squid反向代理
时间:2006-04-07 来源:wildcat707
squid反向代理和透明代理的实现
通过2个例子介绍squid做反向代理和实现透明代理。
squid做反向代理主要应用在高负荷网站上(sina,netease&,性能和效率会比Apache的mod_proxy高很多.
实现透明代理主要是加快访问互联网的速度,控制访问等。
反向代理配置:
在hosts中:加入内部的DNS解析,比如:192.168.0.4 www.yarshure.com
192.168.0.4 blog.yarshure.com
# cat squid.conf
http_port xxx.xxx.xx.xx:80
icp_port 0
acl QUERY urlpath_regex .php cgi-bin ?
no_cache deny QUERY
uri_whitespace strip
#offline_mode on
maximum_object_size 25600 KB
cache_mem 64 MB
cache_dir ufs /scsi/cache/swap 128 16 256
pid_filename /var/run/squid.pid
#cache_access_log /dev/null
cache_access_log /scsi/cache/logs/access.log
cache_log /scsi/cache/logs/cache.log
cache_store_log none
emulate_httpd_log on
logfile_rotate 3
visible_hostname localhost
request_header_max_size 2 KB
redirect_rewrites_host_header off
cache_replacement_policy heap GDSF
memory_replacement_policy heap GDSF
half_closed_clients off
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 8080 80 21 443 563 70 210 1025-65535
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
acl snmppublic snmp_community vhs_squid
acl vhost dst 172.16.0.0/24 172.16.182.0/24 xx.xx.xx.xxx/32
acl badURL urlpath_regex exe? ida? ./ \
acl max_connection maxconn 5
http_access allow max_connection
http_access allow manager localhost
http_access deny badURL
http_access deny !vhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i .gif 10 40% 60 ignore-reload
refresh_pattern -i .jpg 10 40% 60 ignore-reload
refresh_pattern -i .htm 0 40% 60
refresh_pattern -i .html 0 40% 60
refresh_pattern -i .css 10 40% 60 ignore-reload
refresh_pattern -i .swf 10 40% 60 ignore-reload
refresh_pattern -i .cur 10 40% 60 ignore-reload
refresh_pattern -i .js$ 10 40% 60 ignore-reload
refresh_pattern . 0 20% 60
ie_refresh on
cache_mgr [email protected]
cache_effective_user nobody
cache_effective_group nobody
httpd_accel_host virtual
httpd_accel_port 18080
httpd_accel_with_proxy off
httpd_accel_uses_host_header on
cachemgr_passwd cygwin_squid info stats/objects
snmp_port 3401
snmp_access allow snmppublic
memory_pools on
forwarded_for on
log_icp_queries off
reload_into_ims on
coredump_dir /usr/local/squid/var
相关阅读 更多 +
