缓存/代理服务器squid安装与配置
时间:2010-04-29 来源:xhq6632
squid是流行的代理/缓存加速服务器,应用相当的广泛。最近一直都在研究,但是研究的不够透彻,不对的地方希望大家给予指正。目前的稳定版本是2.6-STABLE12。
下载地址:http://www.squid-cache.org/Versions/v2/2.6/
tar zxf squid-2.6.STABLE12.tar.gz cd squid-2.6.STABLE12
先看看squid的选项
`configure' configures Squid Web Proxy 2.6.STABLE12 to adapt to many kinds of systems.
Usage: ./configure [OPTION]... [VAR=VALUE]...
To assign environment variables (e.g., CC, CFLAGS...), specify them as
VAR=VALUE. See below for descriptions of some of the useful variables.
Defaults for the options are specified in brackets.
Configuration:
-h, --help display this help and exit
--help=short display options specific to this package
--help=recursive display the short help of all the included packages
-V, --version display version information and exit
-q, --quiet, --silent do not print `checking...' messages
--cache-file=FILE cache test results in FILE [disabled]
-C, --config-cache alias for `--cache-file=config.cache'
-n, --no-create do not create output files
--srcdir=DIR find the sources in DIR [configure dir or `..']
Installation directories:
--prefix=PREFIX install architecture-independent files in PREFIX
[/usr/local/squid]
--exec-prefix=EPREFIX install architecture-dependent files in EPREFIX
[PREFIX]
By default, `make install' will install all the files in
`/usr/local/squid/bin', `/usr/local/squid/lib' etc. You can specify
an installation prefix other than `/usr/local/squid' using `--prefix',
for instance `--prefix=$HOME'.
For better control, use the options below.
Fine tuning of the installation directories:
--bindir=DIR user executables [EPREFIX/bin]
--sbindir=DIR system admin executables [EPREFIX/sbin]
--libexecdir=DIR program executables [EPREFIX/libexec]
--datadir=DIR read-only architecture-independent data [PREFIX/share]
--sysconfdir=DIR read-only single-machine data [PREFIX/etc]
--sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com]
--localstatedir=DIR modifiable single-machine data [PREFIX/var]
--libdir=DIR object code libraries [EPREFIX/lib]
--includedir=DIR C header files [PREFIX/include]
--oldincludedir=DIR C header files for non-gcc [/usr/include]
--infodir=DIR info documentation [PREFIX/info]
--mandir=DIR man documentation [PREFIX/man]
Program names:
--program-prefix=PREFIX prepend PREFIX to installed program names
--program-suffix=SUFFIX append SUFFIX to installed program names
--program-transform-name=PROGRAM run sed PROGRAM on installed program names
System types:
--build=BUILD configure for building on BUILD [guessed]
--host=HOST cross-compile to build programs to run on HOST [BUILD]
Optional Features:
--disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no)
--enable-FEATURE[=ARG] include FEATURE [ARG=yes]
--enable-maintainer-mode enable make rules and dependencies not useful
(and sometimes confusing) to the casual installer
--disable-dependency-tracking speeds up one-time build
--enable-dependency-tracking do not reject slow dependency extractors
--enable-dlmalloc=LIB Compile & use the malloc package by Doug Lea
--enable-gnuregex Compile GNUregex. Unless you have reason to use this
option, you should not enable it. This library file
is usually only required on Windows and very old
Unix boxes which do not have their own regex library
built in.
--enable-mempool-debug Include MemPool debug verifications
--enable-xmalloc-statistics
Show malloc statistics in status page
--disable-carp Disable CARP support
--enable-async-io=N_THREADS
Shorthand for
--with-aufs-threads=N_THREADS
--with-pthreads
--enable-storeio=ufs,aufs
--enable-storeio="list of modules"
Build support for the list of store I/O modules.
The default is only to build the "ufs" module.
See src/fs for a list of available modules, or
Programmers Guide section
for details on how to build your custom store module
--enable-heap-replacement
Backwards compatibility option. Please use the
new --enable-removal-policies directive instead.
--enable-removal-policies="list of policies"
Build support for the list of removal policies.
The default is only to build the "lru" module.
See src/repl for a list of available modules, or
Programmers Guide section 9.9 for details on how
to build your custom policy
--enable-icmp Enable ICMP pinging
--enable-delay-pools Enable delay pools to limit bandwidth usage
--enable-useragent-log Enable logging of User-Agent header
--enable-referer-log Enable logging of Referer header
--disable-wccp Disable Web Cache Coordination V1 Protocol
--disable-wccpv2 Disable Web Cache Coordination V2 Protocol
--enable-kill-parent-hack
Kill parent on shutdown
--enable-forward-log Enable experimental forward_log directive
--enable-multicast-miss Enable experimental multicast notification of cachemisses
--enable-snmp Enable SNMP monitoring
--enable-cachemgr-hostname=hostname
Make cachemgr.cgi default to this host
--enable-arp-acl Enable use of ARP ACL lists (ether address)
--enable-htcp Enable HTCP protocol
--enable-ssl Enable ssl gatewaying support using OpenSSL
--enable-forw-via-db Enable Forw/Via database
--enable-cache-digests Use Cache Digests
see http://www.squid-cache.org/FAQ/FAQ-16.html
--enable-default-err-language=lang
Select default language for Error pages (see
errors directory)
--enable-err-languages=\"lang1 lang2..\"
Select languages to be installed. (All will be
installed by default)
--enable-coss-aio-ops Enable COSS I/O with Posix AIO (default is aufs I/O)
--enable-select Force the use of select support.
Normally configure automatically selects a better
alternative if available.
--disable-select Disable select support, causing configure to fail
if a better alternative is not available
--enable-select-simple Force the use of select support (POSIX).
Useful if your system only supports the bare minium
POSIX select requirements without fds_bits.
--enable-poll Force the use of poll even if automatic checks
indicate poll may be broken on your plaform.
--disable-poll Disable the use of poll.
--enable-epoll Force the use of epoll even if automatic checks
indicate epoll may not be supported.
--disable-epoll Disable the use of epoll.
--enable-kqueue Force the use of kqueue even if automatic checks
indicate kqueue may not be supported.
--disable-kqueue Disable kqueue support.
--disable-http-violations
This allows you to remove code which is known to
violate the HTTP protocol specification.
--enable-ipf-transparent
Enable Transparent Proxy support for systems
using IP-Filter network address redirection.
--enable-pf-transparent
Enable Transparent Proxy support for systems
using PF network address redirection.
--enable-linux-netfilter
Enable Transparent Proxy support for Linux 2.4 and later
--enable-large-cache-files
Enable support for large cache files (>2GB).
WARNING: on-disk cache format is changed by this option
--enable-linux-tproxy
Enable real Transparent Proxy support for Netfilter TPROXY.
--enable-leakfinder
Enable Leak Finding code. Enabling this alone
does nothing; you also have to modify the source
code to use the leak finding functions. Probably
Useful for hackers only.
--disable-ident-lookups
This allows you to remove code that performs
Ident (RFC 931) lookups.
--disable-internal-dns This prevents Squid from directly sending and
receiving DNS messages, and instead enables the
old external 'dnsserver' processes.
--enable-truncate This uses truncate() instead of unlink() when
removing cache files. Truncate gives a little
performance improvement, but may cause problems
when used with async I/O. Truncate uses more
filesystem inodes than unlink..
--enable-default-hostsfile=path
Select default location for hosts file.
See hosts_file directive in squid.conf for details
--enable-win32-service Compile Squid as a WIN32 Service
Works only on Windows NT and Windows 2000 Platforms.
--enable-auth="list of auth scheme modules"
Build support for the list of authentication schemes.
The default is to build support for the Basic scheme.
See src/auth for a list of available modules, or
Programmers Guide section authentication schemes
for details on how to build your custom auth scheme
module
--enable-basic-auth-helpers="list of helpers"
This option selects which basic scheme proxy_auth
helpers to build and install as part of the normal
build process. For a list of available
helpers see the helpers/basic_auth directory.
--enable-ntlm-auth-helpers="list of helpers"
This option selects which proxy_auth ntlm helpers
to build and install as part of the normal build
process. For a list of available helpers see
the helpers/ntlm_auth directory.
--enable-digest-auth-helpers="list of helpers"
This option selects which digest scheme proxy_auth
helpers to build and install as part of the normal
build process. For a list of available helpers see the
helpers/digest_auth directory.
--enable-negotiate-auth-helpers="list of helpers"
This option selects which negotiate scheme authentication
helpers to build and install as part of the normal build
process. For a list of available helpers see the
helpers/negotiate_auth directory.
--enable-ntlm-fail-open Enable NTLM fail open, where a helper that fails one of the
Authentication steps can allow squid to still authenticate
the user.
--enable-external-acl-helpers="list of helpers"
This option selects which external_acl helpers to
build and install as part of the normal build
process. For a list of available helpers see the
helpers/external_acl directory.
--disable-unlinkd Do not use unlinkd
--enable-stacktraces Enable automatic call backtrace on fatal errors
--enable-x-accelerator-vary
Enable support for the X-Accelerator-Vary
HTTP header. Can be used to indicate
variance within an accelerator setup.
Typically used together with other code
that adds custom HTTP headers to the requests.
--enable-follow-x-forwarded-for
Enable support for following the X-Forwarded-For
HTTP header to try to find the IP address of the
original or indirect client when a request has
been forwarded through other proxies.
Optional Packages:
--with-PACKAGE[=ARG] use PACKAGE [ARG=yes]
--without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no)
--with-valgrind-debug Include debug instrumentation for use with valgrind
--with-aufs-threads=N_THREADS
Tune the number of worker threads for the aufs object
store.
--with-pthreads Use POSIX Threads
--with-aio Use POSIX AIO
--with-dl Use dynamic linking
--with-openssl=prefix
Compile with the OpenSSL libraries. The path to
the OpenSSL development libraries and headers
installation can be specified if outside of the
system standard directories
--with-coss-membuf-size COSS membuf size (default 1048576 bytes)
--with-large-files Enable support for large files (logs etc).
--with-build-environment=model
The build environment to use. Normally one of
POSIX_V6_ILP32_OFF32 32 bits
POSIX_V6_ILP32_OFFBIG 32 bits with large file support
POSIX_V6_LP64_OFF64 64 bits
POSIX_V6_LPBIG_OFFBIG large pointers and files
XBS5_ILP32_OFF32 32 bits (legacy)
XBS5_ILP32_OFFBIG 32 bits with large file support (legacy)
XBS5_LP64_OFF64 64 bits (legacy)
XBS5_LPBIG_OFFBIG large pointers and files (legacy)
default The default for your OS
--with-maxfd=N Override maximum number of filedescriptors. Useful
if you build as another user who is not privileged
to use the number of filedescriptors you want the
resulting binary to support
Some influential environment variables:
CC C compiler command
CFLAGS C compiler flags
LDFLAGS linker flags, e.g. -L
if you have libraries in a
nonstandard directory
CPPFLAGS C/C++ preprocessor flags, e.g. -I if you have
headers in a nonstandard directory
CPP C preprocessor
Use these variables to override the choices made by `configure' or to help
it to find libraries and programs with nonstandard names/locations.
Report bugs to .
我的编译参数
./configure --prefix=/usr/local/squid --disable-carp \ --enable-snmp --disable-internal-dns --enable-async-io --disable-kqueue \ --enable-storeio=diskd,null,ufs,aufs --disable-useragent-log \ --disable-referer-log --with-large-files \ --enable-large-cache-files --disable-wccp --with-pthreads \ --disable-ident-lookups --maxfd=8192
–disable-carp 禁止CARP
–enable-snmp 打开SNMP的支持,因为要收集squid的数据,命中率等。
–disable-internal-dns 禁止内部DNS,使用外部的~squid/libexec/dnserver。
–enable-async-io 使用异步I/O。
–with-large-files –enable-large-cache-files 支持>2G的文件。
–maxfd=8192 加大打开文件的数目,早期的版本需要在编译前运行ulimit -HSn 8192。
编译安装:
make make install
相关阅读 更多 +
