ÄúÏÖÔÚµÄλÖ㺠Linux½Ì³Ì - ´úÀí·þÎñ - ´úÀí·þÎñÆ÷µÄÅäÖÃÓëÓ¦ÓÃ

´úÀí·þÎñÆ÷µÄÅäÖÃÓëÓ¦ÓÃ

Ìí¼Ó¼Ç¼: Linux Àà±ð: ´úÀí·þÎñ ·¢²¼ÈÕÆÚ: 2005.06.22



        

    LinuxByte×¢: ±¾Õ¾ÓÐsocks5ºÍsquid×îа汾ÏÂÔØ!

    ´úÀí·þÎñÆ÷
    µÚÒ»½Ú ´úÀí·þÎñÆ÷¸ÅÊö
    1.1ʲôÊÇ´úÀí·þÎñÆ÷
    ÔÚTCP/IPÍøÂçÖУ¬´«Í³µÄͨÐŹý³ÌÊÇÕâÑùµÄ£º¿Í»§¶ËÏò·þÎñÆ÷ÇëÇóÊý¾Ý£¬·þÎñÆ÷ÏìÓ¦¸ÃÇëÇ󣬽«Êý¾Ý´«Ë͸ø¿Í»§¶Ë¡£ÔÚÒýÈëÁË´úÀí·þÎñÆ÷ÒÔºó£¬ÕâÒ»¹ý³Ì±ä³ÉÁËÕâÑù£º¿Í»§¶ËÏò·þÎñÆ÷·¢ÆðÇëÇ󣬸ÃÇëÇó±»Ë͵½´úÀí·þÎñÆ÷£»´úÀí·þÎñÆ÷·ÖÎö¸ÃÇëÇó£¬ÏȲ鿴×Ô¼º»º´æÖÐÊÇ·ñÓÐÇëÇóÊý¾Ý£¬Èç¹ûÓоÍÖ±½Ó´«Ë͸ø¿Í»§¶Ë£¬Èç¹ûûÓоʹúÌæ¿Í»§¶ËÏò¸Ã·þÎñÆ÷·¢³öÇëÇó¡£·þÎñÆ÷ÏìÓ¦ÒԺ󣬴úÀí·þÎñÆ÷½«ÏìÓ¦µÄÊý¾Ý´«Ë͸ø¿Í»§¶Ë£¬Í¬Ê±ÔÚ×Ô¼ºµÄ»º´æÖб£ÁôÒ»·Ý¸ÃÊý¾ÝµÄ¿½±´¡£ÕâÑù£¬ÔÙÓпͻ§¶ËÇëÇóÏàͬµÄÊý¾Ýʱ£¬´úÀí·þÎñÆ÷¾Í¿ÉÒÔÖ±½Ó½«Êý¾Ý´«Ë͸ø¿Í»§¶Ë£¬¶ø²»ÐèÒªÔÙÏò¸Ã·þÎñÆ÷·¢ÆðÇëÇó¡£

    1.2 ´úÀí·þÎñÆ÷µÄ¹¦ÄÜ
    Ò»°ã˵À´£¬´úÀí·þÎñÆ÷¾ßÓÐÒÔÏµĹ¦ÄÜ£º
    1.ͨ¹ý»º´æÔö¼Ó·ÃÎÊËÙ¶È
    Ëæ×ÅInternetµÄѸÃÍ·¢Õ¹£¬ÍøÂç´ø¿í±äµÃÔ½À´Ô½Õä¹ó¡£ËùÒÔΪÁËÌá¸ß·ÃÎÊËٶȣ¬ºÃ¶àISP¶¼Ìṩ´úÀí·þÎñÆ÷£¬Í¨¹ý´úÀí·þÎñÆ÷µÄ»º´æ¹¦ÄÜÀ´¼Ó¿ìÍøÂçµÄ·ÃÎÊËٶȡ£Ò»°ã˵À´£¬´ó¶àÊýµÄ´úÀí·þÎñÆ÷¶¼Ö§³ÖHTTP»º´æ£¬µ«ÊÇ£¬ÓеĴúÀí·þÎñÆ÷Ò²Ö§³ÖFTP»º´æ¡£ÔÚÑ¡Ôñ´úÀí·þÎñÆ÷ʱ£¬¶ÔÓÚ´ó¶àÊýµÄ×éÖ¯£¬Ö»ÐèÒªHTTP»º´æ¹¦ÄܾÍ×ã¹»ÁË¡£
    ͨ³££¬»º´æÓÐÖ÷¶¯»º´æ±»¶¯»º´æÖ®·Ö¡£Ëùν±»¶¯»º´æ£¬Ö¸µÄÊÇ´úÀí·þÎñÆ÷Ö»ÔÚ¿Í»§¶ËÇëÇóÊý¾Ýʱ²Å½«·þÎñÆ÷·µ»ØµÄÊý¾Ý½øÐлº´æ£¬Èç¹ûÊý¾Ý¹ýÆÚÁË£¬ÓÖÓпͻ§¶ËÇëÇóÏàͬÊý¾Ýʱ£¬´úÀí·þÎñÆ÷ÓÖ±ØÐëÖØз¢ÆðеÄÊý¾ÝÇëÇó£¬ÔÚ½«ÏìÓ¦Êý¾Ý´«Ë͸ø¿Í»§¶ËʱÓÖ½øÐÐеĻº´æ¡£ËùνÖ÷¶¯»º´æ£¬¾ÍÊÇ´úÀí·þÎñÆ÷²»¶ÏµØ¼ì²é»º´æÖеÄÊý¾Ý£¬Ò»µ©ÓÐÊý¾Ý¹ýÆÚ£¬Ôò´úÀí·þÎñÆ÷Ö÷¶¯·¢ÆðеÄÊý¾ÝÇëÇóÀ´¸üÐÂÊý¾Ý¡£ÕâÑù£¬µ±Óпͻ§¶ËÇëÇó¸ÃÊý¾Ýʱ¾Í»á´ó´óËõ¶ÌÏìӦʱ¼ä¡£»¹ÐèҪ˵Ã÷µÄÊÇ£¬¶ÔÓÚÊý¾ÝÖеÄÈÏÖ¤ÐÅÏ¢£¬´ó¶àÊýµÄ´úÀí·þÎñÆ÷¶¼²»»á½øÐлº´æµÄ¡£
    2.ÌṩÓÃ˽ÓÐIP·ÃÎÊInternetµÄ·½·¨
    IPµØÖ·ÊDz»¿ÉÔÙÉúµÄ±¦¹ó×ÊÔ´£¬¼ÙÈçÄãÖ»ÓÐÓÐÏÞµÄIPµØÖ·£¬µ«ÊÇÐèÒªÌṩÕû¸ö×éÖ¯µÄInternet·ÃÎÊÄÜÁ¦£¬ÄÇô£¬Äã¿ÉÒÔͨ¹ýʹÓôúÀí·þÎñÆ÷À´ÊµÏÖÕâÒ»µã¡£
    3.Ìá¸ßÍøÂçµÄ°²È«ÐÔ
    ÕâÒ»µãÊǺÜÃ÷ÏԵģ¬Èç¹ûÄÚ²¿Óû§·ÃÎÊInternet¶¼ÊÇͨ¹ý´úÀí·þÎñÆ÷£¬ÄÇô£¬´úÀí·þÎñÆ÷¾Í³ÉΪ½øÈëInternetµÄΨһͨµÀ£»·´¹ýÀ´Ëµ£¬´úÀí·þÎñÆ÷Ò²ÊÇInternet·ÃÎÊÄÚ²¿ÍøµÄΨһͨµÀ£¬Èç¹ûÄãûÓÐ×ö·´Ïò´úÀí£¬Ôò¶ÔÓÚInternetÉϵÄÖ÷»úÀ´Ëµ£¬ÄãµÄÕû¸öÄÚ²¿ÍøÖ»ÓдúÀí·þÎñÆ÷ÊǿɼûµÄ£¬´Ó¶ø´ó´óÔöÇ¿ÁËÍøÂçµÄ°²È«ÐÔ¡£

    1.3 ´úÀí·þÎñÆ÷µÄ·ÖÀ༰Ìصã
    ͨ³£µÄ´úÀí·þÎñÆ÷·ÖÀà·½·¨£¬ÊÇ´ÓʵÏֵĻúÀí·ÖΪÏß·²ã´úÀí¡¢Ó¦Óòã´úÀí¡¢ÖÇÄÜÏß·²ã´úÀíµÈµÈ¡£ÔÚÕâÀÎÒÏë´ÓÁíÍâÒ»¸ö½Ç¶È³ö·¢£¬°Ñ´úÀí·þÎñÆ÷·ÖΪ´«Í³´úÀí·þÎñÆ÷ºÍ͸Ã÷´úÀí·þÎñÆ÷¡£
    ÎÒÈÏΪÓбØÒªºÃºÃ¸ãÇå³þÁ½ÕßµÄÇø±ð£¬Ö»ÓÐÕæÕýÃ÷°×ÁËÄÚÔڵػúÀí£¬²ÅÄÜÔÚÓöµ½ÎÊÌâʱ£¬ÓÐÕ¿ÉÑ­£¬²Å²»»áһͷÎíË®£¬²»Öª´ÓºÎ½â¾öÎÊÌâ¡£Òò´Ë£¬ÏÂÃæÎÒÃǾÍͨ¹ý¾ßÌåµÄʵÀýÀ´ËµÃ÷¡£±¾ÕµÄд×÷˼·À´Ô´ÓÚPaul RussellËùдµÄIPCHAINS-HOWTO¡£ÏÂÃæËù¾ÙµÄÀý×ÓÒ²À´Ô´ÓÚ¸ÃÎÄÕ£¬ÎÒ¾õµÃÎÒ¶Á¸ÃÎĵÄ×î´óÊÕ»ñÔÚÓÚ¶ÔÄÚ²¿Íø·ÃÎÊÍⲿÍøÒÔ¼°ÍⲿÍø·ÃÎÊÄÚ²¿ÍøµÄʵÏÖÊÖ¶ÎÓÐÁËÒ»¸öÇåÎúµÄÈÏʶ¡£µ±È»£¬ÕâÀïËùνµÄÄÚ²¿ÍøÊÇָʹÓÃ˽ÓÐIPµÄÄÚ²¿ÍøÂç¡£
    ÎÒÃǵÄÀý×Ó¶¼»ùÓÚÒÔϼÙÉ裺
    ÄãµÄÓòÃûΪsample.com,ÄãµÄÄÚ²¿Íø(192.168.1.*)Óû§Í¨¹ýproxy.sample.com(Íⲿ½Ó¿Ú eth0:1.2.3.4;ÄÚ²¿½Ó¿Ú eth1:192.168.1.1)µÄ´úÀí·þÎñÆ÷·ÃÎÊInternet£¬»»¾ä»°Ëµ£¬¸Ã´úÀí·þÎñÆ÷ÊÇΨһһֱ̨½ÓÓëInternetºÍÄÚ²¿ÍøÏàÁ¬µÄ»úÆ÷¡£²¢¼Ù¸ÃÉè´úÀí·þÎñÆ÷ÉÏÔËÐÐ×ÅijÖÖ´úÀí·þÎñÆ÷Èí¼þ£¨Èçsquid)¡£¼ÙÉèÄÚ²¿ÍøÖÐijһ¿Í»§»úΪclient.sample.com(192.168.1.100)¡£

    +-------------------+
    |ÄÚ²¿Íø(192.168.1.*)| eth1+--------+eth0 DDN
    | +------------| proxy |<===============>Internet
    |client198.168.1.100| +--------+
    +-------------------+

    eth0: 1.2.3.4
    eth1: 198.168.1.1


    1.3.1´«Í³´úÀí
    ÔÚÒÔÉÏ»ù´¡ÉÏÎÒÃÇ×öÒÔϹ¤×÷£º
    1.´úÀí·þÎñÈí¼þ±»°ó¶¨µ½´úÀí·þÎñÆ÷µÄ8080¶Ë¿Ú¡£
    2.¿Í»§¶Ëä¯ÀÀÆ÷±»ÅäÖÃʹÓôúÀí·þÎñÆ÷µÄ8080¶Ë¿Ú¡£
    3.¿Í»§¶Ë²»ÐèÒªÅäÖÃDNS¡£
    4.´úÀí·þÎñÆ÷ÉÏÐèÒªÅäÖôúÀí·þÎñÆ÷¡£
    5.¿Í»§¶Ë²»ÐèÒªÅäÖÃȱʡ·ÓÉ¡£

    µ±ÎÒÃÇÔÚ¿Í»§¶Ëä¯ÀÀÆ÷Öдò¿ªÒ»¸öwebÇëÇ󣬱ÈÈç¡°http://www.yourdomain.com¡±£¬Õâʱ½«Â½Ðø·¢ÉúÒÔÏÂʼþ£º
    1.¿Í»§¶ËʹÓÃijһ¶Ë¿Ú£¨±ÈÈç1025)Á¬½Ó´úÀí·þÎñÆ÷8080¶Ë¿Ú£¬ÇëÇówebÒ³Ãæ¡°http://www.yourdomain.com¡±
    2.´úÀí·þÎñÆ÷ÏòDNSÇëÇó¡°www.yourdomain.com¡±,µÃµ½ÏàÓ¦µÄIPµØÖ·202.99.11.120¡£È»ºó£¬´úÀí·þÎñÆ÷ʹÓÃijһ¶Ë¿Ú£¨±ÈÈç1037)Ïò¸ÃIPµØÖ·µÄ80¶Ë¿Ú·¢ÆðwebÁ¬½ÓÇëÇó£¬ÇëÇówebÒ³Ãæ¡£
    3.ÊÕµ½ÏìÓ¦µÄwebÒ³Ãæºó£¬´úÀí·þÎñÆ÷°Ñ¸ÃÊý¾Ý´«Ë͸ø¿Í»§¶Ë¡£
    4.¿Í»§¶Ëä¯ÀÀÆ÷ÏÔʾ¸ÃÒ³Ãæ¡£

    ´Ówww.yourdomain.comµÄ½Ç¶È¿´À´£¬Á¬½ÓÊÇÔÚ1.2.3.4µØ1037¶Ë¿ÚºÍ202.99.11.120µÄ80¶Ë¿ÚÖ®¼ä½¨Á¢µÄ¡£´ÓclientµÄ½Ç¶È¿´À´£¬Á¬½ÓÊÇÔÚ192.168.1.100µÄ1025¶Ë¿ÚºÍ1.2.3.4µÄ8080¶Ë¿ÚÖ®¼ä½¨Á¢µÄ¡£

    1.3.2 ͸Ã÷´úÀí
    ͸Ã÷´úÀíµÄÒâ˼ÊÇ¿Í»§¶Ë¸ù±¾²»ÐèÒªÖªµÀÓдúÀí·þÎñÆ÷µÄ´æÔÚ¡£
    ÔÚÒÔÉÏ»ù´¡ÉÏÎÒÃÇ×öÒÔϹ¤×÷£º
    1.ÅäÖÃ͸Ã÷´úÀí·þÎñÆ÷Èí¼þÔËÐÐÔÚ´úÀí·þÎñÆ÷µÄ8080¶Ë¿Ú¡£
    2.ÅäÖôúÀí·þÎñÆ÷½«ËùÓжÔ80¶Ë¿ÚµÄÁ¬½ÓÖض¨Ïòµ½8080¶Ë¿Ú¡£
    3.ÅäÖÿͻ§¶Ëä¯ÀÀÆ÷Ö±½ÓÁ¬½âµ½Internet¡£
    4.ÔÚ¿Í»§¶ËÅäÖúÃDNS.
    5.ÅäÖÿͻ§¶ËµÄȱʡÍø¹ØΪ192.168.1.1.

    µ±ÎÒÃÇÔÚ¿Í»§¶Ëä¯ÀÀÆ÷Öдò¿ªÒ»¸öwebÇëÇ󣬱ÈÈç¡°http://www.yourdomain.com¡±£¬Õâʱ½«Â½Ðø·¢ÉúÒÔÏÂʼþ£º
    1.¿Í»§¶ËÏòDNSÇëÇó¡°www.yourdomain.com¡±,µÃµ½ÏàÓ¦µÄIPµØÖ·202.99.11.120¡£È»ºó£¬¿Í»§¶ËʹÓÃijһ¶Ë¿Ú£¨±ÈÈç1066)Ïò¸ÃIPµØÖ·µÄ80¶Ë¿Ú·¢ÆðwebÁ¬½ÓÇëÇó£¬ÇëÇówebÒ³Ãæ¡£
    2.µ±¸ÃÇëÇó°üͨ¹ý͸Ã÷´úÀí·þÎñÆ÷ʱ£¬±»Öض¨Ïòµ½´úÀí·þÎñÆ÷µÄ°ó¶¨¶Ë¿Ú8080¡£ÓÚÊÇ£¬Í¸Ã÷´úÀí·þÎñÆ÷ÓÃijһ¶Ë¿Ú£¨±ÈÈç1088)Ïò202.99.11.120µÄ80¶Ë¿Ú·¢ÆðwebÁ¬½ÓÇëÇó£¬ÇëÇówebÒ³Ãæ¡£
    3.ÊÕµ½ÏìÓ¦µÄwebÒ³Ãæºó£¬´úÀí·þÎñÆ÷°Ñ¸ÃÊý¾Ý´«Ë͸ø¿Í»§¶Ë¡£
    4.¿Í»§¶Ëä¯ÀÀÆ÷ÏÔʾ¸ÃÒ³Ãæ¡£

    ´Ówww.yourdomain.comµÄ½Ç¶È¿´À´£¬Á¬½ÓÊÇÔÚ1.2.3.4µØ1088¶Ë¿ÚºÍ202.99.11.120µÄ80¶Ë¿ÚÖ®¼ä½¨Á¢µÄ¡£´ÓclientµÄ½Ç¶È¿´À´£¬Á¬½ÓÊÇÔÚ192.168.1.100µÄ1066¶Ë¿ÚºÍ202.99.11.120µÄ80¶Ë¿ÚÖ®¼ä½¨Á¢µÄ¡£

    ÒÔÉϾÍÊÇ´«Í³´úÀí·þÎñÆ÷ºÍ͸Ã÷´úÀí·þÎñÆ÷µÄÇø±ðËùÔÚ¡£

    µÚ¶þ½Ú ¸÷ÖÖ´úÀí·þÎñÆ÷µÄ±È½Ï
    linuxϵĴúÀí·þÎñÆ÷Èí¼þºÜ¶à£¬ÎÒ´Ówww.freshmeat.com(Ò»¸öÖøÃûµÄlinuxÈí¼þÕ¾µã£©²é¿´ÁËһϣ¬×ãÓÐÁùÊ®¶à¸ö¡£µ«ÊDZ»¹ã·ºÓ¦ÓõÄÖ»ÓÐApache¡¢socks¡¢squidµÈ¼¸¸öʵ¼ùÖ¤Ã÷ÊǸßÐÔÄܵĴúÀíÈí¼þ¡£ÏÂÃæÎÒÃÇ·Ö±ðÀ´±È½ÏÒ»ÏÂÕ⼸¸öÈí¼þ£º

    2.1 Apache
    ApacheÊÇÊÀ½çÉÏÓõÄ×î¹ã·ºµÄHTTP·þÎñÆ÷£¬Ö®ËùÒÔÓõÄ×î¹ã·º£¬ÊÇÒòΪËüÇ¿´óµÄ¹¦ÄÜ¡¢¸ßЧÂÊ¡¢°²È«ÐÔºÍËٶȡ£´Ó1.1.x°æ±¾¿ªÊ¼£¬Apache¿ªÊ¼°üº¬ÁËÒ»¸ö´úÀíÄ£¿é¡£ÓÃApache×÷´úÀí·þÎñÆ÷µÄÐÔÄÜÓÅÊƲ¢²»Ã÷ÏÔ£¬²»½¨ÒéʹÓá£


    2.2 Socks
    SocksÊÇÒ»ÖÖÍøÂç´úÀíЭÒ飬¸ÃЭÒé¿ÉÒÔÈÿͻ§»úͨ¹ýSocks·þÎñÆ÷»ñµÃ¶ÔInternetµÄÍêÈ«·ÃÎÊÄÜÁ¦¡£ScoksÔÚ·þÎñÆ÷ºÍ¿Í»§¶ËÖ®¼ä½¨Á¢Ò»¸ö°²È«µÄ´úÀíÊý¾ÝͨµÀ£¬´Ó¿Í»§µÄ½Ç¶È¿´À´£¬ScoksÊÇ͸Ã÷µÄ£»´Ó·þÎñÆ÷µÄ½Ç¶È¿´À´£¬Socks¾ÍÊÇ¿Í»§¶Ë¡£¿Í»§¶Ë²»ÐèÒª¾ßÓжÔInternetµÄÖ±½Ó·ÃÎÊÄÜÁ¦(Ò²¾ÍÊÇ˵£¬¿ÉÒÔʹÓÃ˽ÓÐIPµØÖ·£©£¬ÒòΪSocks·þÎñÆ÷Äܹ»°ÑÀ´×ÔÓÚ¿Í»§¶ËµÄÁ¬½ÓÇëÇóÖض¨Ïòµ½Internet¡£´ËÍ⣬Socks·þÎñÆ÷¿ÉÒÔ¶ÔÓû§Á¬½ÓÇëÇó½øÐÐÈÏÖ¤£¬ÔÊÐíºÏ·¨Óû§½¨Á¢´úÀíÁ¬½Ó¡£Í¬Àí£¬SocksÒ²ÄÜ·ÀÖ¹·ÇÊÚȨµÄInternetÓû§·ÃÎʼ°µÄÄÚ²¿ÍøÂç¡£ËùÒÔ³£³£°ÑSocksµ±×÷·À»ðǽÀ´Ê¹Óá£
    ³£¼ûµÄä¯ÀÀÆ÷Èçnetscape¡¢IEµÈ¿ÉÒÔÖ±½ÓʹÓÃSocks, ²¢ÇÒÎÒÃÇÒ²¿ÉÒÔʹÓÃsocsk5µÄËù´øµÄclientÀ´Ê¹ÄÇЩ²»Ö±½ÓÖ§³ÖsocksµÄinternetÈí¼þʹÓÃSocks¡£
    ¸ü¶àµÄ×ÊÁÏ¿ÉÒԲο¼Socks¹Ù·½Õ¾µãhttp://www.socks.nec.com¡£
    2.3 Squid
    ¶ÔÓÚwebÓû§À´Ëµ£¬SquidÊÇÒ»¸ö¸ßÐÔÄܵĴúÀí»º´æ·þÎñÆ÷£¬SquidÖ§³ÖFTP¡¢gopherºÍHTTPЭÒé¡£ºÍÒ»°ãµÄ´úÀí»º´æÈí¼þ²»Í¬£¬SquidÓÃÒ»¸öµ¥¶ÀµÄ¡¢·ÇÄ£¿é»¯µÄ¡¢I/OÇý¶¯µÄ½ø³ÌÀ´´¦ÀíËùÓеĿͻ§¶ËÇëÇó¡£
    Squid½«Êý¾ÝÔª»º´æÔÚÄÚ´æÖУ¬Í¬Ê±Ò²»º´æDNS²éѯµÄ½á¹û£¬³ý´ËÖ®Í⣬Ëü»¹Ö§³Ö·ÇÄ£¿é»¯µÄDNS²éѯ£¬¶Ôʧ°ÜµÄÇëÇó½øÐÐÏû¼«»º´æ¡£SquidÖ§³ÖSSL£¬Ö§³Ö·ÃÎÊ¿ØÖÆ¡£ÓÉÓÚʹÓÃÁËICP£¨ÇáÁ¿Internet»º´æЭÒ飩£¬SquidÄܹ»ÊµÏÖ²ãµþµÄ´úÀíÕóÁУ¬´Ó¶ø×î´óÏ޶ȵؽÚÔ¼´ø¿í¡£
    SquidÓÉÒ»¸öÖ÷ÒªµÄ·þÎñ³ÌÐòsquid,Ò»¸öDNS²éѯ³ÌÐòdnsserver£¬¼¸¸öÖØдÇëÇóºÍÖ´ÐÐÈÏÖ¤µÄ³ÌÐò£¬ÒÔ¼°¼¸¸ö¹ÜÀí¹¤¾ß×é³É¡£µ±SquidÆô¶¯ÒÔºó£¬Ëü¿ÉÒÔÅÉÉú³öÔ¤ÏÈÖ¸¶¨ÊýÄ¿µÄdnsserver½ø³Ì£¬¶øÿһ¸ödnsserver½ø³Ì¶¼¿ÉÒÔÖ´Ðе¥¶ÀµÄDNS²éѯ£¬ÕâÑùÒ»À´¾Í´ó´ó¼õÉÙÁË·þÎñÆ÷µÈ´ýDNS²éѯµÄʱ¼ä¡£
    2.4 Ñ¡Ôñ
    ´ÓÉÏÃæµÄ±È½Ï¿ÉÒÔ¿´³ö£¬ApacheÖ÷Òª¹¦ÄÜÊÇweb·þÎñÆ÷£¬´úÀí¹¦ÄÜÖ»²»¹ýÊÇÆäÒ»¸öÄ£¿é¶øÒÑ£¬SocksËäȻǿ´ó£¬µ«ÓÐÇ·Áé»î£¬Òò´ËÎÒÃÇ×ÅÖØÍƼöÄãʹÓÃSquid¡£ÏÂÃæµÄÕ½ÚÎÒÃǾÍÒ»ÆðÀ´Ñ§Ï°Squid¼¤¶¯ÈËÐĵÄÌØÐÔ¼°Ïà¹ØµÄ°²×°ÓëÅäÖá£

    µÚÈý½Ú °²×°Squid Proxy Server

    3.1»ñÈ¡Èí¼þ
    Äã¿ÉÒÔͨ¹ýÒÔÏÂ;¾¶»ñÈ¡¸ÃÈí¼þ£º
    1.´ÓSquidµÄ¹Ù·½Õ¾µãhttp://www.squid-cache.orgÏÂÔظÃÈí¼þ£»
    2.´ÓÄãµÄlinux·¢Ðа汾ÖлñÈ¡¸ÃÈí¼þ£»
    ͨ³££¬SquidÈí¼þ°üÓÐÁ½ÖÖ£ºÒ»ÖÖÊÇÔ´´úÂ룬ÏÂÔغóÐèÒª×Ô¼ºÖØбàÒ룻¿ÉÖ´ÐÐÎļþ£¬ÏÂÔغóÖ»Ðè½âѹ¾Í¿ÉÒÔʹÓã»ÁíÒ»ÖÖÊǾÍÊÇRedHatËùʹÓõÄrpm°ü¡£ÏÂÃæÎÒÃǷֱ𽲽²ÕâÁ½ÖÖÈí¼þ°üµÄ°²×°·½·¨¡£

    3.2°²×°Èí¼þ
    ÎÒÃÇÒÔÄ¿Ç°×îеÄÎȶ¨°æ±¾squid-2.3.STABLEXΪÀý¡£
    3.2.1rpm°üµÄ°²×°
    1.½øÈë/mnt/cdrom/RedHat/RPMS
    2.Ö´ÐÐrpm -ivh squid-2.2.STABLE4-8.i386.rpm¡£
    µ±È»£¬ÎÒÃÇÒ²¿ÉÒÔÔÚ¿ªÊ¼°²×°ÏµÍ³µÄ¹ý³ÌÖа²×°¸ÃÈí¼þ¡£

    3.2.2 Ô´´úÂë°üµÄ°²×°
    1.´Óhttp://www.squid-cache.orgÏÂÔØsquid-2.3.STABLE2-src.tar.gz¡£
    2.½«¸ÃÎļþ¿½±´µ½/usr/localĿ¼¡£
    3.½â¿ª¸ÃÎļþ tar xvzf squid-2.3.STABLE2-src.tar.gz¡£
    4.½â¿ªºó£¬ÔÚ/usr/localÉú³ÉÒ»¸öеÄĿ¼squid-2.3.STABLE2£¬ÎªÁË·½±ãÓÃmvÃüÁ ¸ÃĿ¼ÖØÃüÃûΪsquid mv squid-2.3.STABLE2 squid;
    5.½øÈësquid cd squid
    6.Ö´ÐÐ./configure ¿ÉÒÔÓÃ./confgure --prefix=/directory/you/wantÖ¸¶¨°²×°Ä¿Â¼
    ϵͳȱʡ°²×°Ä¿Â¼Îª/usr/local/squid¡£
    7.Ö´ÐÐ make all
    8.Ö´ÐÐ make install
    9.°²×°½áÊøºó£¬squidµÄ¿ÉÖ´ÐÐÎļþÔÚ°²×°Ä¿Â¼µÄbin×ÓĿ¼Ï£¬ÅäÖÃÎļþÔÚetc×ÓĿ¼Ï¡£

    µÚËÄ½Ú ÅäÖÃsquid»ù´¡Æª¡ª¡ªÈôúÀí·þÎñÆ÷ÅÜÆðÀ´
    ÓÉÓÚRedHat¸÷·½ÃæµÄÓÅÊÆ£¨°üÀ¨Ò×ÓÃÐÔ£¬Îȶ¨ÐԵȵȣ©£¬È«ÊÀ½ç·¶Î§ÄÚʹÓø÷¢ÐаæµÄÓû§±È½Ï¶à£¬ËùÒÔ£¬ÎÒÃÇÏÂÃæµÄ˵Ã÷¶¼ÊÇÒÔRedHat6.1»·¾³ÏÂsquid-2.2.STABLE4-8°æ±¾ÎªÖ÷¡£´ÓÎÒµÄʹÓþ­Ñé¿´À´£¬¸Ã°æ±¾µÄsquidÒª±ÈÆäËû°æ±¾Îȶ¨µÄ¶à£¬ÒÔÇ°µÄ1.1.22°æ±¾Ò²±È½ÏÎȶ¨£¬µ«ÊÇÔÚ¹¦Äܼ°Áé»îÐÔ·½ÃæÓÐËùǷȱ¡£
    squidÓÐÒ»¸öÖ÷ÒªµÄÅäÖÃÎļþsquid.conf,ÔÚRedHat»·¾³ÏÂËùÓÐsquidµÄÅäÖÃÎļþλÓÚ/etc/squid×ÓĿ¼Ï¡£

    4.1³£ÓõÄÅäÖÃÑ¡Ïî
    ÒòΪȱʡµÄÅäÖÃÎļþÓÐÎÊÌ⣬ËùÒÔÎÒÃDZØÐëÊ×ÏÈÐ޸ĸÃÅäÖÃÎļþµÄÓйØÄÚÈÝ,ÒÔ±ãÈÃsquidÅÜÆðÀ´¡£
    ÏÂÃæÎÒÃÇÀ´¿´Ò»¿´squid.confÎļþµÄ½á¹¹ÒÔ¼°Ò»Ð©³£ÓõÄÑ¡Ï
    squid.confÅäÖÃÎļþµÄ¿ÉÒÔ·ÖΪʮÈý¸ö²¿·Ö£¬ÕâÊ®Èý¸ö²¿·Ö·Ö±ðÊÇ£º
    1.NETWORK OPTIONS £¨ÓйصÄÍøÂçÑ¡Ï
    2.OPTIONS WHICH AFFECT THE NEIGHBOR SELECTION ALGORITHM £¨×÷ÓÃÓÚÁÚ¾ÓÑ¡ÔñËã ·¨µÄÓйØÑ¡Ï
    3.OPTIONS WHICH AFFECT THE CACHE SIZE £¨¶¨Òåcache´óСµÄÓйØÑ¡Ï
    4.LOGFILE PATHNAMES AND CACHE DIRECTORIES (¶¨ÒåÈÕÖ¾ÎļþµÄ·¾¶¼°cacheµÄĿ¼£©
    5.OPTIONS FOR EXTERNAL SUPPORT PROGRAMS £¨Íⲿ֧³Ö³ÌÐòÑ¡Ï
    6.OPTIONS FOR TUNING THE CACHE £¨µ÷ÕûcacheµÄÑ¡Ï
    7.TIMEOUTS £¨³¬Ê±£©
    8.ACCESS CONTROLS £¨·ÃÎÊ¿ØÖÆ£©
    9.ADMINISTRATIVE PARAMETERS £¨¹ÜÀí²ÎÊý£©
    10.OPTIONS FOR THE CACHE REGISTRATION SERVICE £¨cache×¢²á·þÎñÑ¡Ï
    11.HTTPD-ACCELERATOR OPTIONS £¨HTTPD¼ÓËÙÑ¡Ï
    12.MISCELLANEOUS £¨ÔÓÏ
    13.DELAY POOL PARAMETERS £¨ÑÓʱ³Ø²ÎÊý£©
    ËäÈ»squidµÄÅäÖÃÎļþºÜÅӴ󣬵«ÊÇÈç¹ûÄãÖ»ÊÇΪһ¸öÖÐСÐÍÍøÂçÌṩ´úÀí·þÎñ£¬²¢ÇÒÖ»×¼±¸Ê¹ÓÃһ̨·þÎñÆ÷£¬ÄÇô£¬ÄãÖ»ÐèÒªÐÞ¸ÄÅäÖÃÎļþÖеļ¸¸öÑ¡Ïî¡£ÕâЩ¼¸¸ö³£ÓÃÑ¡Ïî·Ö±ðÊÇ£º

    1.http_port
    ˵Ã÷£º¶¨Òåsquid¼àÌýHTTP¿Í»§Á¬½ÓÇëÇóµÄ¶Ë¿Ú¡£È±Ê¡ÊÇ3128£¬Èç¹ûʹÓÃHTTPD¼ÓËÙģʽ ÔòΪ80¡£Äã¿ÉÒÔÖ¸¶¨¶à¸ö¶Ë¿Ú£¬µ«ÊÇËùÓÐÖ¸¶¨µÄ¶Ë¿Ú¶¼±ØÐëÔÚÒ»ÌõÃüÁîÐÐÉÏ¡£

    2.cache_mem (bytes)
    ˵Ã÷£º¸ÃÑ¡ÏîÓÃÓÚÖ¸¶¨squid¿ÉÒÔʹÓõÄÄÚ´æµÄÀíÏëÖµ¡£Õⲿ·ÖÄÚ´æ±»ÓÃÀ´´æ´¢ÒÔ϶ÔÏó £º
    In-Transit objects £¨´«ÈëµÄ¶ÔÏó£©
    Hot Objects £¨ÈȶÔÏ󣬼´Óû§³£·ÃÎʵĶÔÏó£©
    Negative-Cached objects £¨Ïû¼«´æ´¢µÄ¶ÔÏó£©
    ÐèҪעÒâµÄÊÇ£¬ÕⲢûÓÐÖ¸Ã÷squidËùʹÓõÄÄÚ´æÒ»¶¨²»Äܳ¬¹ý¸ÃÖµ£¬Æäʵ£¬¸ÃÑ¡ÏîÖ» ¶¨ÒåÁËsquidËùʹÓõÄÄÚ´æµÄÒ»¸ö·½Ã棬squid»¹ÔÚÆäËû·½ÃæʹÓÃÄÚ´æ¡£ËùÒÔsquidʵ¼Ê ʹÓõÄÄÚ´æ¿ÉÄܳ¬¹ý¸ÃÖµ¡£È±Ê¡ÖµÎª8MB¡£

    3.cache_dir Directory-Name Mbytes Level-1 Level2

    ˵Ã÷£ºÖ¸¶¨squidÓÃÀ´´æ´¢¶ÔÏóµÄ½»»»¿Õ¼äµÄ´óС¼°ÆäĿ¼½á¹¹¡£¿ÉÒÔÓöà¸öcache_dirÃüÁîÀ´¶¨Òå¶à¸öÕâÑùµÄ½»»»¿Õ¼ä£¬
    ²¢ÇÒÕâЩ½»»»¿Õ¼ä¿ÉÒÔ·Ö²¼²»Í¬µÄ´ÅÅÌ·ÖÇø¡£\"directory \"Ö¸Ã÷Á˸ý»»»¿Õ¼äµÄ¶¥¼¶Ä¿Â¼¡£Èç¹ûÄãÏëÓÃÕû¸ö´ÅÅÌÀ´×÷Ϊ½»»»
    ¿Õ¼ä£¬ÄÇôÄã¿ÉÒÔ½«¸ÃĿ¼×÷ΪװÔص㽫Õû¸ö´ÅÅÌmountÉÏÈ¥¡£È±Ê¡ÖµÎª/var/spool/squid¡£¡°Mbytes¡±¶¨ÒåÁË¿ÉÓõĿռä×ÜÁ¿¡£
    ÐèҪעÒâµÄÊÇ£¬squid½ø³Ì±ØÐëÓµÓжԸÃĿ¼µÄ¶ÁдȨÁ¦¡£¡°Level-1¡±ÊÇ¿ÉÒÔÔڸö¥¼¶Ä¿Â¼Ï½¨Á¢µÄµÚÒ»¼¶×ÓĿ¼µÄÊýÄ¿£¬È±Ê¡
    ֵΪ16¡£Í¬Àí£¬¡°Level-2¡±ÊÇ¿ÉÒÔ½¨Á¢µÄµÚ¶þ¼¶×ÓĿ¼µÄÊýÄ¿£¬È±Ê¡ÖµÎª256¡£ÎªÊ²Ã´Òª¶¨ÒåÕâô¶à×ÓĿ¼ÄØ£¿ÕâÊÇÒòΪÈç¹û×Ó
    Ŀ¼̫ÉÙ£¬Ôò´æ´¢ÔÚÒ»¸ö×ÓĿ¼ÏµÄÎļþÊýÄ¿½«´ó´óÔö¼Ó£¬ÕâÒ²»áµ¼ÖÂϵͳѰÕÒijһ¸öÎļþµÄʱ¼ä´ó´óÔö¼Ó£¬´Ó¶øʹϵͳµÄÕû
    ÌåÐÔÄܼ±¾ç½µµÍ¡£ËùÒÔ£¬ÎªÁ˼õÉÙÿ¸öĿ¼ÏµÄÎļþÊýÁ¿£¬ÎÒÃDZØÐëÔö¼ÓËùʹÓõÄĿ¼µÄÊýÁ¿¡£Èç¹û½ö½öʹÓÃÒ»¼¶×ÓĿ¼Ôò¶¥
    ¼¶Ä¿Â¼ÏµÄ×ÓĿ¼ÊýÄ¿Ì«´óÁË£¬ËùÒÔÎÒÃÇʹÓÃÁ½¼¶×ÓĿ¼½á¹¹¡£
    ÄÇô£¬ÔõôÀ´È·¶¨ÄãµÄϵͳËùÐèÒªµÄ×ÓĿ¼ÊýÄ¿ÄØ£¿ÎÒÃÇ¿ÉÒÔÓÃÏÂÃæµÄ¹«Ê½À´¹ÀËã¡£
    ÒÑÖªÁ¿£º
    DS = ¿ÉÓý»»»¿Õ¼ä×ÜÁ¿£¨µ¥Î»KB£©/ ½»»»¿Õ¼äÊýÄ¿
    OS = ƽ¾ùÿ¸ö¶ÔÏóµÄ´óС= 20k
    NO = ƽ¾ùÿ¸ö¶þ¼¶×ÓĿ¼Ëù´æ´¢µÄ¶ÔÏóÊýÄ¿ = 256

    δ֪Á¿£º
    L1 = Ò»¼¶×ÓĿ¼µÄÊýÁ¿
    L2 = ¶þ¼¶×ÓĿ¼µÄÊýÁ¿

    ¼ÆË㹫ʽ£º
    L1 x L2 = DS / OS / NO
    ×¢ÒâÕâÊǸö²»¶¨·½³Ì£¬¿ÉÒÔÓжà¸ö½â¡£

    4.acl
    ˵Ã÷£º¶¨Òå·ÃÎÊ¿ØÖÆÁÐ±í¡£
    ¶¨ÒåÓ﷨Ϊ£º
    acl aclname acltype string1 ...
    acl aclname acltype \"file\" ...
    µ±Ê¹ÓÃÎļþʱ£¬¸ÃÎļþµÄ¸ñʽΪÿÐаüº¬Ò»¸öÌõÄ¿¡£
    acltype ¿ÉÒÔÊÇ src dst srcdomain dstdomain url_pattern urlpath_pattern time port proto method browser user ÖеÄÒ»ÖÖ¡£
    ·Ö±ð˵Ã÷ÈçÏ£º
    src Ö¸Ã÷Ô´µØÖ·¡£¿ÉÒÔÓÃÒÔϵķ½·¨Ö¸¶¨£º
    acl aclname src ip-address/netmask ... (¿Í»§ipµØÖ·)
    acl aclname src addr1-addr2/netmask ... (µØÖ··¶Î§)
    dst Ö¸Ã÷Ä¿±êµØÖ·¡£Ó﷨Ϊ£º
    acl aclname dst ip-address/netmask ... (¼´¿Í»§ÇëÇóµÄ·þÎñÆ÷µÄipµØÖ·)
    srcdomain Ö¸Ã÷¿Í»§ËùÊôµÄÓò¡£Ó﷨Ϊ£º
    acl aclname srcdomain foo.com ... squid½«¸ù¾Ý¿Í»§ip·´Ïò²éѯDNS¡£
    dstdomain Ö¸Ã÷ÇëÇó·þÎñÆ÷ËùÊôµÄÓò¡£Ó﷨Ϊ£º
    acl aclname dstdomain foo.com ... ÓÉ¿Í»§ÇëÇóµÄURL¾ö¶¨¡£
    ×¢Ò⣬Èç¹ûÓû§Ê¹Ó÷þÎñÆ÷ip¶ø·ÇÍêÕûµÄÓòÃûʱ£¬squid½«½øÐз´ÏòµÄDNS½âÎöÀ´È· ¶¨ÆäÍêÕûÓòÃû£¬Èç¹ûʧ°Ü¾Í¼Ç¼Ϊ¡°none¡±¡£
    time Ö¸Ã÷·ÃÎÊʱ¼ä¡£Óï·¨ÈçÏ£º
    acl aclname time [day-abbrevs] [h1:m1-h2:m2][hh:mm-hh:mm]
    day-abbrevs:
    S - Sunday
    M - Monday
    T - Tuesday
    W - Wednesday
    H - Thursday
    F - Friday
    A - Saturday
    h1:m1 ±ØÐëСÓÚ h2:m2£¬±í´ïʾΪ[hh:mm-hh:mm]¡£
    port Ö¸¶¨·ÃÎʶ˿ڡ£¿ÉÒÔÖ¸¶¨¶à¸ö¶Ë¿Ú£¬±ÈÈ磺
    acl aclname port 80 70 21 ...
    acl aclname port 0-1024 ... £¨Ö¸¶¨Ò»¸ö¶Ë¿Ú·¶Î§£©
    proto Ö¸¶¨Ê¹ÓÃЭÒé¡£¿ÉÒÔÖ¸¶¨¶à¸öЭÒ飺
    acl aclname proto HTTP FTP ...
    method Ö¸¶¨ÇëÇó·½·¨¡£±ÈÈ磺
    acl aclname method GET POST ...

    5.http_access
    ˵Ã÷£º¸ù¾Ý·ÃÎÊ¿ØÖÆÁбíÔÊÐí»ò½ûֹijһÀàÓû§·ÃÎÊ¡£
    Èç¹ûij¸ö·ÃÎÊûÓÐÏà·ûºÏµÄÏîÄ¿,ÔòȱʡΪӦÓÃ×îºóÒ»ÌõÏîÄ¿µÄ¡°·Ç¡±¡£±ÈÈç×îºóÒ»ÌõΪÔÊÐí£¬Ôòȱʡ¾ÍÊǽûÖ¹¡£ËùÒÔ£¬Í¨³£Ó¦¸Ã°Ñ×îºóµÄÌõÄ¿ÉèΪ\"deny all\" »ò \"allow all\" À´±ÜÃⰲȫÐÔÒþ»¼¡£

    4.2 Ó¦ÓÃʵÀý
    ¼ÙÏëÇé¾°£ºÄ³¹«Ë¾ÓÃsquid×÷´úÀí·þÎñÆ÷£¬¸Ã´úÀí·þÎñÆ÷ÅäÖÃΪPII450/256M/8.4G,¹«Ë¾ËùÓÃip¶ÎΪ1.2.3.0/24,²¢ÇÒÏëÓÃ8080×÷Ϊ´úÀí¶Ë¿Ú¡£
    ÔòÏàÓ¦µÄsquidÅäÖÃÑ¡ÏîΪ£º
    1.http_port
    http_port 8080

    2.cache_mem
    ˼·£ºÓÉÓڸ÷þÎñÆ÷Ö»Ìṩ´úÀí·þÎñ£¬ËùÒÔ¸ÃÖµ¿ÉÒÔ¾¡Á¿ÉèµÃ´óһЩ¡£
    cache_mem 194M

    3.cache_dir Directory-Name Mbytes Level-1 Level2
    ˼·£ºÓ²ÅÌΪ8.4GµÄ£¬ÔÚ°²×°ÏµÍ³Ê±Ó¦¸Ã×öºÃ¹æ»®£¬Îª²»Í¬µÄÎļþϵͳ»®·Ö¿ÉÓÿռ䡣ÔÚ±¾ÀýÖУ¬ÎÒÃÇ¿ÉÒÔÕâÑùÀ´»®·Ö£º
    /cache1 3.5G
    /cache2 3.5G
    /var 400M
    swap 127M
    / Ê£Óಿ·Ö
    ²¢ÇÒ£¬ÔÚ°²×°Ê±£¬ÎÒÃǾ¡Á¿²»°²×°²»±ØÒªµÄ°ü¡£ÕâÑùÔÚ½ÚÔ¼¿Õ¼äµÄͬʱ¿ÉÒÔÌá¸ßϵͳµÄ°²È«ÐÔºÍÎȶ¨ÐÔ¡£ÏÂÃæÎÒÃÇÀ´¼ÆËãËùÐèµÄµÚÒ»¼¶ºÍµÚ¶þ¼¶×ÓĿ¼Êý¡£
    ÒÑÖªÁ¿£º
    DS = ¿ÉÓý»»»¿Õ¼ä×ÜÁ¿£¨µ¥Î»KB£©/ ½»»»¿Õ¼äÊýÄ¿£½7G/2=3500000KB
    OS = ƽ¾ùÿ¸ö¶ÔÏóµÄ´óС= 20k
    NO = ƽ¾ùÿ¸ö¶þ¼¶×ÓĿ¼Ëù´æ´¢µÄ¶ÔÏóÊýÄ¿ = 256

    δ֪Á¿£º
    L1 = Ò»¼¶×ÓĿ¼µÄÊýÁ¿
    L2 = ¶þ¼¶×ÓĿ¼µÄÊýÁ¿

    ¼ÆË㹫ʽ£º
    L1 x L2 = DS / OS / NO£½3500000/20/256=684
    ÎÒÃÇÈ¡
    L1=16
    L2=43
    ËùÒÔ£¬ÎÒÃǵÄcache_dirÓï¾äΪ£º
    cache_dir /cache1 3500M 16 43
    cache_dir /cache2 3500M 16 43

    4.acl
    ˼·£ºÍ¨¹ýsrcÀ´¶¨Òåacl.
    acl allow_ip src 1.2.3.4/255.255.255.0

    5.http_access
    http_access allow allow_ip

    4.3Æô¶¯¡¢Í£Ö¹squid¡£
    ÅäÖò¢±£´æºÃsquid.confºó£¬¿ÉÒÔÓÃÒÔÏÂÃüÁîÆô¶¯squid¡£
    squid
    »òÕߣ¬Ê¹ÓÃRedHatµÄÆô¶¯½Å±¾À´Æô¶¯squid.
    /etc/rc.d/init.d/squid start
    ͬÑùµØ£¬ÄãÒ²¿ÉÒÔÓÃÏÂÁнű¾Í£Ö¹ÔËÐÐsquid»òÖØÆô¶¯squid.
    /etc/rc.d/init.d/squid stop
    /etc/rc.d/init.d/squid restart

    µÚÎå½Ú ¸ù¾ÝÐèÇóÅäÖÃÄãµÄsquid¡ª¡ª½ø½×ƪ

    5.1ÆäËüÅäÖÃÑ¡Ïî
    ÔÚ½øÐÐsquidµÄһЩ¸ß¼¶Ó¦ÓÃ֮ǰ£¬ÎÒÃÇÓбØÒª¶ÔÆäËûÓÐÓõÄÅäÖÃÑ¡Ïî×÷Ò»¸öÈ«ÃæµÄÁ˽⡣ÏÂÃæÎÒÃÇ·ÖÀàÀ´½²Ò»½²ÕâЩѡÏÓÃÓÚijЩÌØÊâÓ¦ÓõÄÑ¡ÏîÎÒÃǽ«·ÅÔÚ½²¸ÃÖÖÓ¦ÓÃʱÀ´½²¡£

    5.1.1ÍøÂçÑ¡Ïî

    1.tcp_incoming_address
    tcp_outgoing_address
    udp_incoming_address
    udp_outgoing_address
    ˵Ã÷£º
    tcp_incoming_addressÖ¸¶¨¼àÌýÀ´×Ô¿Í»§»òÆäËûsquid´úÀí·þÎñÆ÷µÄ°ó¶¨ipµØÖ·£»
    tcp_outgoing_addressÖ¸¶¨ÏòÔ¶³Ì·þÎñÆ÷»òÆäËûsquid´úÀí·þÎñÆ÷·¢ÆðÁ¬½ÓµÄipµØÖ·
    udp_incoming_addressΪICPÌ×½Ó×ÖÖ¸¶¨½ÓÊÕÀ´×ÔÆäËûsquid´úÀí·þÎñÆ÷µÄ°üµÄipµØÖ· udp_outgoing_addressΪICPÌ×½Ó×ÖÖ¸¶¨ÏòÆäËûsquid´úÀí·þÎñÆ÷·¢ËÍ°üµÄipµØÖ·£»
    ȱʡΪûÓаó¶¨ÈκÎipµØÖ·¡£¸Ã°ó¶¨µØÖ·¿ÉÒÔÓÃipÖ¸¶¨£¬Ò²¿ÉÒÔÓÃÍêÕûµÄÓòÃûÖ¸¶¨¡£

    5.1.2½»»»¿Õ¼äÉ趨ѡÏî

    1.cache_swap_low (percent, 0-100)
    cache_swap_high (percent, 0-100)
    ˵Ã÷£ºsquidʹÓôóÁ¿µÄ½»»»¿Õ¼äÀ´´æ´¢¶ÔÏó¡£ÄÇô£¬¹ýÁËÒ»¶¨µÄʱ¼äÒԺ󣬸ý»»»¿Õ¼ä¾Í»áÓÃÍ꣬ËùÒÔ»¹±ØÐ붨Æڵİ´ÕÕijÖÖÖ¸±êÀ´½«µÍÓÚij¸öˮƽÏߵĶÔÏóÇå³ý¡£squidʹÓÃËùνµÄ¡°×î½ü×îÉÙʹÓÃËã·¨¡±£¨LRU£©À´×öÕâÒ»¹¤×÷¡£µ±ÒÑʹÓõĽ»»»¿Õ¼ä´ïµ½cache_swap_highʱ£¬squid¾Í¸ù¾ÝLRUËù¼ÆËãµÄµÃµ½Ã¿¸ö¶ÔÏóµÄÖµ½«µÍÓÚij¸öˮƽÏߵĶÔÏóÇå³ý¡£ÕâÖÖÇå³ý¹¤×÷Ò»Ö±½øÐÐÖ±µ½ÒÑÓÿռä´ïµ½cache_swap_low¡£ÕâÁ½¸öÖµÓðٷֱȱíʾ£¬Èç¹ûÄãËùʹÓõĽ»»»¿Õ¼äºÜ´óµÄ»°£¬½¨ÒéÄã¼õÉÙÕâÁ½¸öÖµµÃ²î¾à£¬ÒòΪÕâʱһ¸ö°Ù·Öµã¾Í¿ÉÄÜÊǼ¸°ÙÕ׿ռ䣬ÕâÊƱØÓ°ÏìsquidµÄÐÔÄÜ¡£È±Ê¡Îª£º
    cache_swap_low 90
    cache_swap_high 95

    2.maximum_object_size
    ˵Ã÷£º´óÓÚ¸ÃÖµµÃ¶ÔÏ󽫲»±»´æ´¢¡£Èç¹ûÄãÏëÒªÌá¸ß·ÃÎÊËٶȣ¬¾ÍÇë½µµÍ¸ÃÖµ£»Èç¹ûÄãÏë×î´óÏ޶ȵؽÚÔ¼´ø¿í£¬½µµÍ³É±¾£¬ÇëÔö¼Ó¸ÃÖµ¡£µ¥Î»ÎªK£¬È±Ê¡ÖµÎª£º
    maximum_object_size 4096 KB

    5.1.3ÓйØÈÕÖ¾µÄÑ¡Ïî
    1.cache_access_log
    ˵Ã÷£ºÖ¸¶¨¿Í»§ÇëÇó¼Ç¼ÈÕÖ¾µÄÍêÕû·¾¶£¨°üÀ¨ÎļþµÄÃû³Æ¼°ËùÔÚµÄĿ¼£©£¬¸ÃÇëÇó¿ÉÒÔÊÇÀ´×ÔÒ»°ãÓû§µÄHTTPÇëÇó»òÀ´×ÔÁÚ¾ÓµÄICPÇëÇó¡£È±Ê¡ÖµÎª£º
    cache_access_log /var/log/squid/access.log
    Èç¹ûÄã²»ÐèÒª¸ÃÈÕÖ¾£¬¿ÉÒÔÓÃÒÔÏÂÓï¾äÈ¡Ïû£ºcache_access_log none

    2.cache_store_log
    ˵Ã÷£ºÖ¸¶¨¶ÔÏó´æ´¢¼Ç¼ÈÕÖ¾µÄÍêÕû·¾¶£¨°üÀ¨ÎļþµÄÃû³Æ¼°ËùÔÚµÄĿ¼£©¡£¸Ã¼Ç¼±íÃ÷ÄÄЩ¶ÔÏó±»Ð´µ½½»»»¿Õ¼ä£¬ÄÄЩ¶ÔÏó±»´Ó½»»»¿Õ¼äÇå³ý¡£È±Ê¡Â·¾¶Îª£º
    cache_log /var/log/squid/cache.log
    Èç¹ûÄã²»ÐèÒª¸ÃÈÕÖ¾£¬¿ÉÒÔÓÃÒÔÏÂÓï¾äÈ¡Ïû£ºcache_store_log none

    3.cache_log
    ˵Ã÷£ºÖ¸¶¨squidÒ»°ãÐÅÏ¢ÈÕÖ¾µÄÍêÕû·¾¶£¨°üÀ¨ÎļþµÄÃû³Æ¼°ËùÔÚµÄĿ¼£©¡£
    ȱʡ·¾¶Îª£ºcache_log /var/log/squid/cache.log

    4.cache_swap_log
    ˵Ã÷£º¸ÃÑ¡ÏîÖ¸Ã÷ÿ¸ö½»»»¿Õ¼äµÄ¡°swap.log¡±ÈÕÖ¾µÄÍêÕû·¾¶£¨°üÀ¨ÎļþµÄÃû³Æ¼°ËùÔÚµÄĿ¼£©¡£¸ÃÈÕÖ¾Îļþ°üº¬ÁË´æ´¢ÔÚ½»»»¿Õ¼äÀïµÄ¶ÔÏóµÄÔªÊý¾Ý£¨metadata£©¡£Í¨³££¬ÏµÍ³½«¸ÃÎļþ×Ô¶¯±£´æÔÚµÚÒ»¸ö¡°cache_dir¡±Ëµ¶¨ÒåµÄ¶¥¼¶Ä¿Â¼Àµ«ÊÇÄãÒ²¿ÉÒÔÖ¸¶¨ÆäËûµÄ·¾¶¡£Èç¹ûÄ㶨ÒåÁ˶à¸ö¡°cache_dir¡±£¬ÔòÏàÓ¦µÄÈÕÖ¾Îļþ¿ÉÄÜÊÇÕâÑùµÄ£º
    cache_swap_log.00
    cache_swap_log.01
    cache_swap_log.02
    ºóÃæµÄÊý×ÖÀ©Õ¹ÃûÓëÖ¸¶¨µÄ¶à¸ö¡°cache_dir¡±Ò»Ò»¶ÔÓ¦¡£
    ÐèҪעÒâµÄÊÇ£¬×îºÃ²»ÒªÉ¾³ýÕâÀàÈÕÖ¾Îļþ£¬·ñÔòsquid½«²»ÄÜÕý³£¹¤×÷¡£

    5.pid_filename
    ˵Ã÷£ºÖ¸¶¨¼Ç¼squid½ø³ÌºÅµÄÈÕÖ¾µÄÍêÕû·¾¶£¨°üÀ¨ÎļþµÄÃû³Æ¼°ËùÔÚµÄĿ¼£©¡£È±Ê¡Â·¾¶Îª
    pid_filename /var/run/squid.pid
    Èç¹ûÄã²»ÐèÒª¸ÃÎļþ£¬¿ÉÒÔÓÃÒÔÏÂÓï¾äÈ¡Ïû£ºpid_filename none

    6.debug_options
    ˵Ã÷£º¿ØÖÆ×÷ÈÕ־ʱ¼Ç¼ÐÅÏ¢µÄ¶à¹Ñ¡£¿ÉÒÔ´ÓÁ½¸ö·½Ãæ¿ØÖÆ£ºsection¿ØÖÆ´Ó¼¸¸ö·½Ãæ×÷¼Ç¼£»level¿ØÖÆÿ¸ö·½ÃæµÄ¼Ç¼µÄÏêϸ³Ì¶È¡£ÍƼöµÄ·½Ê½£¨Ò²ÊÇȱʡ·½Ê½£©ÊÇ£ºdebug_options ALL,1
    ¼´£¬¶Ôÿ¸ö·½Ã涼×÷¼Ç¼£¬µ«Ïêϸ³Ì¶ÈΪ1(×îµÍ)¡£

    7.log_fqdn on|off
    ˵Ã÷£º¿ØÖÆÔÚ access.log ÖжÔÓû§µØÖ·µÄ¼Ç¼·½Ê½¡£´ò¿ª¸ÃÑ¡Ïîʱ£¬squid¼Ç¼¿Í»§µÄÍêÕûÓòÃû£¬È¡Ïû¸ÃÑ¡Ïîʱ£¬squid¼Ç¼¿Í»§µÄipµØÖ·¡£×¢Ò⣬Èç¹û´ò¿ª¸ÃÑ¡Ïî»áÔö¼ÓϵͳµÄ¸ºµ££¬ÒòΪsquid»¹µÃ½øÐпͻ§ipµÄDNS²éѯ¡£È±Ê¡ÖµÎª£ºlog_fqdn off

    5.1.4ÓйØÍⲿ֧³Ö³ÌÐòµÄÑ¡Ïî
    1.ftp_user
    ˵Ã÷£ºÉèÖõǼÄäÃûftp·þÎñÆ÷ʱµÄÌṩµÄµç×ÓÓʼþµØÖ·£¬µÇ¼ÄäÃûftp·þÎñÆ÷ʱҪÇóÓÃÄãµÄµç×ÓÓʼþµØÖ·×÷ΪµÇ¼¿ÚÁ¸ü¶àµÄÐÅÏ¢Çë²Î¿´±¾ÊéµÄÏà¹ØÕ½ڣ©¡£ÐèҪעÒâµÄÊÇ£¬ÓеÄÄäÃûftp·þÎñÆ÷¶ÔÕâÒ»µãÒªÇóºÜ¿Á¿Ì£¬ÓеÄÉõÖÁ»á¼ì²éÄãµÄµç×ÓÓʼþµÄÓÐЧÐÔ¡£È±Ê¡ÖµÎª£ºftp_user Squid@

    2.ftp_list_width
    ˵Ã÷£ºÉèÖÃftpÁбíµÄ¿í¶È£¬Èç¹ûÉèµÃ̫С½«²»ÄܵÄä¯ÀÀµ½³¤ÎļþÃû¡£È±Ê¡ÖµÎª£º ftp_list_width 32

    3.cache_dns_program
    ˵Ã÷£ºÖ¸¶¨DNS²éѯ³ÌÐòµÄÍêÕû·¾¶£¨°üÀ¨ÎļþµÄÃû³Æ¼°ËùÔÚµÄĿ¼£©¡£È±Ê¡Â·¾¶Îª£º
    cache_dns_program /usr/lib/squid/dnsserver

    4.dns_children
    ˵Ã÷£ºÉèÖÃDNS²éѯ³ÌÐòµÄ½ø³ÌÊý¡£¶ÔÓÚ´óÐ͵ĵǼ·þÎñÆ÷ϵͳ£¬½¨Òé¸ÃÖµÖÁÉÙΪ10¡£×î´óÖµ¿ÉÒÔÊÇ32£¬È±Ê¡ÉèÖÃΪ5¸ö¡£×¢Ò⣬Èç¹ûÄãÈÎÒâµÄ½µµÍ¸ÃÖµ£¬¿ÉÄÜ»áʹϵͳÐÔÄܼ±¾ç½µµÍ£¬ÒòΪsquidÖ÷½ø³ÌÒªµÈ´ýÓòÃû²éѯµÄ½á¹û¡£Ã»ÓбØÒª¼õÉÙ¸ÃÖµ£¬ÒòΪDNS²éѯ½ø³Ì²¢²»»áÏûºÄÌ«¶àµÄϵͳµÄ×ÊÔ´¡£

    5.dns_nameservers
    ˵Ã÷£ºÖ¸¶¨Ò»¸öDNS·þÎñÆ÷ÁÐ±í£¬Ç¿ÖÆsquidʹÓøÃÁбíÖеÄDNS·þÎñÆ÷¶ø·ÇʹÓÃ/etc/resolv.confÎļþÖж¨ÒåµÄDNS·þÎñÆ÷¡£Äã¿ÉÒÔÕâÑùÖ¸¶¨¶à¸öDNS·þÎñÆ÷£ºdns_nameservers 10.0.0.1 192.172.0.4
    ȱʡÉèÖÃΪ£ºdns_nameservers none

    6.unlinkd_program
    ˵Ã÷£ºÖ¸¶¨Îļþɾ³ý½ø³ÌµÄÍêÕû·¾¶¡£
    ȱʡÉèÖÃΪ£º
    unlinkd_program /usr/lib/squid/unlinkd

    7.pinger_program
    ˵Ã÷£ºÖ¸¶¨ping½ø³ÌµÄÍêÕû·¾¶¡£¸Ã½ø³Ì±»squidÀûÓÃÀ´²âÁ¿ÓëÆäËûÁھӵķÓɾàÀë¡£¸ÃÑ¡ÏîÖ»ÔÚÄãÆôÓÃÁ˸ù¦ÄÜʱÓÐÓá£È±Ê¡Îª£º
    pinger_program /usr/lib/squid/pinger

    8.authenticate_program
    ˵Ã÷£ºÖ¸¶¨ÓÃÀ´½øÐÐÓû§ÈÏÖ¤µÄÍⲿ³ÌÐòµÄÍêÕû·¾¶¡£squidµÄÓû§ÈÏÖ¤¹¦ÄÜÎÒÃǽ«ÔÚºóÃæµÄÕ½ڽ²Êö¡£È±Ê¡ÉèÖÃΪ²»ÈÏÖ¤¡£

    5.1.5Óû§·ÃÎÊ¿ØÖÆÑ¡Ïî
    1.request_size (KB)
    ˵Ã÷£ºÉèÖÃÓû§ÇëÇóͨѶÁ¿µÄ×î´óÔÊÐíÖµ(µ¥Î»ÎªKB)¡£Èç¹ûÓû§ÓÃPOST·½·¨ÇëÇóʱ£¬Ó¦¸ÃÉèÒ»¸ö½Ï´óµÄÖµ¡£È±Ê¡ÉèÖÃΪ£º
    request_size 100 KB

    2.reference_age
    ˵Ã÷£ºsquid¸ù¾Ý¶ÔÏóµÄLRU£¨×î½ü×îÉÙʹÓÃËã·¨£©À´Çå³ý¶ÔÏó£¬squidÒÀ¾ÝʹÓôÅÅÌ¿Õ¼äµÄ×ÜÁ¿¶¯Ì¬µØ¼ÆËã¶ÔÏóµÄLRUÄêÁä¡£ÎÒÃÇÓÃreference_age¶¨Òå¶ÔÏóµÄ×î´óLRUÄêÁä¡£Èç¹ûÒ»¸ö¶ÔÏóÔÚÖ¸¶¨µÄreference_ageÄÚûÓб»·ÃÎÊ£¬squid½«É¾³ý¸Ã¶ÔÏó¡£È±Ê¡ÖµÎªÒ»¸öÔ¡£Äã¿ÉÒÔʹÓÃÈçÏÂËùʾµÄʱ¼ä±íʾ·½·¨¡£
    1 week
    3.5 days
    4 months
    2.2 hours

    3.quick_abort_min (KB)
    quick_abort_max (KB)
    quick_abort_pct (percent)
    ˵Ã÷£º¿ØÖÆsquidÊÇ·ñ¼ÌÐø´«Êä±»Óû§ÖжϵÄÇëÇó¡£µ±Óû§ÖжÏÇëÇóʱ£¬squid½«¼ì²â
    quick_abort µÄÖµ¡£Èç¹ûÊ£Óಿ·ÖСÓÚ¡°quick_abort_min¡±Ö¸¶¨µÄÖµ,squid ½«¼ÌÐøÍê³ÉÊ£Óಿ·ÖµÄ´«Ê䣻Èç¹ûÊ£Óಿ·Ö´óÓÚ¡°quick_abort_max¡±Ö¸¶¨µÄÖµ,squid ½«ÖÕֹʣÓಿ·ÖµÄ´«Ê䣻Èç¹ûÒÑÍê³É¡°quick_abort_pct¡±Ö¸¶¨µÄ°Ù·Ö±È£¬squid½«¼ÌÐøÍê³ÉÊ£Óಿ·ÖµÄ´«Ê䡣ȱʡµÄÉèÖÃΪ£º
    quick_abort_min 16 KB
    quick_abort_max 16 KB
    quick_abort_pct 95

    5.1.6¸÷À೬ʱÉèÖÃÑ¡Ïî

    1.negative_ttl time-units
    ˵Ã÷£ºÉèÖÃÏû¼«´æ´¢¶ÔÏóµÄÉú´æʱ¼ä¡£ËùνµÄÏû¼«´æ´¢¶ÔÏ󣬾ÍÊÇÖîÈç¡°Á¬½Óʧ°Ü¡±¼°\"404 Not Found\"µÈÒ»Àà´íÎóÐÅÏ¢¡£È±Ê¡ÉèÖÃΪ£ºnegative_ttl 5 minutes

    2.positive_dns_ttl time-units
    ˵Ã÷£ºÉèÖûº´æ³É¹¦µÄDNS²éѯ½á¹ûµÄÉú´æʱ¼ä¡£È±Ê¡Îª6Сʱ¡£
    positive_dns_ttl 6 hours

    3.negative_dns_ttl time-units
    ˵Ã÷£ºÉèÖûº´æʧ°ÜµÄDNS²éѯ½á¹ûµÄÉú´æʱ¼ä¡£È±Ê¡Îª5·ÖÖÓ¡£
    negative_dns_ttl 5 minutes

    4.connect_timeout time-units
    ˵Ã÷£ºÉèÖÃsquidµÈ´ýÁ¬½ÓÍê³ÉµÄ³¬Ê±Öµ¡£È±Ê¡ÖµÎª2·ÖÖÓ¡£
    connect_timeout 120 seconds

    5.read_timeout time-units
    ˵Ã÷£ºÈç¹ûÔÚÖ¸¶¨µÄʱ¼äÄÚsquidÉÐδ´Ó±»ÇëÇóµÄ·þÎñÆ÷¶ÁÈëÈκÎÊý¾Ý£¬Ôòsquid½«ÖÕÖ¹¸Ã¿Í»§ÇëÇó¡£È±Ê¡ÖµÎª15·ÖÖÓ¡£
    read_timeout 15 minutes

    6.request_timeout
    ˵Ã÷£ºÉèÖÃÔÚ½¨Á¢Óë¿Í»§µÄÁ¬½Óºó£¬squid½«»¨¶à³¤Ê±¼äµÈ´ý¿Í»§·¢³öHTTPÇëÇó¡£È±Ê¡ÖµÎª30Ãë¡£
    request_timeout 30 seconds

    7.client_lifetime time-units
    ˵Ã÷£ºÉèÖÿͻ§ÔÚÓësquid½¨Á¢Á¬½Óºó£¬¿ÉÒÔ½«¸ÃÁ¬½Ó±£³Ö¶à³¤Ê±¼ä¡£
    ×¢Ò⣬ÒòΪ¿Í»§½¨Á¢µÄÿ¸öÁ¬½Ó¶¼»áÏûºÄÒ»¶¨µÄϵͳ×ÊÔ´£¬ËùÒÔÈç¹ûÄãÊÇΪһ¸ö´óÐÍÍøÂçÌṩ´úÀí·þÎñµÄ»°£¬Ò»¶¨ÒªÕýÈ·µØÐ޸ĸÃÖµ¡£ÒòΪÈç¹ûͬһʱ¼äµÄÁ¬½ÓÊýÁ¿Ì«´óµÄ»°£¬¿ÉÄÜ»áÏûºÄ´óÁ¿µÄϵͳ×ÊÔ´£¬´Ó¶øµ¼Ö·þÎñÆ÷å´»ú¡£È±Ê¡ÖµÎª1Ì죬¸Ãֵ̫´óÁË£¬½¨Òé¸ù¾ÝÄã×Ô¼ºµÄÇé¿öÊʵ±¼õС¸ÃÖµ¡£
    client_lifetime 1 day

    8.half_closed_clients on/off
    ˵Ã÷£ºÓÐʱºòÓÉÓÚÓû§µÄ²»Õý³£²Ù×÷£¬¿ÉÄÜ»áʹÓësquidµÄTCPÁ¬½Ó´¦ÓÚ°ë¹Ø±Õ״̬£¬
    Õâʱºò£¬¸ÃTCPÁ¬½ÓµÄ·¢ËͶËÒѾ­¹Ø±Õ£¬¶ø½ÓÊÕ¶ËÕý³£¹¤×÷¡£È±Ê¡µØ£¬squid½«Ò»Ö±±£³ÖÕâÖÖ´¦ÓÚ°ë¹Ø±Õ״̬µÄTCPÁ¬½Ó£¬Ö±µ½·µ»ØÌ×½Ó×ֵĶÁд´íÎó²Å½«Æä¹Ø±Õ¡£Èç¹û½«¸ÃÖµÉèΪoff£¬ÔòÒ»µ©´Ó¿Í»§¶Ë·µ»Ø¡°no more data to read¡±µÄÐÅÏ¢£¬squid¾ÍÁ¢¼´¹Ø±Õ¸ÃÁ¬½Ó¡£half_closed_clients on

    9.pconn_timeout
    ˵Ã÷£ºÉèÖÃsquidÔÚÓëÆäËû·þÎñÆ÷ºÍ´úÀí½¨Á¢Á¬½Óºó£¬¸ÃÁ¬½ÓÏÐÖö೤ʱ¼äºó±»¹Ø±Õ¡£È±Ê¡ÖµÎª120Ãë¡£
    pconn_timeout 120 seconds

    10.ident_timeout
    ˵Ã÷£ºÉèÖÃsquidµÈ´ýÓû§ÈÏÖ¤ÇëÇóµÄʱ¼ä¡£È±Ê¡ÖµÎª10Ãë¡£
    ident_timeout 10 seconds

    11.shutdown_lifetime time-units
    ˵Ã÷£ºµ±ÊÕµ½SIGTERM »òÕß SIGHUP Ðźźó, squid½«½øÈëÒ»ÖÖshutdown pendingµÄģʽ£¬µÈ´ýËùÓлµÄÌ×½Ó×ֹرա£ÔÚ¹ýÁËshutdown_lifetimeËù¶¨ÒåµÄʱ¼äºó£¬ËùÓлµÄÓû§¶¼½«ÊÕµ½Ò»¸ö³¬Ê±ÐÅÏ¢¡£È±Ê¡ÖµÎª30Ãë¡£
    shutdown_lifetime 30 seconds

    5.1.7¹ÜÀí²ÎÊýÑ¡Ïî

    1.cache_mgr
    ˵Ã÷:ÉèÖùÜÀíÔ±ÓʼþµØÖ·¡£È±Ê¡Îª£º
    cache_mgr root

    2. cache_effective_user
    cache_effective_group
    ˵Ã÷£ºÈç¹ûÓÃrootÆô¶¯squid£¬squid½«±ä³ÉÕâÁ½ÌõÓï¾äÖ¸¶¨µÄÓû§ºÍÓû§×顣ȱʡ±äΪsquidÓû§ºÍsquidÓû§×é¡£×¢ÒâÕâÀïÖ¸¶¨µÄÓû§ºÍÓû§×é±ØÐëÕæÊÇ´æÔÚÓÚ/etc/passwdÖС£Èç¹ûÓ÷ÇrootÕʺÅÆô¶¯squid£¬Ôòsquid½«±£³Ö¸ÄÓû§¼°Óû§×éÔËÐУ¬Õâʱºò£¬Äã²»ÄÜÖ¸¶¨Ð¡ÓÚ1024µØhttp_port¡£
    cache_effective_user squid
    cache_effective_group squid

    3.visible_hostname
    ˵Ã÷£º¶¨ÒåÔÚ·µ»Ø¸øÓû§µÄ³ö´íÐÅÏ¢ÖеÄÖ÷»úÃû¡£
    Èç: visible_hostname www-cache.foo.org

    4.unique_hostname
    ˵Ã÷£ºÈç¹ûÄãÓÐÒ»¸ö´úÀí·þÎñÆ÷ÕóÁУ¬²¢ÇÒÄãΪÿ¸ö´úÀí·þÎñÆ÷Ö¸¶¨ÁËͬÑùµÄ¡°visible_hostname¡±£¬Í¬Ê±Äã±ØÐëΪËüÃÇÖ¸¶¨²»Í¬µÄ¡°unique_hostname¡±À´±ÜÃâ¡°forwarding loops ¡±£¨´«ÊäÑ­»·£©·¢Éú¡£

    5.1.8ÆäËüÔÓÏî
    1. dns_testnames
    ˵Ã÷£ºÉèÖýøÐÐDNS²éѯ²âÊÔ,Èç¹ûµÚÒ»¸öÕ¾µã½âÎö³É¹¦ÔòÁ¢¼´½áÊøDNS²éѯ²âÊÔ¡£Èç¹ûÄã²»Ô¸Òâ½øÐÐDNS²éѯ²âÊÔ£¬¾Í²»ÒªÈ¥µôȱʡµÄÉèÖá£
    #dns_testnames netscape.com internic.net nlanr.net microsoft.com

    2.logfile_rotate
    ˵Ã÷£ºÍ¨³££¬squid»á¶¨ÆڵĽ«ÈÕÖ¾Îļþ¸üÃû²¢´ò°ü¡£±ÈÈçÕýÔÚʹÓõÄÈÕÖ¾ÎļþΪaccess.log,squid»á½«Æä¸üÃû²¢´ò°üΪaccess.log.1.gz£»¹ýÁËÒ»¶¨Ê±¼äºó£¬squidÓֻὫ
    access.log.1.gz¸üÃûΪaccess.log.2.gz²¢½«µ±Ç°µÄÈÕÖ¾Îļþ¸üÃû²¢´ò°üΪaccess.log.1.gz£¬ÒÔ´ËÑ­»·¡£logfile_rotateËùÖ¸¶¨µÄÊý×Ö¼´Îª´ò°ü²¢±¸·ÝµÄÎļþµÄÊýÁ¿£¬µ±´ïµ½ÕâÒ»ÊýĿʱ£¬squid½«É¾³ý×îÀϵı¸·ÝÎļþ¡£È±Ê¡ÖµÎª10¡£Èç¹ûÄãÏëÊÖ¶¯À´½øÐÐÕâЩ²Ù×÷£¬Äã¿ÉÒÔÓÃlogfile_rotate 0À´È¡Ïû×Ô¶¯²Ù×÷¡£

    3.err_html_text
    ˵Ã÷£ºÓøÃÓï¾ä¶¨ÒåÒ»¸ö×Ö·û´®±äÁ¿£¬¿ÉÒÔÓã¥LÔÚ·µ»Ø¸øÓû§µÄ´íÎóÐÅÏ¢ÎļþÖÐÒýÓᣴíÎóÐÅÏ¢Îļþͨ³£ÔÚ/etc/squid/errorsĿ¼ÖУ¬ÕâÊÇһЩÓÃHTMLд³ÉµÄ½Å±¾Îļþ£¬Äã¿ÉÒÔ×Ô¼ºÐÞ¸ÄËü¡£

    4.deny_info
    ˵Ã÷£ºÄã¿ÉÒÔ¶¨ÖÆ×Ô¶¨ÒåµÄ¾Ü¾ø·ÃÎÊÐÅÏ¢Îļþ£¬²¢ÇÒ¿ÉÒԺͲ»Í¬µÄÓû§ÁбíÏà¹ØÁª¡£µ±Óû§±»http_accessÏà¹Ø¹æÔò¾Ü¾øʱ£¬squid¿ÉÒÔÏòÓû§ÏÔʾÄã×Ô¶¨ÒåµÄÏàÓ¦µÄ¾Ü¾ø·ÃÎÊÐÅÏ¢Îļþ¡£Ó﷨Ϊ£º
    Usage: deny_info err_page_name acl
    ±ÈÈ磺
    deny_info ERR_CUSTOM_ACCESS_DENIED bad_guys

    5.memory_pools on|off
    ˵Ã÷:Èç¹ûÄ㽫¸ÃÏîÉèΪon£¬Ôòsquid½«±£ÁôËùÓÐÒѾ­·ÖÅ䣨µ«ÊÇδʹÓ㩵ÄÄÚ´æ³ØÒÔ±ãÔÚ½«À´Ê¹Óá£È±Ê¡Îªon.
    memory_pools on

    6.log_icp_queries on|off
    ˵Ã÷£ºÉèÖÃÊÇ·ñ¶ÔICPÇëÇó×÷ÈÕÖ¾¡£Èç¹ûÄãµÄϵͳ¸ºÔغܴó£¬Äã¿ÉÒÔÓÃoffÀ´È¡Ïû¸Ã¹¦ÄÜ¡£È±Ê¡Îª:
    log_icp_queries on

    7.always_direct
    ˵Ã÷£º¸ÃÑ¡ÏîÔÊÐíÄãÖ¸¶¨Ä³Ð©Óû§À࣬squid½«ÕâЩÓû§ÀàµÄÇëÇóÖ±½Óת·¢¸ø±»ÇëÇóµÄ·þÎñÆ÷¡£Ó﷨Ϊ:
    always_direct allow|deny [!]aclname ...
    È磺ֱ½Óת·¢FTPÇëÇó¿ÉÒÔÕâÑùÉèÖãº
    acl FTP proto FTP
    always_direct allow FTP

    8.never_direct
    ˵Ã÷£ºÓëalways_directÏà·´¡£Ó﷨Ϊ£º
    Usage: never_direct allow|deny [!]aclname ...
    ±ÈÈ磬ΪÁËÇ¿ÖƳýÁ˱¾µØÓòµÄÆäËûÓû§Ê¹ÓôúÀí·þÎñÆ÷£¬Äã¿ÉÒÔÕâÑùÉèÖãº
    acl local-servers dstdomain foo.net
    acl all src 0.0.0.0/0.0.0.0
    never_direct deny local-servers
    never_direct allow all

    9.icon_directory
    ˵Ã÷£ºÖ¸Ã÷ÏòÓû§´«ËÍ´íÎóÐÅϢʱËùÓõ½µÄͼ±êÎļþµÄĿ¼¡£È±Ê¡Â·¾¶Îª£º icon_directory /usr/lib/squid/icons

    10.error_directory
    ˵Ã÷£ºÖ¸Ã÷ÏòÓû§´«ËÍ´íÎóÐÅÏ¢ËùÓõ½µÄ´íÎóÃèÊöÎļþµÄĿ¼¡£È±Ê¡Â·¾¶Îª£º
    error_directory /etc/squid/errors

    5.2 Óû§ÈÏÖ¤ÉèÖÃ
    ȱʡµÄ£¬squid±¾Éí²»´øÈκÎÈÏÖ¤³ÌÐò£¬µ«ÊÇÎÒÃÇ¿ÉÒÔͨ¹ýÍⲿÈÏÖ¤³ÌÐòÀ´ÊµÏÖÓû§ÈÏÖ¤¡£Ò»°ã˵À´ÓÐÒÔϵÄÈÏÖ¤³ÌÐò£º

    1.LDAPÈÏÖ¤£ºÄã¿ÉÒÔ·ÃÎÊÒÔÏÂ×ÊÔ´À´»ñÈ¡¸ü¶àµÄÓÐÓÃÐÅÏ¢¡£
    http://www.geocities.com/ResearchTriangle/Thinktank/5292/projects/ldap/
    http://home.iae.nl/users/devet/squid/proxy_auth/contrib/ldap_auth.tar.gz

    2.SMBÈÏÖ¤£º¿ÉÒÔʵÏÖ»ùÓÚNTºÍsambaµÄÓû§ÈÏÖ¤¡£¸ü¶àµÄÐÅÏ¢Çë·ÃÎÊÒÔÏÂ×ÊÔ´¡£
    http://www.hacom.nl/~richard/software/smb_auth.html

    3.»ùÓÚmysqlµÄÓû§ÈÏÖ¤¡£
    http://home.iae.nl/users/devet/squid/proxy_auth/contrib/mysql_auth.c

    4.»ùÓÚsock5ÃÜÂëÓû§ÈÏÖ¤¡£
    http://nucleo.freeservers.com/

    5.»ùÓÚRadius µÄÓû§ÈÏÖ¤¡£
    http://home.iae.nl/users/devet/squid/proxy_auth/contrib/auth.pl

    µ«ÊÇÎÒÃÇÒ»°ã³£ÓõÄÊÇÓÃncsaʵÏÖµÄÈÏÖ¤ºÍÓÃsmb_authʵÏֵĻùÓÚNTºÍsambaµÄÓû§ÈÏÖ¤¡£ÏÂÃæÎÒÃǾÍÀ´½²ÕâÁ½ÖÖÈÏÖ¤·½·¨µÄ¾ßÌåʵÏÖ¡£

    5.2.1 ncsaÓû§ÈÏÖ¤µÄʵÏÖ
    ncsaÊÇsquidÔ´´úÂë°ü×Ô´øµÄÈÏÖ¤³ÌÐòÖ®Ò»£¬ÏÂÃæÎÒÃÇÒÔsquid-2.3.STABLE2°æ±¾ÎªÀý½²ÊöncsaµÄ°²×°ºÍÅäÖá£
    1.´Ówww.squid-cache.orgÏÂÔØsquidÔ´´úÂë°üsquid-2.3.STABLE2-src.tar.gz²¢·Åµ½/tmpĿ¼Ï¡£
    2.ÓÃtar½â¿ª£º
    tar xvzf squid-2.3.STABLE2-src.tar.gz
    %make
    %make install
    3.È»ºó£¬½øÈë/tmp/squid-2.3.STABLE2/auth_modules/NCSAĿ¼¡£
    % make
    % make install
    ±àÒë³É¹¦ºó£¬»áÉú³Éncsa_authµÄ¿ÉÖ´ÐÐÎļþ¡£
    4.¿½±´Éú³ÉµÄÖ´ÐÐÎļþncsa_authµ½/usr/binĿ¼
    cp ncsa_auth /usr/bin/bin
    5.ÐÞ¸Äsquid.confÖеÄÏà¹ØÑ¡ÏîÈçÏÂËùʾ£º
    authenticate_program /usr/local/squid/bin/ncsa_auth /usr/bin/passwd
    6.¶¨ÒåÏà¹ØµÄÓû§Àà
    acl auth_user proxy_auth REQUIRED
    ×¢Ò⣬REQUIRED¹Ø¼ü×ÖÖ¸Ã÷Á˽ÓÊÕËùÓкϷ¨Óû§µÄ·ÃÎÊ¡£
    7.ÉèÖÃhttp_access
    http_access allow auth_user
    ×¢Ò⣬Èç¹ûÄãÔÚ¸ÄÐÐÖÐÖ¸¶¨Á˶à¸öÔÊÐí·ÃÎʵÄÓû§ÀàµÄ»°£¬Ó¦¸Ã°ÑÒªÈÏÖ¤µÄÓû§Àà·ÅÔÚµÚÒ»¸ö¡£ÈçÏÂËùʾ£º
    ´íÎóµÄÅäÖãºhttp_access allow auth_user all manager
    ÕýÈ·µÄÅäÖãºhttp_access allow auth_user manager all
    8.ÀûÓÃapacheЯ´øµÄ¹¤¾ßÈí¼þhtpasswdÔÚ/usr/local/squid/etcÏÂÉú³ÉÃÜÂëÎļþ²¢Ìí¼ÓÏàÓ¦µÄÓû§ÐÅÏ¢¡£Ò»°ã˵À´£¬¸ÃÃÜÂëÎļþÿÐаüº¬Ò»¸öÓû§µÄÓû§ÐÅÏ¢£¬¼´Óû§ÃûºÍÃÜÂë¡£
    ÓÃhtpasswdÉú³ÉÃÜÂëÎļþpasswd²¢Ìí¼ÓÓû§bye¡£
    htpasswd -c /usr/local/squid/etc/passwd bye
    È»ºóÖØÐÂÆô¶¯squid£¬ÃÜÂëÈÏÖ¤ÒѾ­ÉúЧ¡£

    5.2.2 smbÓû§ÈÏÖ¤µÄʵÏÖ
    ¹úÄÚ½éÉܲ¢Ê¹ÓÃncsaʵÏÖÓû§ÈÏÖ¤µÄÎÄÕ²»¶à£¬¶øʹÓÃsmb_authºÍsambaʵÏÖ»ùÓÚNTµÄÓû§ÈÏÖ¤ÎÒ»¹Ã»Óп´µ½¹ý£¬ÏÂÃæÎÒÃǾÍÀ´¿´Ò»¿´ÔÚsquidÖÐʵÏÖ»ùÓÚNTµÄÓû§ÈÏÖ¤¡£
    µ±Ç°smb_authµÄ×î¸ß°æ±¾ÊÇsmb_auth-0.05£¬Äã¿ÉÒÔÔÚÒÔϵØÖ·ÏÂÔØ¡£µ±È»£¬squidµÄÔ´´úÂë°üÖÐÒ²°üº¬smb_auth,µ«ÊÇÊÇ0.02°æµÄ¡£
    http://www.hacom.nl/~richard/software/smb_auth-0.05.tar.gz
    smb_authµÄÖ÷Ò³µØÖ·ÊÇhttp://www.hacom.nl/~richard/software/smb_auth.html¡£
    1.ϵͳÐèÇó£º
    squid2.0ÒÔÉÏ°æ±¾¡£
    °²×°samba2.0.4ÒÔÉÏ°æ±¾¡£Äã²¢²»ÐèÒªÔËÐÐsamba·þÎñ£¬ÒòΪsmb_authÖ»Óõ½ÁË sambaµÄ¿Í»§¶ËÈí¼þ¡£
    2.ÏÂÔØsmb_auth-0.05.tar.gz²¢¸´ÖƵ½/tmp.
    3.tar xvzf smb_auth-0.05.tar.gz
    4.¸ù¾ÝÄãµÄÒªÇóÐÞ¸ÄMakefileÖеÄSAMBAPREFIXºÍINSTALLBIN²ÎÊý¡£SAMBAPREFIXÖ¸¶¨ÁËÄãµÄsamba°²×°Â·¾¶£¬INSTALLBINÖ¸Ã÷ÁËsmb_authµÄ°²×°Â·¾¶¡£ÎÒÃÇÖ¸¶¨£º
    SAMBAPREFIX=/usr,INSTALLBIN=/usr/bin.
    5.make
    6.make install,³É¹¦ºó»áÔÚINSTALLBINÖ¸¶¨Â·¾¶ÖÐÉú³É¿ÉÖ´ÐÐÎļþsmb_auth.
    7.°´ÏÂÁв½ÖèÉèÖÃÄãÒªÓÃÓÚÈÏÖ¤µÄÖ÷Óò¿ØÖÆÆ÷£º
    Ê×ÏÈÔÚNETLOG¹²ÏíĿ¼Öн¨Á¢Ò»¸ö¡°proxy¡±Îļþ£¬¸ÃÎļþÖ»°üº¬Ò»¸ö¡°allow¡±µÄ×Ö·û´®£¬Ò»°ã˵À´£¬¸ÃNETLOGĿ¼λÓÚ\\winnt\\system32\\Repl\\import\\scriptsĿ¼ÖУ»È»ºó£¬ÉèÖÃËùÓÐÄãÏëÈÃÆä·ÃÎÊsquidµÄÓû§ºÍÓû§×éÓµÓжԸÃÎļþµÄ¶ÁµÄȨÁ¦¡£
    8.ÐÞ¸Äsquid.confÖеÄÏà¹ØÑ¡ÏîÈçÏÂËùʾ£º
    authenticate_program /usr/local/squid/bin/smb_auth your_domain_name
    9.¶¨ÒåÏà¹ØµÄÓû§Àà
    acl auth_user proxy_auth REQUIRED
    ×¢Ò⣬REQUIRED¹Ø¼ü×ÖÖ¸Ã÷Á˽ÓÊÕËùÓкϷ¨Óû§µÄ·ÃÎÊ¡£
    10.ÉèÖÃhttp_access
    http_access allow auth_user
    ×¢Ò⣬Èç¹ûÄãÔÚ¸ÄÐÐÖÐÖ¸¶¨Á˶à¸öÔÊÐí·ÃÎʵÄÓû§ÀàµÄ»°£¬Ó¦¸Ã°ÑÒªÈÏÖ¤µÄÓû§Àà·ÅÔÚµÚÒ»¸ö¡£ÈçÏÂËùʾ£º
    ´íÎóµÄÅäÖãºhttp_access allow auth_user all manager
    ÕýÈ·µÄÅäÖãºhttp_access allow auth_user manager all
    Èç¹ûÒ»ÇÐÕýÈ·µÄ»°£¬È»ºóÖØÐÂÆô¶¯squid£¬ÃÜÂëÈÏÖ¤ÒѾ­ÉúЧ¡£
    ˵Ã÷£ºsmb_authµÄµ÷Ó÷½·¨£º
    1.smb_auth -W your_domain_name
    ÓÃyour_domain_nameÖ¸¶¨ÄãµÄÓòÃû¡£smb_auth½«½øÐй㲥ѰÕÒ¸ÃÖ÷Óò¿ØÖÆÆ÷¡£
    2.smb_auth -W your_domain_name -B
    Èç¹ûÄãÓжà¸öÍøÂç½Ó¿Ú£¬¿ÉÒÔÓÃ-B Ö¸¶¨ÓÃÓڹ㲥µÄÍøÂç½Ó¿ÚµÄipµØÖ·¡£
    3.smb_auth -W your_domain_name -U
    Ò²¿ÉÒÔÓÃ-UÖ±½ÓÖ¸¶¨¸ÃÖ÷Óò¿ØÖÆÆ÷µÄipµØÖ·¡£
    4.smb_auth -W your_domain_name -S share
    ¿ÉÒÔÓÃ-SÖ¸¶¨Ò»¸ö²»Í¬ÓÚNETLOGµÄ¹²ÏíĿ¼¡£

    5.2.3squid.confÖйØÓÚÈÏÖ¤µÄÆäËûÉèÖÃ
    1.authenticate_children
    ˵Ã÷£ºÉèÖÃÈÏÖ¤×Ó½ø³ÌµÄÊýÄ¿¡£È±Ê¡Îª5¸ö¡£Èç¹ûÄã´¦ÓÚÒ»¸ö·±Ã¦µÄÍøÂç»·¾³ÖУ¬Äã¿ÉÒÔÊʵ±Ôö´ó¸ÃÖµ¡£
    2.authenticate_ttl
    ˵Ã÷£ºÉèÖÃÒ»´ÎÈÏÖ¤µÄÓÐЧÆÚ£¬È±Ê¡ÊÇ3600Ãë¡£
    3.proxy_auth_realm
    ˵Ã÷£ºÉèÖÃÓû§µÇ¼ÈÏ֤ʱÏòÓû§ÏÔʾµÄÓòÃû¡£

    5.3͸Ã÷´úÀíµÄÉèÖÃ
    ¹ØÓÚ͸Ã÷´úÀíµÄ¸ÅÄîÎÒÃÇÒѾ­ÔÚµÚÒ»½Ú½«¹ýÁË£¬ÏÂÃæÎÒÃÇ¿´Ò»ÏÂÔõôÑùÔÚsquidÖÐʵÏÖ͸Ã÷´úÀí¡£
    ͸Ã÷´úÀíµÄʵÏÖÐèÒªÔÚLinux 2.0.29ÒÔÉÏ£¬µ«ÊÇLinux 2.0.30²¢²»Ö§³Ö¸Ã¹¦ÄÜ£¬ºÃÔÚÎÒÃÇÏÖÔÚʹÓõÄͨ³£ÊÇ2.2.XÒÔÉϵİ汾£¬ËùÒÔ²»±Øµ£ÐÄÕâ¸öÎÊÌâ¡£ÏÂÃæÎÒÃǾÍÓÃipchains+squidÀ´ÊµÏÖ͸Ã÷´úÀí¡£ÔÚ¿ªÊ¼Ö®Ç°ÐèҪ˵Ã÷µÄÊÇ,Ä¿Ç°ÎÒÃÇÖ»ÄÜʵÏÖÖ§³ÖHTTPµÄÍ
    ·¢²¼ÈË:netbull À´×Ô:LinuxAid