Squid 2.7 Compile Debian Lenny
From MS Computech
Squid 2.7STABLE7 Compile on ClarkConnect 4.3,5.0 & Debian Lenny
ดาวโหลด Package ที่จำเป็น Debian
apt-get install build-essential libkrb5-dev wget -c http://www.squid-cache.org/Versions/v2/2.7/squid-2.7.STABLE7.tar.gz
Clarkconnect 4.3
apt-get install cc-devel
Clarkconnect 5
yum -y install gcc-c++ krb5-devel
แตกไฟล์ออกมาซะ
tar zxvf squid-2.7.STABLE7.tar.gz cd squid-2.7.STABLE7
คอมไพล์ด้วยคำสั่ง
./configure '--build=phat-mscompute' '--prefix=/usr' '--exec_prefix=/usr' '--bindir=/usr/sbin' '--sbindir=/usr/sbin' '--libexecdir=/usr/lib/squid' '--sysconfdir=/etc/squid' '--localstatedir=/var/spool/squid' '--datadir=/usr/share/squid' '--enable-async-io' '--with-pthreads' '--enable-storeio=ufs,aufs,coss,diskd,null' '--enable-linux-netfilter' '--enable-arp-acl' '--enable-epoll' '--enable-removal-policies=lru,heap' '--enable-snmp' '--enable-delay-pools' '--enable-htcp' '--enable-cache-digests' '--enable-referer-log' '--enable-useragent-log' '--enable-auth=basic,digest,ntlm,negotiate' '--enable-negotiate-auth-helpers=squid_kerb_auth' '--enable-carp' '--enable-follow-x-forwarded-for' '--with-large-files' '--with-maxfd=65536' 'i386-debian-linux' 'build_alias=i386-debian-linux' 'host_alias=i386-debian-linux' 'target_alias=i386-debian-linux' make && make install
สร้าง User Squid
useradd squid
สร้าง Cache Dir
chown -R squid:squid /var/spool/squid/ mkdir /var/log/squid mkdir /var/spool/squid/cache chown -R squid:squid /var/log/squid/
ดาวโหลด Squid Config แตกและนำไปไว้ที่ /etc/squid/
tar jxvf Squid_config-2011-05-16.tar.gz cd Squid* cp * /etc/squid/ chmod 755 /etc/squid/store_url_rewrite
Copy Startup script ไปที่ /etc/init.d/ ( CC 4.3 ไม่ต้อง Copy )
cp /etc/squid/squid-init.d /etc/init.d/squid update-rc.d squid defaults chmod 755 /etc/init.d/squid cd /etc/squid ln -s /usr/share/system/modules/squid/redirect errors ln -s /usr/share/squid/icons icons
- For squid stable9
ln -s /usr/share/squid/errors errors ln -s /usr/share/squid/icons icons
init.d script for debian
#! /bin/sh # # squid Startup script for the SQUID HTTP proxy-cache. # # Version: @(#)squid.rc 2.20 01-Oct-2001 [email protected] # ### BEGIN INIT INFO # Provides: squid # Required-Start: $local_fs $network # Required-Stop: $local_fs $network # Should-Start: $named # Should-Stop: $named # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: Squid HTTP Proxy ### END INIT INFO NAME=squid DAEMON=/usr/sbin/squid LIB=/usr/lib/squid PIDFILE=/var/run/$NAME.pid SQUID_ARGS="-D -YC" [ ! -f /etc/default/squid ] || . /etc/default/squid . /lib/lsb/init-functions PATH=/bin:/usr/bin:/sbin:/usr/sbin [ -x $DAEMON ] || exit 0 grepconf () { w=" " # space tab sq=/etc/squid/squid.conf # sed is cool. res=`sed -ne ' s/^'$1'['"$w"']\+\([^'"$w"']\+\).*$/\1/p; t end; d; :end q' < $sq` [ -n "$res" ] || res=$2 echo "$res" } grepconf2 () { w=" " # space tab sq=/etc/squid/$NAME.conf # sed is cool. res=`sed -ne ' s/^'$1'['"$w"']\+[^'"$w"']\+['"$w"']\+\([^'"$w"']\+\).*$/\1/p; t end; d; :end q' < $sq` [ -n "$res" ] || res=$2 echo "$res" } # # Try to increase the # of filedescriptors we can open. # maxfds () { [ -n "$SQUID_MAXFD" ] || return [ -f /proc/sys/fs/file-max ] || return 0 global_file_max=`cat /proc/sys/fs/file-max` minimal_file_max=$(($SQUID_MAXFD + 4096)) if [ "$global_file_max" -lt $minimal_file_max ] then echo $minimal_file_max > /proc/sys/fs/file-max fi ulimit -n $SQUID_MAXFD } start () { cdr=`grepconf2 cache_dir /var/spool/$NAME` ctp=`grepconf cache_dir ufs` case "$cdr" in [0-9]*) log_failure_msg "squid: squid.conf contains 2.2.5 syntax - not starting!" log_end_msg 1 exit 1 ;; esac # # Create spool dirs if they don't exist. # if [ -d "$cdr" -a ! -d "$cdr/00" ] || [ "$ctp" = "coss" -a ! -f "$cdr" ] then log_warning_msg "Creating squid cache structure" $DAEMON $SQUID_ARGS -z fi if [ "$CHUID" = "" ]; then CHUID=root fi maxfds umask 027 start-stop-daemon --quiet --start \ --pidfile $PIDFILE \ --chuid $CHUID \ --exec $DAEMON -- $SQUID_ARGS < /dev/null return $? } stop () { PID=`cat $PIDFILE 2>/dev/null` start-stop-daemon --stop --quiet --pidfile $PIDFILE --name squid # # Now we have to wait until squid has _really_ stopped. # sleep 2 if test -n "$PID" && kill -0 $PID 2>/dev/null then log_action_begin_msg " Waiting" cnt=0 while kill -0 $PID 2>/dev/null do cnt=`expr $cnt + 1` if [ $cnt -gt 24 ] then log_action_end_msg 1 return 1 fi sleep 5 log_action_cont_msg "" done log_action_end_msg 0 return 0 else return 0 fi } case "$1" in start) log_daemon_msg "Starting Squid HTTP proxy" "squid" if start ; then log_end_msg $? else log_end_msg $? fi ;; stop) log_daemon_msg "Stopping Squid HTTP proxy" "squid" if stop ; then log_end_msg $? else log_end_msg $? fi ;; reload|force-reload) log_action_msg "Reloading Squid configuration files" $DAEMON -k reconfigure log_action_end_msg 0 ;; restart) log_daemon_msg "Restarting Squid HTTP proxy" "squid" stop if start ; then log_end_msg $? else log_end_msg $? fi ;; status) status_of_proc -p "$PIDFILE" "$DAEMON" squid && exit 0 || exit $? ;; *) echo "Usage: /etc/init.d/$NAME {start|stop|reload|force-reload|restart|status}" exit 3 ;; esac exit 0
Clearcache script
nano /usr/sbin/clearcachesquid
echo " ##################################### " echo " ######## Stop Squid Service ######### " echo " ##################################### " /etc/init.d/squid stop echo " ##################################### " echo " ###### Delete spool directory ####### " echo " ##################################### " rm -rfv /var/spool/squid/ echo " ##################################### " echo " ########## Finish ########## " echo " ###### Create cache directory ####### " echo " ##################################### " mkdir -p /var/spool/squid chown squid:squid /var/spool/squid/ chmod 777 /var/spool/squid/ squid -z echo " ##################################### " echo " ########## Startting squid ########## " echo " ##################################### " /etc/init.d/squid start
chmod 755 /usr/sbin/clearcachesquid clearcachesquid
ตรวจสอบโดยใช้คำสั่ง ps ax | grep squid
[root@system squid]# ps ax | grep squid 29451 ? Ss 0:00 squid -D 29453 ? Sl 0:00 (squid) -D 29455 ? S 0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl 29456 ? S 0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl 29457 ? S 0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl 29458 ? S 0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl 29459 ? S 0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl 29460 ? S 0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl 29461 ? S 0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl 29462 ? S 0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl 29463 ? S 0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl 29464 ? S 0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl 29465 ? S 0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl 29466 ? S 0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl 29467 ? S 0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl 29468 ? S 0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl 29469 ? S 0:00 /usr/bin/perl /etc/squid/store_url_rewrite.pl 29500 pts/1 S+ 0:00 grep squid
--- Squid3 config
http_port 3128 transparent no-connection-auth
icp_port 0
icp_query_timeout 0
mcast_icp_query_timeout 2000
dead_peer_timeout 10 seconds
#cache_dir aufs /var/spool/squid3 1024 16 256
cache_dir ufs /var/spool/squid3 512 16 256
minimum_object_size 0 KB
maximum_object_size 4096 KB
error_directory /usr/share/squid3/errors/th
#logformat common %{%m-%d-%Y %H:%M:%S}tl %>a %Ss/%03>Hs %rm %ru %un %Sh/%<A %mt
#cache_access_log /var/log/squid3/access.log common
cache_access_log /var/log/squid3/access.log
cache_store_log none
logfile_rotate 90
pid_filename /var/run/squid.pid
ftp_user Squid@
ftp_list_width 32
ftp_passive on
ftp_sanitycheck on
quick_abort_min 0 KB
quick_abort_max 0 KB
quick_abort_pct 100
negative_ttl 2 minutes
positive_dns_ttl 60 seconds
negative_dns_ttl 30 seconds
forward_timeout 5 minutes
connect_timeout 5 minutes
peer_connect_timeout 1 minutes
pconn_timeout 120 seconds
read_timeout 15 minutes
request_timeout 5 minutes
persistent_request_timeout 2 minute
shutdown_lifetime 10 seconds
client_lifetime 1 day
half_closed_clients off
ie_refresh on
coredump_dir /var/spool/squid3
acl manager proto cache_object
acl localhost src 127.0.0.0/8
follow_x_forwarded_for allow localhost
# webconfig: acl_start
#acl webconfig_lan src 192.168.0.0/16 10.0.0.0/8
#acl webconfig_to_lan dst 192.168.0.0/16 10.0.0.0/8
# webconfig: acl_end
#acl to_localhost dst 127.0.0.0/8
#acl somlith src 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16
acl all_port port 1-65535
acl connect method connect
# Block Bit and uTorrent
acl bit url_regex -i .*announce passkey downloadzip.php dlzip.php \.torrrent$ \.torrent announce http://tracker passkey= info_hash
http_access deny bit
# ----- Acl Controls
acl SSL_ports port 443 # https
#acl SSL_ports port 563 # snews
#acl SSL_ports port 873 # rsync
#acl Safe_ports port 80 # http
acl Safe_ports port 81 # http
#acl Safe_ports port 21 # ftp
#acl Safe_ports port 443 # https
#acl Safe_ports port 70 # gopher
#acl Safe_ports port 210 # wais
#acl Safe_ports port 1025-65535 # unregistered ports
#acl Safe_ports port 280 # http-mgmt
#acl Safe_ports port 488 # gss-http
#acl Safe_ports port 591 # filemaker
#acl Safe_ports port 777 # multiling http
#acl Safe_ports port 631 # cups
#acl Safe_ports port 873 # rsync
#acl Safe_ports port 901 # SWAT
acl CONNECT method CONNECT
#http_access allow somlith
http_access allow manager localhost
#http_access deny manager
http_access allow !Safe_ports
http_access allow CONNECT !SSL_ports
http_access allow all
#icp_access allow somlith
icp_access allow all
acl SSL method CONNECT
#never_direct allow SSL
url_rewrite_children 20
acl youtube_query url_regex -i \.youtube\.com\/get_video
acl metacafe_query dstdomain v.mccont.com
acl dailymotion_query url_regex -i proxy\-[0-9][0-9]\.dailymotion\.com\/
acl google_query dstdomain vp.video.google.com
acl redtube_query dstdomain dl.redtube.com
acl xtube_query url_regex -i p[0-9a-z][0-9a-z]?[0-9a-z]?\.xtube\.com\/videos
acl vimeo_query url_regex bitcast\.vimeo\.com\/vimeo\/videos\/
acl wrzuta_query url_regex -i va\.wrzuta\.pl\/wa[0-9][0-9][0-9][0-9]?
url_rewrite_access allow youtube_query
url_rewrite_access allow metacafe_query
url_rewrite_access allow dailymotion_query
url_rewrite_access allow google_query
url_rewrite_access allow redtube_query
url_rewrite_access allow xtube_query
url_rewrite_access allow vimeo_query
url_rewrite_access allow wrzuta_query
redirector_bypass on
acl store_rewrite_list url_regex ^http://(.*?)/get_video\?
acl store_rewrite_list url_regex ^http://(.*?)/videodownload\?
acl store_rewrite_list url_regex ^http://i(.*?).photobucket.com/albums/(.*?)/(.*?)/(.*?)\?
acl store_rewrite_list url_regex ^http://vid(.*?).photobucket.com/albums/(.*?)/(.*?)\?
cache allow store_rewrite_list
cache allow all
# ----- No Cache -------
acl NOCACHE url_regex cgi-bin [^z]\? photos[1-9] \.D$ \.ini$ \.dll$ \.inf$ \.Xt \.xtp \.daf \.bmp \.txt \.id \.html \.htm Loader\.exe 1st$ update.cfg\? urlinfo\.ini$ updatelist notice_popup ProjectG.exe.zip$ start/ucg UCG\.DAT$ UCGA?\.exe$ version\.cfg$ \.xml$ \.ver version_list\.dat SFrame\.exe version_list\.* version\.* version.ini patchfile.lst configupdate we.exe version\.*cache
cache deny NOCACHE
# ----- Administrative Parameters
cache_mgr mscomputech.net
cache_effective_user squid
cache_effective_group squid
visible_hostname [email protected]
memory_pools on
memory_pools_limit 50 MB
forwarded_for on
client_db on
netdb_low 9900
netdb_high 10000
pipeline_prefetch on
balance_on_multiple_ip on
reload_into_ims on
vary_ignore_expire on
# ----- Option Which Affect The Cache Size
cache_mem 256 MB
cache_swap_low 95
cache_swap_high 98
memory_pools no
memory_pools_limit 256 MB
maximum_object_size 512 MB
maximum_object_size_in_memory 32 KB
ipcache_size 4096
ipcache_low 95
ipcache_high 98
fqdncache_size 4096
cache_effective_user squid
cache_effective_group squid
cache_replacement_policy heap LFUDA
memory_replacement_policy heap LFUDA
#cache_mem 64 MB
maximum_object_size 20 MB
maximum_object_size_in_memory 512 KB
#cache_swap_low 90
#cache_swap_high 98
#ipcache_size 4096
#ipcache_low 90
#ipcache_high 98
#fqdncache_size 4096
client_netmask 255.255.255.255
ftp_passive on
ftp_sanitycheck on
dns_nameservers 127.0.0.1
#cache_replacement_policy heap LFUDA
#memory_replacement_policy heap GDSF
# ----- Delay Pools
#acl limitdown1 url_regex -i .mp3 .ogg .wav .wma .3gp .avi .mov .mp4 .mpeg .mpg .wma .mkv .divx .vob .iso .nrg .torrent .flv
#acl limitdown2 url_regex -i .zip .rar .7z .exe .msi
#delay_pools 3
#delay_class 1 2 #
#delay_parameters 1 102400/102400 102400/102400
#delay_access 1 allow limitdown1
#delay_access 1 deny all
#delay_class 2 2
#delay_parameters 2 102400/102400 102400/102400
#delay_access 2 allow limitdown2
#delay_access 2 deny all
#delay_class 3 1
#delay_parameters 3 -1/-1
#delay_access 3 allow localhost
# ----- refresh_pattern--------
refresh_pattern ^http://(.*?)/get_video\? 10080 90% 999999 override-expire ignore-no-cache ignore-private
refresh_pattern ^http://(.*?)/videodownload\? 10080 90% 999999 override-expire ignore-no-cache ignore-private
refresh_pattern ^http://i(.*?).photobucket.com/albums/(.*?)/(.*?)/(.*?)\? 43200 90% 999999 override-expire ignore-no-cache ignore-private
refresh_pattern ^http://vid(.*?).photobucket.com/albums/(.*?)/(.*?)\? 43200 90% 999999 override-expire ignore-no-cache ignore-private
refresh_pattern -i \.flv$ 10080 90% 999999 ignore-no-cache override-expire ignore-private
refresh_pattern ^http://sjl-v[0-9]+\.sjl\.youtube\.com 10080 90% 999999 ignore-no-cache override-expire ignore-private
refresh_pattern -i (html|htm|/)$ 0 20% 720
refresh_pattern -i (asp\?|php\?) 0 20% 720
refresh_pattern -i (asp|php)$ 0 20% 720
refresh_pattern \.(exe|zip|gz|arj|lha|lzh|rar|tgz|tar|Z)$ 4320 80% 43200 override-lastmod reload-into-ims ignore-reload
refresh_pattern ^http://update.cabal.* 43200 100% 43200 ignore-reload override-lastmod reload-into-ims override-expire ignore-no-cache ignore-private
refresh_pattern ^http://download.cabal.* 43200 100% 43200 ignore-reload override-lastmod reload-into-ims override-expire ignore-no-cache ignore-private
refresh_pattern ^http://patch.sf.* 43200 100% 43200 ignore-reload override-lastmod reload-into-ims override-expire ignore-no-cache ignore-private
refresh_pattern ^http://trdownload.in.th 43200 100% 432000 ignore-reload override-lastmod reload-into-ims override-expire ignore-no-cache ignore-private
refresh_pattern ^http://cbt.patch.easportsfifaonline2.in.th/.* 43200 100% 43200 ignore-reload override-lastmod reload-into-ims override-expire ignore-no-cache ignore-private
refresh_pattern ^http://patch.dekaron.in.th/* 43200 90% 43200 ignore-reload override-lastmod reload-into-ims override-expire ignore-no-cache ignore-private
refresh_pattern ^http://61.90.199.12.*/.* 43200 90% 43200 ignore-reload override-lastmod reload-into-ims override-expire ignore-no-cache ignore-private
refresh_pattern ^http://202.43.33.122/ 43200 20% 43200 ignore-reload override-lastmod reload-into-ims override-expire ignore-no-cache ignore-private
refresh_pattern ^http://202.43.34.11 43200 100% 43200 ignore-reload override-lastmod reload-into-ims override-expire ignore-no-cache ignore-private
refresh_pattern ^http://202.43.34.110/patch/ 43200 90% 43200 ignore-reload override-lastmod reload-into-ims override-expire ignore-no-cache ignore-private
refresh_pattern ^gopher://.*\.*$ 0 20% 1440
refresh_pattern ^http://.*\.*$ 0 20% 1440
refresh_pattern ^ftp://.*\.*$ 0 20% 1440
refresh_pattern ^ftp: 0 20% 1440
refresh_pattern ^gopher: 0 0% 1440
refresh_pattern . 0 20% 1440
