#!/bin/bash
wget http://www.squid-cache.org/Versions/v2/2.6/squid-2.6.STABLE6.tar.bz2
tar jxvf squid-2.6.STABLE6.tar.bz2
./configure --prefix=/usr/local/squid \
--enable-async-io=320\
--enable-storeio="aufs,diskd,ufs"\
--enable-useragent-log \
--enable-referer-log \
--enable-kill-parent-hack \
--enable-forward-log \
--enable-snmp \
--enable-cache-digests \
--enable-default-err-language=Simplify_Chinese\
--enable-epoll \
--enable-removal-policies="heap,lru"\
--enable-large-cache-files \
--disable-internal-dns \
--enable-x-accelerator-vary \
--enable-follow-x-forwarded-for \
--disable-ident-lookups \
--with-large-files \
--with-filedescriptors=65536
cat >>/usr/local/squid/etc/squid.conf<
visible_hostname cache1.taobao.com
http_port 192.168.1.44:80 vhost vport
icp_port 0
cache_mem 512 MB
cache_swap_low 90
cache_swap_high 95
maximum_object_size 20000 KB
maximum_object_size_in_memory 4096 KB
cache_dir ufs /tmp1 3000 32 256
cache_store_log none
emulate_httpd_log on
efresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
negative_ttl 5 minutes
positive_dns_ttl 6 hours
negative_dns_ttl 1 minute
connect_timeout 1 minute
read_timeout 15 minutes
request_timeout 5 minutes
client_lifetime 1 day
half_closed_clients on
maximum_single_addr_tries 1
uri_whitespace strip
ie_refresh off
logformat combined %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %h" "%{User-Agent}>h" %Ss:%Sh
pid_filename /var/log/squid/squid.pid
cache_log /var/log/squid/cache.log
access_log /var/log/squid/access.log combined
acl all src 0.0.0.0/0.0.0.0
acl QUERY urlpath_regex cgi-bin .php .cgi .avi .wmv .rm .ram .mpg .mpeg .zip .exe
cache deny QUERY
acl picurl url_regex -i \.bmp$ \.png$ \.jpg$ \.gif$ \.jpeg$
acl mystie1 referer_regex -i aaa
http_access allow mystie1 picurl
acl mystie2 referer_regex -i bbb
http_access allow mystie2 picurl
acl nullref referer_regex -i ^$
http_access allow nullref
acl hasref referer_regex -i .+
http_access deny hasref picurl
cache_peer 10.10.10.56 parent 80 0 no-query originserver name=web1 round-robin
cache_peer 10.10.10.57 parent 80 0 no-query originserver name=web2 round-robin
#请自己改域名 比如123.com www.123.com *.123.com
cache_peer_domain all .123.com
cache_effective_user nobody
cache_effective_group nobody
acl localhost src 127.0.0.1
acl my_other_proxy srcdomain .a.com
follow_x_forwarded_for allow localhost
follow_x_forwarded_for allow all #允许转发 head ip 头
acl_uses_indirect_client on #只有2.6才有这这个个参数
delay_pool_uses_indirect_client on #只有2.6才有这这个个参数
log_uses_indirect_client on # 只有2.6才有这这个个参数
#refresh_pattern ^ftp: 60 20% 10080
#refresh_pattern ^gopher: 60 0% 1440
#refresh_pattern ^gopher: 60 0% 1440
#refresh_pattern . 0 20% 1440
refresh_pattern -i \.css$ 360 50% 2880
refresh_pattern -i \.js$ 1440 50% 2880
refresh_pattern -i \.html$ 720 50% 1440
refresh_pattern -i \.jpg$ 1440 90% 2880
refresh_pattern -i \.gif$ 1440 90% 2880
refresh_pattern -i \.swf$ 1440 90% 2880
refresh_pattern -i \.jpg$ 1440 50% 2880
refresh_pattern -i \.png$ 1440 50% 2880
refresh_pattern -i \.bmp$ 1440 50% 2880
refresh_pattern -i \.doc$ 1440 50% 2880
refresh_pattern -i \.ppt$ 1440 50% 2880
refresh_pattern -i \.xls$ 1440 50% 2880
refresh_pattern -i \.pdf$ 1440 50% 2880
refresh_pattern -i \.rar$ 1440 50% 2880
refresh_pattern -i \.zip$ 1440 50% 2880
refresh_pattern -i \.txt$ 1440 50% 2880
EOF
#建立缓存和日志目录,并改变权限使squid能写入
mkdir /tmp1
mkdir /var/log/squid
chown -R nobody:nobody /tmp1
chmod 666 /tmp1
chown -R nobody:nobody /var/log/squid
#首次运行squid要先建立缓存
/usr/local/squid/sbin/squid -z
#启动squid
echo "65535" >/proc/sys/fs/file-max
ulimit -HSn 65535
/usr/local/squid/sbin/squid