都知道 http加速器 现在 varnish 比 squid 名声大,所以 先整了一把varnish,但是研究之后,发现不支持SSL,只得作罢,开始换上squid.
但是很不辛,居然报错:“FATAL: http(s)_port: defaultsite option requires Acceleration mode flag.”
原来 是 缺少[mode]选项,根据我的需要,加了“accel”,问题解决.
https_port 443 cert=/usr/local/squid/cert.pem key=/usr/local/squid/cert.key accel defaultsite=img0-yoursite.yourdomain.com vhost
cache_peer 1.2.3.4 parent 80 0 no-query originserver ssl sslflags=DONT_VERIFY_PEER name=img0
acl sites_server_img0 dstdomain img0-yoursite.yourdomain.com
cache_peer_access img0 allow sites_server_img0
http_access allow sites_server_img0
https_port 443 cert=/usr/local/squid/cert.pem key=/usr/local/squid/cert.key accel defaultsite=img1-yoursite.yourdomain.com vhost
cache_peer 1.2.3.4 parent 80 0 no-query originserver ssl sslflags=DONT_VERIFY_PEER name=img1
acl sites_server_img1 dstdomain img1-yoursite.yourdomain.com
cache_peer_access img1 allow sites_server_img1
http_access allow sites_server_img1
####base######
visible_hostname localhost
cache_mgr xiaomage234@163.com
cache_effective_user nobody
cache_effective_group nobody
####cache#####
cache_mem 600 MB
cache_swap_low 90
cache_swap_high 95
maximum_object_size 12000 KB
maximum_object_size_in_memory 1024 KB
cache_dir ufs /usr/local/squid/var/cache 10000 16 256
cache_access_log /usr/local/squid/var/logs/access.log
cache_log /usr/local/squid/var/logs/cache.log
cache_store_log /usr/local/squid/var/logs/store.log
#####no-cache##########
hierarchy_stoplist cgi-bin ?/.php
acl QUERY urlpath_regex cgi-bin /?/.php
#acl DIRECT url_regex -i ^http:
//192.168.0.201
cache deny QUERY
#cache deny DIRECT
#####refresh_pattern####
refresh_pattern ^ftp: 60 20% 10080
refresh_pattern ^gopher: 60 0% 1440
refresh_pattern ^gopher: 60 0% 1440
refresh_pattern . 0 20% 1440
refresh_pattern -i /.css$ 360 50% 2880 reload-into-ims
refresh_pattern -i /.js$ 1440 50% 2880 reload-into-ims
refresh_pattern -i /.html$ 720 50% 1440 reload-into-ims
refresh_pattern -i /.jpg$ 1440 90% 2880 ignore-reload
refresh_pattern -i /.gif$ 1440 90% 2880 ignore-reload
refresh_pattern -i /.swf$ 1440 90% 2880 ignore-reload
refresh_pattern -i /.jpg$ 1440 50% 2880 ignore-reload
refresh_pattern -i /.png$ 1440 50% 2880 ignore-reload
refresh_pattern -i /.bmp$ 1440 50% 2880 ignore-reload
refresh_pattern -i /.doc$ 1440 50% 2880 ignore-reload
refresh_pattern -i /.ppt$ 1440 50% 2880 ignore-reload
refresh_pattern -i /.xls$ 1440 50% 2880 ignore-reload
refresh_pattern -i /.pdf$ 1440 50% 2880 ignore-reload
refresh_pattern -i /.rar$ 1440 50% 2880 ignore-reload
refresh_pattern -i /.zip$ 1440 50% 2880 ignore-reload
refresh_pattern -i /.txt$ 1440 50% 2880 ignore-reload
######proxy agent###
http_port 80 accel vhost vport
cache_peer 1.2.3.4 parent 80 0 no-query originserver name=img00
cache_peer_domain img00 img0-yoursite.yourdomain.com
cache_peer 1.2.3.4 parent 80 0 no-query originserver name=img01
cache_peer_domain img01 img1-yoursite.yourdomain.com
######alc#####
acl manager2 proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl LanSrc src all
acl LanDst dst all
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
acl LanDstDM dstdomain .kanbox.com
http_access allow manager2 localhost
http_access deny manager2
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow LanDstDM
http_access allow LanSrc
http_access allow LanDst
http_access allow localnet
http_access deny all
下载附件:
/Files/xiaomage234/squid.conf.txt
varnish的配置,不支持https:
/Files/xiaomage234/default.vcl.txt