
icp_access allow all
miss_access allow all
reply_header_max_size 20 KB
visible_hostname administrator
memory_pools off
forwarded_for on
store_avg_object_size 13 KB
store_objects_per_bucket 20
netdb_low 900
netdb_high 1000
netdb_ping_period 5 minutes
---------------------------------------------------------
-hi i am trying to setup a proxy server for our small network consisting of 10 XP2 units and all users of these units are only allowed to surf the net so im trying to use squid as our proxy server and configure it to control the websites that our users can only visit. the configuration above is a testing configuration i am not familiar with squid but i was able to find a good manual about squid configurations. so i only copied the configurations which i think is applicable to our network and its the one stated above. all of the configurations that i copied are default configurations and i only change some of the values. when i tested it, it works and i was able to blocklist all websites and allow only those that i want. my problems is that units configured to use the proxy server(squid) has a slow access on the internet but if they are not configured to use the proxy server there internet access is fast. so my guess is maybe there is something wrong with my squid config. can anyone pls check the configuration above to see whats wrong with it.tnx!
|
|
|
|
|
10-27-2006, 06:21 AM
|
#2
|
|
LQ Newbie
Registered: Oct 2006
Location: Sokoto, Nigeria
Distribution: RedHat, Mandrake
Posts: 15
Rep: 
|
Put your allowedsite.txt in the dir "/etc/squid"
can try this in your squid.conf configuration:
cache_mem 256 MB
cache_swap_low 90
cache_swap_high 95
maximum_object_size 2000 KB
minimum_object_size 0 KB
maximum_object_size_in_memory 4 KB
cache_replacement_policy lru
memory_replacement_policy lru
cache_dir ufs /var/spool/squid 50000 16 256
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 81 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl allowedsites dstdomain "/etc/squid/allowedsites.txt"
http_access allow myclients allowedsites
http_access deny !Safe_ports
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_port
acl myclients src 192.168.0.101-192.168.0.200
http_access allow our_networks
http_access allow localhost
http_reply_access allow all
icp_access allow all
cache_effective_user squid
cache_effective_group squid
coredump_dir /var/spool/squid
YOU CAN ALSO REMOVE THEALLOWED SITES LIST FROM THE SQUID IT WILL DEFINATELY INCREASE THE RESPONCE TIME OF YOUR PROXY
|
|
|
|
|
10-27-2006, 06:55 AM
|
#3
|
|
Member
Registered: Jul 2006
Distribution: UBUNTU, CentOS, FEDORA 8
Posts: 474
Original Poster
Rep:
|
-can you please explain to me what would be the effect of these.tnx
cache_mem 256 MB
maximum_object_size 2000 KB
maximum_object_size_in_memory 4 KB
cache_dir ufs /var/spool/squid 50000 16 256
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl allowedsites dstdomain "/etc/squid/allowedsites.txt"
http_access allow myclients allowedsites
http_access deny !Safe_ports
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
acl myclients src 192.168.0.101-192.168.0.200
http_access allow our_networks
http_access allow localhost
http_reply_access allow all
icp_access allow all
cache_effective_user squid
cache_effective_group squid
coredump_dir /var/spool/squid
|
|
|
|
|
10-27-2006, 09:51 AM
|
#4
|
|
Member
Registered: Oct 2006
Location: JNB, SA
Posts: 33
Rep:
|
Hi,
I recommend you to increase cache_mem size as much as possible and further make a handsome amount of cache_dir size, even in my case i took almost 80GB HDD for caching. you can even find many howtos on high-performace-squid at google and even sometime the filesystem also make difference. if you need i will send you my squid.conf as an example, that squid has been using for arround 500 clients 
thanks |
|
|
|
|
10-27-2006, 08:58 PM
|
#5
|
|
Member
Registered: Jul 2006
Distribution: UBUNTU, CentOS, FEDORA 8
Posts: 474
Original Poster
Rep:
|
-thanks nayyares that would be nice. this is the email address where you can send your squid.conf batas_ng_bayan@yahoo.combatas_ng_bayan@yahoo.com
|
|
|
|
|
10-28-2006, 03:49 AM
|
#6
|
|
LQ Newbie
Registered: Aug 2006
Posts: 6
Rep:
|
pleas send to me
hi
i have PC for thise work (cpu 3G - ram 2Gig - hard scasi 15rpm 36G)
pleas help me what is the for thise hardware best squid.conf and config iptables?
pleas send to me the best squid.conf.(m_albeniz@yahoo.com)
thanks
Last edited by albeniz; 10-28-2006 at 03:54 AM.
|
|
|
|
|
11-16-2006, 03:21 PM
|
#7
|
|
Member
Registered: Mar 2006
Location: INDIA
Distribution: RedHat, SuSE, Debian
Posts: 156
Rep:
|
Hi
Nayyares first of all Aslaam Walekum can u also send me ur squid configuration file on my mail ie cj_cheema@hotmail.com. Thanx
Regards
CJ Cheema
Last edited by cj_cheema; 11-16-2006 at 03:22 PM.
|
|
|
|
| Thread Tools |
Search this Thread |
|
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT -5. The time now is 10:09 AM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
