On 18/09/10 06:00, Andrei wrote:
I'm a newbie. To get Squid started all I was able to do is create the
config below. This works but it feels like it could be a little
faster. I have about 300 users.
Are there any other options that you would recommend adding to this
config file? This is my config file for Squid 3.0 on Debian, P4, 40GB
IDE disk.
RAM?
Tip #1: Add the backports.org repo to your list and pull squid3 (3.1)
from there.
refresh_pattern -i \.index.(html|htm)$ 0 40% 10080
pattern: \.index\.(html|htm)$
refresh_pattern -i \.(html|htm|css|js)$ 1440 40% 40320
add here: refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 40% 40320
cache_dir ufs /var/spool/squid3 7000 16 256
AUFS
+ more disk? (that will depend on your available RAM).
visible_hostname proxy.ourdomain.com
http_port 176.16.0.9:3128 transparent
Use a random port for NAT interception. It only needs to be accessible
to your local machine firewall to send packets.
Regular proxy requests arriving at this port will be slowed by useless
NAT searches.
Tip #2: avoid NAT. Use WPAD/PAC to invisibly configure the networks
browsers and pre-filter broken domains.
acl localnet src 176.16.0.0/255.255.248.0
acl localnet src 176.16.0.0/21
Tip #3: retain the security Safe_Ports and SSL_Ports restrictions to
prevent internal viral/spam spreading.
http_access allow localnet
debug_options ALL,1
access_log /var/log/squid3/access.log squid
Check and be sure about your response times. They might surprise you one
way or the other:
squidclient mgr:info
Amos
--
Please be using
Current Stable Squid 2.7.STABLE9 or 3.1.8
Beta testers wanted for 3.2.0.2
