Squid3.0最重要的新特性:
- Code converted to C++, with significant internal restructuring and rewrites.
- ICAP implementation (RFC 3507 and www.icap-forum.org)
- Edge Side Includes (ESI) implementation (www.esi.org)
更多的请参考官方说明
来说说配置方法的不同之处(只说我自己实际使用的)
./configure的配置项
./configure –prefix=/usr/local/squid –with-large-files –enable-useragent-log –enable-referer-log –enable-linux-netfilter –enable-x-accelerator-vary –disable-internal-dns –disable-mempools –with-maxfd=65535
3.0版本去掉了以下选项:
–enable-dlmalloc 不再需要
–enable-epoll 系统会自己选择最优的I/O Loop Method
–enable-truncate 不再需要
–enable-follow-x-forwarded-for 没有此项配置了
增加了以下选项:
–disable-mempools 相当于2.7配置文件里面的memory_pools off,适合内存使用较大的情况,系统会调用free()来清除没用到的缓存内存
–with-maxfd=65535 相当于ulimit -n 65535,2.7配置文件里面的max_filedescriptors 65535
配置文件(squid.conf)差别
在Squid3.0版本的配置文件中,如下主要tag发生了变化
acl 去掉了对src为all的定义,已集成;对protocol的定义简写为proto
http_port 去掉了选项http11和act_as_origin;增加了类型http_status
cache_peer 去掉了选项http11
header_access 删除了此tag,以request_header_access和reply_header_access取代
server_http11 删除了此tag
incoming_rate 删除了此tag
memory_pools 删除了此tag,在./configure的时候实现
max_filedescriptors 删除了此tag,在./configure的时候实现
上面只列出了我自己实际配置Squid时,3.0版本和2.7版本的不同之处,关于更多的大家可以参考官方文档。
参考文档
http://www.squid-cache.org/Versions/v3/3.0/squid-3.0.STABLE14-RELEASENOTES.html
Squid3.0配置参考
编译参数:
[url=http://www.squid-cache.org/Versions/v3/3.0/squid-3.0.STABLE15.tar.gz]http://www.squid-cache.org/Versions/v3/3.0/squid-3.0.STABLE15.tar.gz[/url]
[color=Blue]./configure –prefix=/usr/local/squid3 \
–enable-debug-cbdata \
–enable-async-io=100 \
–with-pthreads \
–enable-storeio=”aufs,diskd,ufs” \
–enable-removal-policies=”heap,lru” \
–enable-icmp \
–enable-delay-pools \
–enable-useragent-log \
–enable-referer-log \
–enable-kill-parent-hack \
–enable-arp-acl \
–enable-default-err-language=Simplify_Chinese \
–enable-err-languages=”Simplify_Chinese English” \
–disable-poll \
–disable-wccp \
–disable-wccpv2 \
–disable-ident-lookups \
–disable-internal-dns \
–enable-basic-auth-helpers=”NCSA” \
–enable-stacktrace \
–with-large-files \
–disable-mempools \
–with-filedescriptors=65535 \
–enable-ssl \
–enable-x-accelerator-var
make
make install[/color]
贴一个我在线上运行的配置供大家参考:)有不足之处欢迎指正。
#accel listen port
[b]http_port 80 accel vhost vport[/b]
#accel domain
[b]cache_peer 211.100.72.109 parent 80 0 no-query originserver no-digest name=www[/b]
[b]cache_peer_domain www .linuxtone.com .linuxtone.com.cn .linuxtone.net .linuxtone.cn .linuxtone.org[/b]
#acl
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 8080
acl LanSrc src 211.100.72.0/24
acl LanDst dst 211.100.72.0/24
[b]acl LanDstDM dstdomain .linuxtone.com .linuxtone.com.cn .linuxtone.net .linuxtone.cn .linuxtone.org[/b]
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow LanSrc
http_access allow LanDst
http_access allow LanDstDM
http_access deny all
#base
visible_hostname www-cache2.linuxtone.com
cache_mgr [email]cache@linuxtone.org[/email]
cache_effective_user squid
cache_effective_group squid
error_directory /usr/local/squid3/share/errors/Simplify_Chinese
icon_directory /usr/local/squid3/share/icons
mime_table /usr/local/squid3/etc/mime.conf
cache_replacement_policy lru
#cache_dir
cache_dir aufs /data/cache1 32768 64 64
cache_dir aufs /data/cache2 32768 64 64
cache_mem 2048 MB
max_open_disk_fds 0
#maximum_object_size 512 KB
#maximum_object_size_in_memory 256 KB
maximum_object_size 20 MB
maximum_object_size_in_memory 8 MB
#keepalived
client_persistent_connections off
server_persistent_connections on
#persistent_request_timeout 60 seconds
#memory_pools on
#memory_pools_limit 64 MB
forwarded_for on
log_icp_queries off
via off
httpd_suppress_version_string off
ie_refresh off
tcp_recv_bufsize 32 KB
#acl webservices rep_header Server -i ^linuxtoneWS ^Apache ^nginx
#broken_vary_encoding allow webservices
#hidden the squid3 header
#reply_header_access Server deny all
#reply_header_access X-Cache deny all
#reply_header_access Warning deny all
#reply_header_access Expires deny all
#reply_header_access Cache-Control deny all
#reply_header_access age deny all
#reply_header_access All deny all
ipcache_size 1024
ipcache_low 90
ipcache_high 95
memory_replacement_policy lru
hosts_file /etc/hosts
request_header_max_size 128 KB
#deny cache
hierarchy_stoplist cgi-bin ? \.php
acl QUERY urlpath_regex cgi-bin\? \.php
acl DIRECT url_regex -i ^http:\/\/www\.linuxtone\.com\/$
acl DIRECT url_regex -i ^http:\/\/photo\.linuxtone\.com\/.*$
acl DIRECT url_regex -i ^http:\/\/www\.linuxtone\.com\/index\.html$
cache deny QUERY
cache deny DIRECT
#request_body_max_size 0 KB
refresh_pattern ^ftp: 60 20% 10080
refresh_pattern ^gopher: 60 0% 1440
refresh_pattern . 0 20% 1440
refresh_pattern -i \.css$ 360 50% 2880 reload-into-ims
refresh_pattern -i \.js$ 1440 50% 2880 reload-into-ims
refresh_pattern -i \.html$ 720 50% 1440 reload-into-ims
refresh_pattern -i \.jpg$ 1440 90% 2880 ignore-reload
refresh_pattern -i \.gif$ 1440 90% 2880 ignore-reload
refresh_pattern -i \.swf$ 1440 90% 2880 ignore-reload
refresh_pattern -i \.jpg$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.png$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.bmp$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.doc$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.ppt$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.xls$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.pdf$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.rar$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.zip$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.txt$ 1440 50% 2880 ignore-reload
quick_abort_min 20 KB
quick_abort_max 20 KB
quick_abort_pct 95
connect_timeout 1 minute
negative_ttl 0 minutes
read_timeout 30 seconds
pconn_timeout 120 seconds
shutdown_lifetime 5 seconds
strip_query_terms off
#snmp
#snmp_port 3401
#acl snmppublic snmp_orgmunity snsimg
#snmp_access allow snmppublic localhost
#snmp_access deny all
icp_port 0
# logfile
emulate_httpd_log on
#logformat combined %{X-Forwarded-For}>h %ui %un [%tl] “%rm %ru HTTP/%rv” %Hs %<st “%{Referer}>h” “%{User-Agent}>h” %Ss:%Sh
#access_log none
#access_log /data/logs/access.log combined
logformat squid %ts.%03tu %6tr %>a %Ss/%03Hs %<st %rm %ru %un %Sh/%<A %mt
access_log /data/logs/access.log squid
#cache_store_log /var/log/squid3/store.log
cache_store_log /dev/null
cache_log /data/logs/cache.log
logfile_rotate 12
# MISCELLANEOUS
store_objects_per_bucket 15
client_db off
Squid3.0配置参考
编译参数:
[url=http://www.squid-cache.org/Versions/v3/3.0/squid-3.0.STABLE15.tar.gz]http://www.squid-cache.org/Versions/v3/3.0/squid-3.0.STABLE15.tar.gz[/url]
[color=Blue]./configure –prefix=/usr/local/squid3 \
–enable-debug-cbdata \
–enable-async-io=100 \
–with-pthreads \
–enable-storeio=”aufs,diskd,ufs” \
–enable-removal-policies=”heap,lru” \
–enable-icmp \
–enable-delay-pools \
–enable-useragent-log \
–enable-referer-log \
–enable-kill-parent-hack \
–enable-arp-acl \
–enable-default-err-language=Simplify_Chinese \
–enable-err-languages=”Simplify_Chinese English” \
–disable-poll \
–disable-wccp \
–disable-wccpv2 \
–disable-ident-lookups \
–disable-internal-dns \
–enable-basic-auth-helpers=”NCSA” \
–enable-stacktrace \
–with-large-files \
–disable-mempools \
–with-filedescriptors=65535 \
–enable-ssl \
–enable-x-accelerator-var
make
make install[/color]
贴一个我在线上运行的配置供大家参考:)有不足之处欢迎指正。
#accel listen port
[b]http_port 80 accel vhost vport[/b]
#accel domain
[b]cache_peer 211.100.72.109 parent 80 0 no-query originserver no-digest name=www[/b]
[b]cache_peer_domain www .linuxtone.com .linuxtone.com.cn .linuxtone.net .linuxtone.cn .linuxtone.org[/b]
#acl
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 8080
acl LanSrc src 211.100.72.0/24
acl LanDst dst 211.100.72.0/24
[b]acl LanDstDM dstdomain .linuxtone.com .linuxtone.com.cn .linuxtone.net .linuxtone.cn .linuxtone.org[/b]
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow LanSrc
http_access allow LanDst
http_access allow LanDstDM
http_access deny all
#base
visible_hostname www-cache2.linuxtone.com
cache_mgr [email]cache@linuxtone.org[/email]
cache_effective_user squid
cache_effective_group squid
error_directory /usr/local/squid3/share/errors/Simplify_Chinese
icon_directory /usr/local/squid3/share/icons
mime_table /usr/local/squid3/etc/mime.conf
cache_replacement_policy lru
#cache_dir
cache_dir aufs /data/cache1 32768 64 64
cache_dir aufs /data/cache2 32768 64 64
cache_mem 2048 MB
max_open_disk_fds 0
#maximum_object_size 512 KB
#maximum_object_size_in_memory 256 KB
maximum_object_size 20 MB
maximum_object_size_in_memory 8 MB
#keepalived
client_persistent_connections off
server_persistent_connections on
#persistent_request_timeout 60 seconds
#memory_pools on
#memory_pools_limit 64 MB
forwarded_for on
log_icp_queries off
via off
httpd_suppress_version_string off
ie_refresh off
tcp_recv_bufsize 32 KB
#acl webservices rep_header Server -i ^linuxtoneWS ^Apache ^nginx
#broken_vary_encoding allow webservices
#hidden the squid3 header
#reply_header_access Server deny all
#reply_header_access X-Cache deny all
#reply_header_access Warning deny all
#reply_header_access Expires deny all
#reply_header_access Cache-Control deny all
#reply_header_access age deny all
#reply_header_access All deny all
ipcache_size 1024
ipcache_low 90
ipcache_high 95
memory_replacement_policy lru
hosts_file /etc/hosts
request_header_max_size 128 KB
#deny cache
hierarchy_stoplist cgi-bin ? \.php
acl QUERY urlpath_regex cgi-bin\? \.php
acl DIRECT url_regex -i ^http:\/\/www\.linuxtone\.com\/$
acl DIRECT url_regex -i ^http:\/\/photo\.linuxtone\.com\/.*$
acl DIRECT url_regex -i ^http:\/\/www\.linuxtone\.com\/index\.html$
cache deny QUERY
cache deny DIRECT
#request_body_max_size 0 KB
refresh_pattern ^ftp: 60 20% 10080
refresh_pattern ^gopher: 60 0% 1440
refresh_pattern . 0 20% 1440
refresh_pattern -i \.css$ 360 50% 2880 reload-into-ims
refresh_pattern -i \.js$ 1440 50% 2880 reload-into-ims
refresh_pattern -i \.html$ 720 50% 1440 reload-into-ims
refresh_pattern -i \.jpg$ 1440 90% 2880 ignore-reload
refresh_pattern -i \.gif$ 1440 90% 2880 ignore-reload
refresh_pattern -i \.swf$ 1440 90% 2880 ignore-reload
refresh_pattern -i \.jpg$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.png$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.bmp$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.doc$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.ppt$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.xls$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.pdf$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.rar$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.zip$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.txt$ 1440 50% 2880 ignore-reload
quick_abort_min 20 KB
quick_abort_max 20 KB
quick_abort_pct 95
connect_timeout 1 minute
negative_ttl 0 minutes
read_timeout 30 seconds
pconn_timeout 120 seconds
shutdown_lifetime 5 seconds
strip_query_terms off
#snmp
#snmp_port 3401
#acl snmppublic snmp_orgmunity snsimg
#snmp_access allow snmppublic localhost
#snmp_access deny all
icp_port 0
# logfile
emulate_httpd_log on
#logformat combined %{X-Forwarded-For}>h %ui %un [%tl] “%rm %ru HTTP/%rv” %Hs %<st “%{Referer}>h” “%{User-Agent}>h” %Ss:%Sh
#access_log none
#access_log /data/logs/access.log combined
logformat squid %ts.%03tu %6tr %>a %Ss/%03Hs %<st %rm %ru %un %Sh/%<A %mt
access_log /data/logs/access.log squid
#cache_store_log /var/log/squid3/store.log
cache_store_log /dev/null
cache_log /data/logs/cache.log
logfile_rotate 12
# MISCELLANEOUS
store_objects_per_bucket 15
client_db off
Recent Comments