Drew Wrobel wrote:
> I have upgraded my squid server from 2.6 stable 22 to 2.7 stable 7.
>
> Along with this, I have updated the configuration and wanted to make sure that some of the new settings won't be a problem.
>
> The biggest change is that I increased the maximum object size the squid will cache. Before everything at the default levels.
> I increased this size sine most of the files/pages being servers up, especially the ones that have flash and vidoes would be larger
> then 4K.
>
> Let me know if there is a better way or setting I should/should not be using.
>
> Thanks
>
> acl all src all
> acl manager proto cache_object
> acl localhost src 127.0.0.1/32
> acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
>
> acl SSL_ports port 443
> acl Safe_ports port 80 # http
> acl Safe_ports port 21 # ftp
> acl Safe_ports port 443 # https
> acl Safe_ports port 70 # gopher
> acl Safe_ports port 210 # wais
> acl Safe_ports port 1025-65535 # unregistered ports
> acl Safe_ports port 280 # http-mgmt
> acl Safe_ports port 488 # gss-http
> acl Safe_ports port 591 # filemaker
> acl Safe_ports port 777 # multiling http
> acl CONNECT method CONNECT
>
> http_access deny !Safe_ports
> http_access deny CONNECT !SSL_ports
>
> http_port 127.0.0.1:3128
>
> hierarchy_stoplist cgi-bin ?
NP: if you are caching dynamic pages at all, you will need to use the
default dynamic page refresh pattern to stay RFC compliant:
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
Of course providing the pages with correct Expires:, Last-Modified:
and/or Cache-Control: headers is even better.
> refresh_pattern . 0 20% 4320
>
> acl apache rep_header Server ^Apache
> broken_vary_encoding allow apache
>
> coredump_dir /var/cache/squid
>
> http_access allow manager localhost
> http_access deny manager
>
> http_access deny to_localhost
>
> http_port 80 accel vport
>
> cache_peer 172.21.1.2 parent 80 0 no-query originserver round-robin login=PASS
> cache_peer 172.21.3.4 parent 80 0 no-query originserver round-robin login=PASS
> cache_peer 172.21.5.6 parent 80 0 no-query originserver round-robin login=PASS
>
> acl mainSite dstdomain www.company.com
> acl otherSites dstdomain .company.com
>
> cache_peer_access 172.21.1.2 allow mainSite
> cache_peer_access 172.21.1.2 deny all
> cache_peer_access 172.21.3.4 allow mainSite
> cache_peer_access 172.21.3.4 deny all
> cache_peer_access 172.21.5.6 allow mainSite
> cache_peer_access 172.21.5.6 deny all
>
> http_access allow mainSite
>
> deny_info http://www.company.com/ otherSites
>
> http_access deny otherSites
> http_access deny all
>
> icp_port 0
> icp_access deny all
> log_icp_queries off
>
> acl loadbalancer1 src 172.21.10.1
> acl loadbalancer2 src 172.21.10.12
> follow_x_forwarded_for allow loadbalancer1
> follow_x_forwarded_for allow loadbalancer2
> follow_x_forwarded_for allow all
> acl_uses_indirect_client on
> delay_pool_uses_indirect_client on
> log_uses_indirect_client on
>
> logformat combined %{Host}>h %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %<st "%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh
If this really is the real "combined" Apache httpd format there is no
need to define it. If it's a customized version with altered details
please name it with a name of your own.
> access_log /var/log/squid/access.log combined
> logfile_rotate 0
> collapsed_forwarding on
> vary_ignore_expire on
> httpd_suppress_version_string off
>
> cache_effective_user squid
> cache_store_log none
> client_db off
> cache_mem 512 MB
> maximum_object_size_in_memory 24 MB
> cache_replacement_policy lru
> cache_dir ufs /var/cache/squid 2000 10 10
> maximum_object_size 20480 KB
cosmetic: maximum_object_size 20 MB
Amos
-- Please be using Current Stable Squid 2.7.STABLE7 or 3.0.STABLE21 Current Beta Squid 3.1.0.15Received on Sat Jan 09 2010 - 14:25:50 MST
This archive was generated by hypermail 2.2.0 : Sat Jan 09 2010 - 12:00:03 MST