Drew Wrobel wrote:
I have upgraded my squid server from 2.6 stable 22 to 2.7 stable 7.
Along with this, I have updated the configuration and wanted to make sure that some of the new settings won't be a problem.
The biggest change is that I increased the maximum object size the squid will cache. Before everything at the default levels.
I increased this size sine most of the files/pages being servers up, especially the ones that have flash and vidoes would be larger
then 4K.
Let me know if there is a better way or setting I should/should not be using.
Thanks
acl all src all
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_port 127.0.0.1:3128
hierarchy_stoplist cgi-bin ?
NP: if you are caching dynamic pages at all, you will need to use the
default dynamic page refresh pattern to stay RFC compliant:
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
Of course providing the pages with correct Expires:, Last-Modified:
and/or Cache-Control: headers is even better.
refresh_pattern . 0 20% 4320
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
coredump_dir /var/cache/squid
http_access allow manager localhost
http_access deny manager
http_access deny to_localhost
http_port 80 accel vport
cache_peer 172.21.1.2 parent 80 0 no-query originserver round-robin login=PASS
cache_peer 172.21.3.4 parent 80 0 no-query originserver round-robin login=PASS
cache_peer 172.21.5.6 parent 80 0 no-query originserver round-robin login=PASS
acl mainSite dstdomain www.company.com
acl otherSites dstdomain .company.com
cache_peer_access 172.21.1.2 allow mainSite
cache_peer_access 172.21.1.2 deny all
cache_peer_access 172.21.3.4 allow mainSite
cache_peer_access 172.21.3.4 deny all
cache_peer_access 172.21.5.6 allow mainSite
cache_peer_access 172.21.5.6 deny all
http_access allow mainSite
deny_info http://www.company.com/ otherSites
http_access deny otherSites
http_access deny all
icp_port 0
icp_access deny all
log_icp_queries off
acl loadbalancer1 src 172.21.10.1
acl loadbalancer2 src 172.21.10.12
follow_x_forwarded_for allow loadbalancer1
follow_x_forwarded_for allow loadbalancer2
follow_x_forwarded_for allow all
acl_uses_indirect_client on
delay_pool_uses_indirect_client on
log_uses_indirect_client on
logformat combined %{Host}>h %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %<st "%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh
If this really is the real "combined" Apache httpd format there is no
need to define it. If it's a customized version with altered details
please name it with a name of your own.
access_log /var/log/squid/access.log combined
logfile_rotate 0
collapsed_forwarding on
vary_ignore_expire on
httpd_suppress_version_string off
cache_effective_user squid
cache_store_log none
client_db off
cache_mem 512 MB
maximum_object_size_in_memory 24 MB
cache_replacement_policy lru
cache_dir ufs /var/cache/squid 2000 10 10
maximum_object_size 20480 KB
cosmetic: maximum_object_size 20 MB
Amos
--
Please be using
Current Stable Squid 2.7.STABLE7 or 3.0.STABLE21
Current Beta Squid 3.1.0.15