slackbuilds/network/squid/README.SBo

92 lines
2.9 KiB
Plaintext

README.SBo - configuration help for squid from SlackBuilds.org
==============================================================================
If you need to start squid at boot, make sure /etc/rc.d/rc.squid is
executable and add the following to /etc/rc.d/rc.local:
if [ -x /etc/rc.d/rc.squid ]; then
/etc/rc.d/rc.squid start
fi
==============================================================================
Uncomment and edit the following lines in /etc/squid.conf:
http_port <port> <option>
Set <port> to the port you want Squid to listen on, default is 3128
Set <option> to 'transparent' if you want to make Squid a
transparent proxy through the use of IPTables DNAT/REDIRECT rules.
Note that this now replaces the older method of using httpd_accel.
Leave blank otherwise.
cache_peer, never_direct/always_direct
If you have a parent cache, put it here. The administrators of the
parent cache typically provided you with instructions. You should
always ask permission before adding a parent cache. See also the
never_direct/always_direct directives.
Note, if you don't have a cache_peer, you'll most likely need to use
'always_direct allow all'
cache_dir <storage> /var/log/squid/cache <mem> <L1> <L2>
Set <storage> to 'aufs' if you want an asynchronous storage facility
that allows Squid to access the disk without blocking; otherwise
use 'ufs' here.
Set <mem> to the number of megabytes you want Squid to use for its
cache, default is '100'
Set <L1> to the number of top-level directories to use for the cache,
default is '16'
Set <L2> to the number of sub-directories to use for the cache,
default is '256'
acl, http_access, icp_access
Access control lists. This is important because it prevents people
from stealing your network resources. To fill in the
"allowed_hosts" ACL, use your network address (for instance
192.168.10.0 and your network mask.
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl localnet src 192.168.10.0/24
http_access allow manager localhost
http_access deny manager
http_access allow localnet
http_access deny all
icp_access allow localnet
icp_access deny all
cache_mgr
Put here the e-mail address of the manager:
cache_effective_user
If you must start Squid as root, find a safe user and group to run
as after startup (typically "nobody" and "nogroup"). Do not use
"root", for security reasons.
visible_hostname
The host name you advertise for the cache.
==============================================================================
After editing squid.conf to your liking, run Squid from the command
line TWICE:
% /usr/sbin/squid -z
% /usr/sbin/squid
Check in the cache.log (/var/log/squid/cache.log) that
everything is all right.