Re: Squid QUICKSTART (Was: protecting local resources )

What if we wrote a CGI frontend to configuring squid just like netscape has
on most of their web products?

PM

On Fri, 3 Jan 1997, Stephane Bortzmeyer wrote:

> On Thursday 2 January 97, at 2 h 37, the keyboard of Duane Wessels
> <wessels@nlanr.net> wrote:
>
> > At the various conferences and
> > workshops I have heard numerous people say that its too difficult to
> > properly configure a web cache, that it needs to be an order of
> > magnitude more simple. But at the same time I see users constantly
> > asking for additional configuration options.
>
> Squid is, IMHO, quite simple to configure. But, at the present time,
> people do not know it and freeze reading the sample squid.conf. Most of
> the values do not *need* to be changed but it takes time to discover by
> yourself which to change.
>
> So, here is a QUICKSTART which could be included in the distribution,
> once the english mistakes are fixed:
>
>
> --------
>
> Warning: this is intended only for people who want to start their Squid
> cache quickly. It is not a substitute for the real documentation. Squid
> has many features, but only a few of them are useful at the beginning.
> Use this text only if you have a quite simple setup.
>
> After you retrieved, compiled and installed the Squid software (see
> INSTALL in the same directory), you have to configure the squid.conf
> file. This is the list of the values you *need* to change, because no
> sensible defaults could be defined. Do not touch the other variables for
> now.
>
> If you have a parent cache, put it here. The administrators of the parent
> cache typically provided you with instructions. Here is a example:
>
> cache_host cache.parent-domain.org parent 3128 3130
>
> If you do not have a parent cache, add nothing.
>
> Add here the amount of memory (RAM memory) to devote to caching. Warning:
> Squid uses much more than this value. Rule of thumb: if you have N
> megabytes free for Squid, put N/3 here:
>
> cache_mem 16
>
> Add here the amount of hard disk space (in megabytes) to devote to
> caching:
>
> cache_swap 200
>
> List of ACL (access control list). This is important because it prevents
> people to steal your network resources. To fill in the "allowedSons" ACL,
> use your network address (for instance 192.168.10.0 and your network mask
> (for instance 255.255.255.0):
>
> acl manager proto cache_object
> acl localhost src 127.0.0.1/255.255.255.255
> acl all src 0.0.0.0/0.0.0.0
> acl allowedSons src 192.168.10.0/255.255.255.0
> http_access deny manager all
> http_access allow allowedSons
> http_access deny all
> icp_access allow allowedSons
> icp_access deny all
>
> Put here the e-mail address of the manager:
>
> cache_mgr cachemaster@your-domain.org
>
> Find a name (typically "nobody") and a group to run the cache. Do not use
> root, for security reasons.
>
> cache_effective_user nobody nogroup
>
> The name you advertise for the cache:
>
> visible_hostname cache.your-domain.org
>
> Now, give the log directory to the user you have choosen before (here,
> "nobody"). Do this as "root":
>
> chown nobody /usr/local/squid/logs
>
> Create and give to it the cache directory:
>
> mkdir /usr/local/squid/cache
> chown nobody /usr/local/squid/cache
>
> Now, you can start Squid (do this as "root"):
>
> /usr/local/squid/bin/squid
>
> Check in the cache.log (by default "/usr/local/squid/logs/cache.log")
> that everything is all right ("WARNING: Cannot write to swap directory"
> is normal the first time you run Squid).
>
> Once Squid created all its files (it can take several minutes on some
> systems), test it with echoping or a regular Web client. By default, your
> Squid will run on port 3128. See the Squid FAQ for more details.
>
> Tell your Unix to start Squid at startup (it depends heavily on the Unix
> you use, you'll typically have to modify something in a
> /etc/rc_something).
>
>
>
>
>
>

--
The Fulcrum Consulting Group               Peter Marelas - Consultant
12/10-16 Queen St, Melbourne VIC 3000,Australia   Ph: +61-3-9621-2100
PGP Key -> finger maral@fusion.mel.sprint.com.au  Fx: +61-3-9621-2724