Difference between revisions of "Squid 2.7 Compile Debian Lenny"

From MS Computech
Jump to: navigation, search
 
(21 intermediate revisions by the same user not shown)
Line 1: Line 1:
Squid 2.7STABLE6 Compile on ClarkConnect 4.3,5.0 & Debian Lenny
+
Squid 2.7STABLE7 Compile on ClarkConnect 4.3,5.0 & Debian Lenny
  
 
ดาวโหลด Package ที่จำเป็น
 
ดาวโหลด Package ที่จำเป็น
Line 6: Line 6:
 
apt-get install build-essential libkrb5-dev
 
apt-get install build-essential libkrb5-dev
 
wget -c http://www.squid-cache.org/Versions/v2/2.7/squid-2.7.STABLE7.tar.gz
 
wget -c http://www.squid-cache.org/Versions/v2/2.7/squid-2.7.STABLE7.tar.gz
 +
</pre>
 +
Clarkconnect 4.3
 +
<pre>
 +
apt-get install cc-devel
 
</pre>
 
</pre>
 
Clarkconnect 5
 
Clarkconnect 5
Line 13: Line 17:
 
แตกไฟล์ออกมาซะ
 
แตกไฟล์ออกมาซะ
 
<pre>
 
<pre>
tar jxvf squid-2.7.STABLE7.tar.bz2
+
tar zxvf squid-2.7.STABLE7.tar.gz
 
cd squid-2.7.STABLE7
 
cd squid-2.7.STABLE7
 
</pre>
 
</pre>
Line 29: Line 33:
 
chown -R squid:squid /var/spool/squid/
 
chown -R squid:squid /var/spool/squid/
 
mkdir /var/log/squid
 
mkdir /var/log/squid
 +
mkdir /var/spool/squid/cache
 
chown -R squid:squid /var/log/squid/
 
chown -R squid:squid /var/log/squid/
 
</pre>
 
</pre>
ดาวโหลด Squid Config
+
[http://mscompute.com/files/Squid_config-2011-05-16.tar.gz ดาวโหลด Squid Config]
<pre>http://rapidshare.com/files/281859866/squid-config_mscompute-2009-09-19.tar.bz2
 
</pre>
 
 
แตกและนำไปไว้ที่ /etc/squid/
 
แตกและนำไปไว้ที่ /etc/squid/
 
<pre>
 
<pre>
tar jxvf squid-2.7.config.tar.bz2
+
tar jxvf Squid_config-2011-05-16.tar.gz
cd squid*
+
cd Squid*
 
cp * /etc/squid/
 
cp * /etc/squid/
 
chmod 755 /etc/squid/store_url_rewrite
 
chmod 755 /etc/squid/store_url_rewrite
 
</pre>
 
</pre>
Copy Startup script ไปที่ /etc/init.d/
+
Copy Startup script ไปที่ /etc/init.d/ ( CC 4.3 ไม่ต้อง Copy )
 
<pre>
 
<pre>
 
cp /etc/squid/squid-init.d /etc/init.d/squid
 
cp /etc/squid/squid-init.d /etc/init.d/squid
 
update-rc.d squid defaults
 
update-rc.d squid defaults
 
chmod 755 /etc/init.d/squid
 
chmod 755 /etc/init.d/squid
 +
cd /etc/squid
 +
ln -s /usr/share/system/modules/squid/redirect errors
 +
ln -s /usr/share/squid/icons icons
 +
</pre>
 +
* For squid stable9
 +
<pre>
 +
ln -s /usr/share/squid/errors errors
 +
ln -s /usr/share/squid/icons icons
 +
</pre>
 +
init.d script for debian
 +
<pre>
 +
#! /bin/sh
 +
#
 +
# squid Startup script for the SQUID HTTP proxy-cache.
 +
#
 +
# Version: @(#)squid.rc  2.20  01-Oct-2001  [email protected]
 +
#
 +
### BEGIN INIT INFO
 +
# Provides:          squid
 +
# Required-Start:    $local_fs $network
 +
# Required-Stop:    $local_fs $network
 +
# Should-Start:      $named
 +
# Should-Stop:      $named
 +
# Default-Start:    2 3 4 5
 +
# Default-Stop:      0 1 6
 +
# Short-Description: Squid HTTP Proxy
 +
### END INIT INFO
 +
 +
NAME=squid
 +
DAEMON=/usr/sbin/squid
 +
LIB=/usr/lib/squid
 +
PIDFILE=/var/run/$NAME.pid
 +
SQUID_ARGS="-D -YC"
 +
 +
[ ! -f /etc/default/squid ] || . /etc/default/squid
 +
 +
. /lib/lsb/init-functions
 +
 +
PATH=/bin:/usr/bin:/sbin:/usr/sbin
 +
 +
[ -x $DAEMON ] || exit 0
 +
 +
grepconf () {
 +
w=" " # space tab
 +
sq=/etc/squid/squid.conf
 +
# sed is cool.
 +
res=`sed -ne '
 +
s/^'$1'['"$w"']\+\([^'"$w"']\+\).*$/\1/p;
 +
t end;
 +
d;
 +
:end q' < $sq`
 +
[ -n "$res" ] || res=$2
 +
echo "$res"
 +
}
 +
 +
grepconf2 () {
 +
w=" " # space tab
 +
sq=/etc/squid/$NAME.conf
 +
# sed is cool.
 +
res=`sed -ne '
 +
s/^'$1'['"$w"']\+[^'"$w"']\+['"$w"']\+\([^'"$w"']\+\).*$/\1/p;
 +
t end;
 +
d;
 +
:end q' < $sq`
 +
[ -n "$res" ] || res=$2
 +
echo "$res"
 +
}
 +
 +
#
 +
# Try to increase the # of filedescriptors we can open.
 +
#
 +
maxfds () {
 +
[ -n "$SQUID_MAXFD" ] || return
 +
[ -f /proc/sys/fs/file-max ] || return 0
 +
global_file_max=`cat /proc/sys/fs/file-max`
 +
minimal_file_max=$(($SQUID_MAXFD + 4096))
 +
if [ "$global_file_max" -lt $minimal_file_max ]
 +
then
 +
echo $minimal_file_max > /proc/sys/fs/file-max
 +
fi
 +
ulimit -n $SQUID_MAXFD
 +
}
 +
 +
start () {
 +
cdr=`grepconf2 cache_dir /var/spool/$NAME`
 +
ctp=`grepconf cache_dir ufs`
 +
 +
case "$cdr" in
 +
[0-9]*)
 +
log_failure_msg "squid: squid.conf contains 2.2.5 syntax - not starting!"
 +
log_end_msg 1
 +
exit 1
 +
;;
 +
esac
 +
 +
#
 +
    # Create spool dirs if they don't exist.
 +
    #
 +
if [ -d "$cdr" -a ! -d "$cdr/00" ] || [ "$ctp" = "coss" -a ! -f "$cdr" ]
 +
then
 +
log_warning_msg "Creating squid cache structure"
 +
$DAEMON $SQUID_ARGS -z
 +
fi
 +
 +
if [ "$CHUID" = "" ]; then
 +
CHUID=root
 +
fi
 +
 +
maxfds
 +
umask 027
 +
start-stop-daemon --quiet --start \
 +
--pidfile $PIDFILE \
 +
--chuid $CHUID \
 +
--exec $DAEMON -- $SQUID_ARGS < /dev/null
 +
return $?
 +
}
 +
 +
stop () {
 +
PID=`cat $PIDFILE 2>/dev/null`
 +
start-stop-daemon --stop --quiet --pidfile $PIDFILE --name squid
 +
#
 +
# Now we have to wait until squid has _really_ stopped.
 +
#
 +
sleep 2
 +
if test -n "$PID" && kill -0 $PID 2>/dev/null
 +
then
 +
log_action_begin_msg " Waiting"
 +
cnt=0
 +
while kill -0 $PID 2>/dev/null
 +
do
 +
cnt=`expr $cnt + 1`
 +
if [ $cnt -gt 24 ]
 +
then
 +
log_action_end_msg 1
 +
return 1
 +
fi
 +
sleep 5
 +
log_action_cont_msg ""
 +
done
 +
log_action_end_msg 0
 +
return 0
 +
else
 +
return 0
 +
fi
 +
}
 +
 +
case "$1" in
 +
    start)
 +
log_daemon_msg "Starting Squid HTTP proxy" "squid"
 +
if start ; then
 +
log_end_msg $?
 +
else
 +
log_end_msg $?
 +
fi
 +
;;
 +
    stop)
 +
log_daemon_msg "Stopping Squid HTTP proxy" "squid"
 +
if stop ; then
 +
log_end_msg $?
 +
else
 +
log_end_msg $?
 +
fi
 +
;;
 +
    reload|force-reload)
 +
log_action_msg "Reloading Squid configuration files"
 +
$DAEMON -k reconfigure
 +
log_action_end_msg 0
 +
;;
 +
    restart)
 +
log_daemon_msg "Restarting Squid HTTP proxy" "squid"
 +
stop
 +
if start ; then
 +
log_end_msg $?
 +
else
 +
log_end_msg $?
 +
fi
 +
;;
 +
    status)
 +
status_of_proc -p "$PIDFILE" "$DAEMON" squid && exit 0 || exit $?
 +
;;
 +
    *)
 +
echo "Usage: /etc/init.d/$NAME {start|stop|reload|force-reload|restart|status}"
 +
exit 3
 +
;;
 +
esac
 +
 +
exit 0
 +
 +
</pre>
 +
Clearcache script
 +
<pre>
 +
nano /usr/sbin/clearcachesquid
 +
</pre>
 +
<pre>
 +
echo " ##################################### "
 +
echo " ######## Stop Squid Service ######### "
 +
echo " ##################################### "
 +
/etc/init.d/squid stop
 +
 +
echo " ##################################### "
 +
echo " ###### Delete spool directory ####### "
 +
echo " ##################################### "
 +
rm -rfv /var/spool/squid/
 +
 +
echo " ##################################### "
 +
echo " ##########      Finish    ########## "
 +
echo " ###### Create cache directory ####### "
 +
echo " ##################################### "
 +
mkdir -p /var/spool/squid
 +
chown squid:squid /var/spool/squid/
 +
chmod 777 /var/spool/squid/
 +
squid -z
 +
 +
echo " ##################################### "
 +
echo " ########## Startting squid ########## "
 +
echo " ##################################### "
 
/etc/init.d/squid start
 
/etc/init.d/squid start
 
</pre>
 
</pre>
 +
 +
<pre>
 +
chmod 755 /usr/sbin/clearcachesquid
 +
clearcachesquid
 +
</pre>
 +
 
ตรวจสอบโดยใช้คำสั่ง ps ax | grep squid
 
ตรวจสอบโดยใช้คำสั่ง ps ax | grep squid
 
<pre>
 
<pre>
debian:/var/log# ps ax | grep squid
+
[root@system squid]# ps ax | grep squid
16350 ?        S<s    0:00 /usr/sbin/squid -D -YC
+
29451 ?        Ss    0:00 squid -D
16352 ?        S<l    0:00 (squid) -D -YC
+
29453 ?        Sl    0:00 (squid) -D
16356 ?        S<s    0:00 /usr/bin/perl /etc/squid/store_url_rewrite
+
29455 ?        S     0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl
16360 ?        S<s    0:00 /usr/bin/perl /etc/squid/store_url_rewrite
+
29456 ?        S      0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl
16361 ?        S<s    0:00 /usr/bin/perl /etc/squid/store_url_rewrite
+
29457 ?        S      0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl
16362 ?        S<s    0:00 /usr/bin/perl /etc/squid/store_url_rewrite
+
29458 ?        S      0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl
16363 ?        S<s    0:00 /usr/bin/perl /etc/squid/store_url_rewrite
+
29459 ?        S      0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl
16413 pts/0   S<+   0:00 grep squid
+
29460 ?        S      0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl
 +
29461 ?        S      0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl
 +
29462 ?        S      0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl
 +
29463 ?        S      0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl
 +
29464 ?        S     0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl
 +
29465 ?        S     0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl
 +
29466 ?        S     0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl
 +
29467 ?        S     0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl
 +
29468 ?        S     0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl
 +
29469 ?        S     0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl
 +
29500 pts/1   S+    0:00 grep squid
 +
 
 +
</pre>
 +
 
 +
---
 +
Squid3.1.10 config
 +
<pre>
 +
#
 +
# Recommended minimum configuration:
 +
#
 +
 
 +
http_port 3128 transparent no-connection-auth
 +
icp_port 0
 +
icp_query_timeout 0
 +
mcast_icp_query_timeout 2000
 +
dead_peer_timeout 10 seconds
 +
 
 +
#============================================================$
 +
#                Block Domain + Time Frame
 +
#============================================================$
 +
 
 +
#acl allow_client src 1.0.5.37 1.0.5.47 1.0.5.58 1.0.5.59 1.0.5.61 1.0.8.8
 +
 
 +
#acl local-servers dstdomain 111.223.32.36 27.254.32.35 job3.ocsc.go.th
 +
#always_direct allow local-servers
 +
 
 +
#acl block1 dstdomain "/etc/squid/domain_block"
 +
#http_access deny block1 !allow_client
 +
 
 +
acl b1 time MTWHFA 06:00-08:30
 +
acl b2 time MTWHFA 10:00-10:30
 +
acl b3 time MTWHFA 12:00-13:00
 +
acl b4 time MTWHFA 15:00-15:30
 +
acl b5 time MTWHFA 16:30-21:00
 +
acl bd dstdomain "/etc/squid/denied_domains.acl"
 +
http_access deny bd !b1 !b2 !b3 !b4 !b5
 +
deny_info http://www.psch-club.blogspot.com b1 b2 b3 b4 b5 bd
 +
 
 +
acl manager proto cache_object
 +
acl localhost src 127.0.0.1/32 ::1
 +
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
 +
 
 +
# Example rule allowing access from your local networks.
 +
# Adapt to list your (internal) IP networks from where browsing
 +
# should be allowed
 +
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
 +
acl localnet src 1.0.0.0/8 # RFC1918 possible internal network
 +
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
 +
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
 +
acl localnet src fc00::/7      # RFC 4193 local private network range
 +
acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged) machines
 +
 
 +
acl SSL_ports port 443
 +
acl Safe_ports port 80 # http
 +
acl Safe_ports port 21 # ftp
 +
acl Safe_ports port 443 # https
 +
acl Safe_ports port 70 # gopher
 +
acl Safe_ports port 210 # wais
 +
acl Safe_ports port 1025-65535 # unregistered ports
 +
acl Safe_ports port 280 # http-mgmt
 +
acl Safe_ports port 488 # gss-http
 +
acl Safe_ports port 591 # filemaker
 +
acl Safe_ports port 777 # multiling http
 +
acl CONNECT method CONNECT
 +
 
 +
#
 +
# Recommended minimum Access Permission configuration:
 +
#
 +
# Only allow cachemgr access from localhost
 +
 
 +
cache_access_log  /var/log/squid/access.log
 +
 
 +
 
 +
http_access allow manager localhost
 +
http_access deny manager
 +
 
 +
# Deny requests to certain unsafe ports
 +
http_access deny !Safe_ports
 +
 
 +
# Deny CONNECT to other than secure SSL ports
 +
http_access deny CONNECT !SSL_ports
 +
 
 +
# We strongly recommend the following be uncommented to protect innocent
 +
# web applications running on the proxy server who think the only
 +
# one who can access services on "localhost" is a local user
 +
#http_access deny to_localhost
 +
 
 +
#
 +
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
 +
#
 +
 
 +
# Example rule allowing access from your local networks.
 +
# Adapt localnet in the ACL section to list your (internal) IP networks
 +
# from where browsing should be allowed
 +
http_access allow localnet
 +
http_access allow localhost
 +
 
 +
# And finally deny all other access to this proxy
 +
http_access deny all
 +
 
 +
# Squid normally listens to port 3128
 +
http_port 3128
 +
 
 +
# We recommend you to use at least the following line.
 +
hierarchy_stoplist cgi-bin ?
 +
 
 +
# Uncomment and adjust the following to add a disk cache directory.
 +
#cache_dir ufs /var/spool/squid 100 16 256
 +
cache_dir ufs /var/spool/squid 512 16 256
 +
minimum_object_size 0 KB
 +
maximum_object_size 4096 KB
 +
 
 +
logfile_rotate 30
 +
cache_store_log none
 +
 
 +
# Leave coredumps in the first cache dir
 +
coredump_dir /var/spool/squid
 +
 
 +
# Add any of your own refresh_pattern entries above these.
 +
refresh_pattern ^ftp: 1440 20% 10080
 +
refresh_pattern ^gopher: 1440 0% 1440
 +
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
 +
refresh_pattern . 0 20% 4320
 +
 
 +
 
 
</pre>
 
</pre>

Latest revision as of 13:11, 28 August 2012

Squid 2.7STABLE7 Compile on ClarkConnect 4.3,5.0 & Debian Lenny

ดาวโหลด Package ที่จำเป็น Debian 

apt-get install build-essential libkrb5-dev
wget -c http://www.squid-cache.org/Versions/v2/2.7/squid-2.7.STABLE7.tar.gz

Clarkconnect 4.3 

apt-get install cc-devel

Clarkconnect 5 

yum -y install gcc-c++ krb5-devel

แตกไฟล์ออกมาซะ 

tar zxvf squid-2.7.STABLE7.tar.gz
cd squid-2.7.STABLE7

คอมไพล์ด้วยคำสั่ง 

./configure '--build=phat-mscompute' '--prefix=/usr' '--exec_prefix=/usr' '--bindir=/usr/sbin' '--sbindir=/usr/sbin' '--libexecdir=/usr/lib/squid' '--sysconfdir=/etc/squid' '--localstatedir=/var/spool/squid' '--datadir=/usr/share/squid' '--enable-async-io' '--with-pthreads' '--enable-storeio=ufs,aufs,coss,diskd,null' '--enable-linux-netfilter' '--enable-arp-acl' '--enable-epoll' '--enable-removal-policies=lru,heap' '--enable-snmp' '--enable-delay-pools' '--enable-htcp' '--enable-cache-digests' '--enable-referer-log' '--enable-useragent-log' '--enable-auth=basic,digest,ntlm,negotiate' '--enable-negotiate-auth-helpers=squid_kerb_auth' '--enable-carp' '--enable-follow-x-forwarded-for' '--with-large-files' '--with-maxfd=65536' 'i386-debian-linux' 'build_alias=i386-debian-linux' 'host_alias=i386-debian-linux' 'target_alias=i386-debian-linux'
make && make install

สร้าง User Squid 

useradd squid

สร้าง Cache Dir 

chown -R squid:squid /var/spool/squid/
mkdir /var/log/squid
mkdir /var/spool/squid/cache
chown -R squid:squid /var/log/squid/

ดาวโหลด Squid Config แตกและนำไปไว้ที่ /etc/squid/ 

tar jxvf Squid_config-2011-05-16.tar.gz
cd Squid*
cp * /etc/squid/
chmod 755 /etc/squid/store_url_rewrite

Copy Startup script ไปที่ /etc/init.d/ ( CC 4.3 ไม่ต้อง Copy ) 

cp /etc/squid/squid-init.d /etc/init.d/squid
update-rc.d squid defaults
chmod 755 /etc/init.d/squid
cd /etc/squid
ln -s /usr/share/system/modules/squid/redirect errors
ln -s /usr/share/squid/icons icons
  • For squid stable9
ln -s /usr/share/squid/errors errors
ln -s /usr/share/squid/icons icons

init.d script for debian 

#! /bin/sh
#
# squid		Startup script for the SQUID HTTP proxy-cache.
#
# Version:	@(#)squid.rc  2.20  01-Oct-2001  [email protected]
#
### BEGIN INIT INFO
# Provides:          squid
# Required-Start:    $local_fs $network
# Required-Stop:     $local_fs $network
# Should-Start:      $named
# Should-Stop:       $named
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Squid HTTP Proxy
### END INIT INFO

NAME=squid
DAEMON=/usr/sbin/squid
LIB=/usr/lib/squid
PIDFILE=/var/run/$NAME.pid
SQUID_ARGS="-D -YC"

[ ! -f /etc/default/squid ] || . /etc/default/squid

. /lib/lsb/init-functions

PATH=/bin:/usr/bin:/sbin:/usr/sbin

[ -x $DAEMON ] || exit 0

grepconf () {
	w=" 	" # space tab
	sq=/etc/squid/squid.conf
	# sed is cool.
	res=`sed -ne '
		s/^'$1'['"$w"']\+\([^'"$w"']\+\).*$/\1/p;
		t end;
		d;
		:end q' < $sq`
	[ -n "$res" ] || res=$2
	echo "$res"
}

grepconf2 () {
	w=" 	" # space tab
	sq=/etc/squid/$NAME.conf
	# sed is cool.
	res=`sed -ne '
		s/^'$1'['"$w"']\+[^'"$w"']\+['"$w"']\+\([^'"$w"']\+\).*$/\1/p;
		t end;
		d;
		:end q' < $sq`
	[ -n "$res" ] || res=$2
	echo "$res"
}

#
#	Try to increase the # of filedescriptors we can open.
#
maxfds () {
	[ -n "$SQUID_MAXFD" ] || return
	[ -f /proc/sys/fs/file-max ] || return 0
	global_file_max=`cat /proc/sys/fs/file-max`
	minimal_file_max=$(($SQUID_MAXFD + 4096))
	if [ "$global_file_max" -lt $minimal_file_max ]
	then
		echo $minimal_file_max > /proc/sys/fs/file-max
	fi
	ulimit -n $SQUID_MAXFD
}

start () {
	cdr=`grepconf2 cache_dir /var/spool/$NAME`
	ctp=`grepconf cache_dir ufs`

	case "$cdr" in
		[0-9]*)
			log_failure_msg "squid: squid.conf contains 2.2.5 syntax - not starting!"
			log_end_msg 1
			exit 1
			;;
	esac
	
	#
    # Create spool dirs if they don't exist.
    #
	if [ -d "$cdr" -a ! -d "$cdr/00" ] || [ "$ctp" = "coss" -a ! -f "$cdr" ]
	then
		log_warning_msg "Creating squid cache structure"
		$DAEMON $SQUID_ARGS -z
	fi

	if [ "$CHUID" = "" ]; then
		CHUID=root
	fi

	maxfds
	umask 027
	start-stop-daemon --quiet --start \
		--pidfile $PIDFILE \
		--chuid $CHUID \
		--exec $DAEMON -- $SQUID_ARGS < /dev/null
	return $?
}

stop () {
	PID=`cat $PIDFILE 2>/dev/null`
	start-stop-daemon --stop --quiet --pidfile $PIDFILE --name squid
	#
	#	Now we have to wait until squid has _really_ stopped.
	#
	sleep 2
	if test -n "$PID" && kill -0 $PID 2>/dev/null
	then
		log_action_begin_msg " Waiting"
		cnt=0
		while kill -0 $PID 2>/dev/null
		do
			cnt=`expr $cnt + 1`
			if [ $cnt -gt 24 ]
			then
				log_action_end_msg 1
				return 1
			fi
			sleep 5
			log_action_cont_msg ""
		done
		log_action_end_msg 0
		return 0
	else
		return 0
	fi
}

case "$1" in
    start)
	log_daemon_msg "Starting Squid HTTP proxy" "squid"
	if start ; then
		log_end_msg $?
	else
		log_end_msg $?
	fi
	;;
    stop)
	log_daemon_msg "Stopping Squid HTTP proxy" "squid"
	if stop ; then
		log_end_msg $?
	else
		log_end_msg $?
	fi
	;;
    reload|force-reload)
	log_action_msg "Reloading Squid configuration files"
	$DAEMON -k reconfigure
	log_action_end_msg 0
	;;
    restart)
	log_daemon_msg "Restarting Squid HTTP proxy" "squid"
	stop
	if start ; then
		log_end_msg $?
	else
		log_end_msg $?
	fi
	;;
    status)
	status_of_proc -p "$PIDFILE" "$DAEMON" squid && exit 0 || exit $?
	;;
    *)
	echo "Usage: /etc/init.d/$NAME {start|stop|reload|force-reload|restart|status}"
	exit 3
	;;
esac

exit 0

Clearcache script 

nano /usr/sbin/clearcachesquid

echo " ##################################### "
echo " ######## Stop Squid Service ######### "
echo " ##################################### "
/etc/init.d/squid stop

echo " ##################################### "
echo " ###### Delete spool directory ####### "
echo " ##################################### "
rm -rfv /var/spool/squid/

echo " ##################################### "
echo " ##########      Finish     ########## "
echo " ###### Create cache directory ####### "
echo " ##################################### "
mkdir -p /var/spool/squid
chown squid:squid /var/spool/squid/
chmod 777 /var/spool/squid/
squid -z

echo " ##################################### "
echo " ########## Startting squid ########## "
echo " ##################################### "
/etc/init.d/squid start

chmod 755 /usr/sbin/clearcachesquid
clearcachesquid

ตรวจสอบโดยใช้คำสั่ง ps ax | grep squid 

[root@system squid]# ps ax | grep squid
29451 ?        Ss     0:00 squid -D
29453 ?        Sl     0:00 (squid) -D
29455 ?        S      0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl
29456 ?        S      0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl
29457 ?        S      0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl
29458 ?        S      0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl
29459 ?        S      0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl
29460 ?        S      0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl
29461 ?        S      0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl
29462 ?        S      0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl
29463 ?        S      0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl
29464 ?        S      0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl
29465 ?        S      0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl
29466 ?        S      0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl
29467 ?        S      0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl
29468 ?        S      0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl
29469 ?        S      0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl
29500 pts/1    S+     0:00 grep squid

--- Squid3.1.10 config 

#
# Recommended minimum configuration:
#

http_port 3128 transparent no-connection-auth
icp_port 0
icp_query_timeout 0
mcast_icp_query_timeout 2000
dead_peer_timeout 10 seconds

#============================================================$
#                 Block Domain + Time Frame
#============================================================$

#acl allow_client src 1.0.5.37 1.0.5.47 1.0.5.58 1.0.5.59 1.0.5.61 1.0.8.8

#acl local-servers dstdomain 111.223.32.36 27.254.32.35 job3.ocsc.go.th
#always_direct allow local-servers

#acl block1 dstdomain "/etc/squid/domain_block"
#http_access deny block1 !allow_client

acl b1 time MTWHFA 06:00-08:30
acl b2 time MTWHFA 10:00-10:30
acl b3 time MTWHFA 12:00-13:00
acl b4 time MTWHFA 15:00-15:30
acl b5 time MTWHFA 16:30-21:00
acl bd dstdomain "/etc/squid/denied_domains.acl"
http_access deny bd !b1 !b2 !b3 !b4 !b5
deny_info http://www.psch-club.blogspot.com b1 b2 b3 b4 b5 bd

acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1

# Example rule allowing access from your local networks.
# Adapt to list your (internal) IP networks from where browsing
# should be allowed
acl localnet src 10.0.0.0/8	# RFC1918 possible internal network
acl localnet src 1.0.0.0/8	# RFC1918 possible internal network
acl localnet src 172.16.0.0/12	# RFC1918 possible internal network
acl localnet src 192.168.0.0/16	# RFC1918 possible internal network
acl localnet src fc00::/7       # RFC 4193 local private network range
acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged) machines

acl SSL_ports port 443
acl Safe_ports port 80		# http
acl Safe_ports port 21		# ftp
acl Safe_ports port 443		# https
acl Safe_ports port 70		# gopher
acl Safe_ports port 210		# wais
acl Safe_ports port 1025-65535	# unregistered ports
acl Safe_ports port 280		# http-mgmt
acl Safe_ports port 488		# gss-http
acl Safe_ports port 591		# filemaker
acl Safe_ports port 777		# multiling http
acl CONNECT method CONNECT

#
# Recommended minimum Access Permission configuration:
#
# Only allow cachemgr access from localhost

cache_access_log  /var/log/squid/access.log


http_access allow manager localhost
http_access deny manager

# Deny requests to certain unsafe ports
http_access deny !Safe_ports

# Deny CONNECT to other than secure SSL ports
http_access deny CONNECT !SSL_ports

# We strongly recommend the following be uncommented to protect innocent
# web applications running on the proxy server who think the only
# one who can access services on "localhost" is a local user
#http_access deny to_localhost

#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
#

# Example rule allowing access from your local networks.
# Adapt localnet in the ACL section to list your (internal) IP networks
# from where browsing should be allowed
http_access allow localnet
http_access allow localhost

# And finally deny all other access to this proxy
http_access deny all

# Squid normally listens to port 3128
http_port 3128

# We recommend you to use at least the following line.
hierarchy_stoplist cgi-bin ?

# Uncomment and adjust the following to add a disk cache directory.
#cache_dir ufs /var/spool/squid 100 16 256
cache_dir ufs /var/spool/squid 512 16 256
minimum_object_size 0 KB
maximum_object_size 4096 KB

logfile_rotate 30
cache_store_log none

# Leave coredumps in the first cache dir
coredump_dir /var/spool/squid

# Add any of your own refresh_pattern entries above these.
refresh_pattern ^ftp:		1440	20%	10080
refresh_pattern ^gopher:	1440	0%	1440
refresh_pattern -i (/cgi-bin/|\?) 0	0%	0
refresh_pattern .		0	20%	4320
Retrieved from "https://msc.siamtools.com/wiki/index.php?title=Squid_2.7_Compile_Debian_Lenny&oldid=1097"