CentOS 6.5上安装squid 3.0

一、准备工作

[root@squid ~]# iptables -L -n

Chain INPUT (policy ACCEPT)

target prot opt source destination

Chain FORWARD (policy ACCEPT)

target prot opt source destination

Chain OUTPUT (policy ACCEPT)

target prot opt source destination

[root@squid ~]# getenforce

disabled

[root@squid ~]# hostname

squid.contoso.com

[root@squid ~]# crontab -l

0 * * * * /usr/sbin/ntpdate 210.72.145.44 64.147.116.229 time.nist.gov

[root@squid ~]#yum -y install gcc gcc-c++ autoconf libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib-devel bzip2 bzip2-devel ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel krb krb5-devel libidn libidn-devel openssl openssl-devel make gcc-c++ cmake bison-devel ncurses-devel

二、编译安装squid

mkdir-p/opt/tools
cd/opt/tools/
wgethttp://www.squid-cache.org/Versions/v3/3.0/squid-3.0.STABLE20.tar.gz
tar-zxfsquid-3.0.STABLE20.tar.gz
cdsquid-3.0.STABLE20

./configure--prefix=/usr/local/squid\
--enable-async-io=100\
--with-pthreads\
--enable-storeio="aufs,diskd,ufs"\
--enable-removal-policies="heap,lru"\
--enable-icmp\
--enable-delay-pools\
--enable-useragent-log\
--enable-referer-log\
--enable-kill-parent-hack\
--enable-cachemgr-hostname=localhost\
--enable-arp-acl\
--enable-default-err-language=English\
--enable-err-languages="Simplify_ChineseEnglish"\
--disable-poll\
--disable-wccp\
--disable-wccpv2\
--disable-ident-lookups\
--disable-internal-dns\
--enable-basic-auth-helpers="NCSA"\
--enable-stacktrace\
--with-large-files\
--disable-mempools\
--with-filedescriptors=64000\
--enable-ssl\
--enable-x-accelerator-vary\
--disable-snmp\
--with-aio\
--enable-linux-netfilter\
--enable-linux-tproxy

make
makeinstall

三、配置squid

useradd -s /sbin/nologin -M squid #创建squid用户

cd /usr/local/squid/etc/

[root@squid etc]# tree -d -L 2 /usr/local/squid #安装完squid之后默认创建的目录

/usr/local/squid

├── bin

├── etc

├── libexec

├── sbin

├── share

│ ├── errors

│ ├── icons

│ └── man

└── var

└── logs

10 directories

squid安装后的目录说明：

sbin/squid: squid的主程序

bin: bin目录包含对所有用户可用的程序

bin/runcache: runcache是一个shell脚本，可以用它来启动squid。假如squid死掉，该脚本自动重启它，除非它检测到经常的重启。

bin/RunAccel: RunAccel与runcache几乎一致，唯一的不同是它增加了一个命令行参数，告诉squid在哪里侦听HTTP请求。

bin/squidclient： squidclient是个简单的HTTP客户端程序，可以用它来测试squid。它也有一些特殊功能，用来对运行的squid进程发起管理请求。

libexec：libexec目录包含了辅助程序，有一些命令无法正常的启动。然而，这些程序通常被其他程序启动。

libexec/unlinkd：unlinkd是一个辅助程序，它从cache目录里删除文件。

libexec/cachemgr.cgi：cachemgr.cgi是squid管理功能的CGI接口。要使用它需要把它拷贝到你的WEB服务器的cgi-bin目录。

libexec/diskd(optional)：如果指定了--enable-storeio=diskd，才能看到它

libexec/pinger(optional)：如果指定了--enable-icmp，才能看到它

etc：etc目录包含了squid的配置文件

etc/squid.conf：这是squid的主配置文件

var: var目录包含了不是很重要的和经常变化的文件，这些文件不必正常的备份它们。

var/logs：该目录是squid不同日志文件的默认位置，当你第一次安装squid时，它是空的。一旦squid开始运行，你能在这里看到名字为access.log，cache.log和store.log这样的文件。

var/cache：假如你不在squid.conf文件里指定，这是默认的缓存目录(cache_dir)。

[root@squid etc]# diff squid.conf.default squid.conf #默认情况下就有一个squid.conf的备份

[root@squid etc]# vi squid.conf

[root@squid etc]# diff squid.conf.default squid.conf

1710c1710

< # cache_dir ufs /usr/local/squid/var/cache 100 16 256

---

> cache_dir ufs /usr/local/squid/var/cache 100 16 256 #取消cache_dir的注释

1889c1889

< # cache_log /usr/local/squid/var/logs/cache.log

---

> cache_log /usr/local/squid/var/logs/cache.log #启用cache_log

1899c1899

< # cache_store_log /usr/local/squid/var/logs/store.log

---

> cache_store_log /usr/local/squid/var/logs/store.log #启用cache_store_log

2912c2912

< # cache_mgr webmaster

---

> cache_mgr admin@contoso.com #设置cache管理员邮箱

2941c2941

< # cache_effective_user nobody

---

> cache_effective_user squid #设置squid用户

2961a2962

> cache_effective_group squid #设置squid组

2977a2979

> visible_hostname cache1.contoso.com #设置可见的主机名，如果不设置会报错

[root@squid etc]# chown -R squid:squid/usr/local/squid/var/logs

[root@squid etc]# /usr/local/squid/sbin/squid -k parse #测试squid的配置文件语法是否正确

2016/10/15 09:09:01| Processing Configuration File: /usr/local/squid/etc/squid.conf (depth 0)

2016/10/15 09:09:01| Initializing https proxy context

# 上面的结果说明配置文件正确

[root@squid etc]# chown -R squid:squid /usr/local/squid/var/

[root@squid etc]# /usr/local/squid/sbin/squid -z #对cache目录进行初始化

2016/10/15 09:13:14| Creating Swap Directories

2016/10/15 09:13:14| Making directories in /usr/local/squid/var/cache/00

2016/10/15 09:13:14| Making directories in /usr/local/squid/var/cache/01

2016/10/15 09:13:14| Making directories in /usr/local/squid/var/cache/02

2016/10/15 09:13:14| Making directories in /usr/local/squid/var/cache/03

2016/10/15 09:13:14| Making directories in /usr/local/squid/var/cache/04

2016/10/15 09:13:14| Making directories in /usr/local/squid/var/cache/05

2016/10/15 09:13:14| Making directories in /usr/local/squid/var/cache/06

2016/10/15 09:13:14| Making directories in /usr/local/squid/var/cache/07

2016/10/15 09:13:14| Making directories in /usr/local/squid/var/cache/08

2016/10/15 09:13:14| Making directories in /usr/local/squid/var/cache/09

2016/10/15 09:13:14| Making directories in /usr/local/squid/var/cache/0A

2016/10/15 09:13:14| Making directories in /usr/local/squid/var/cache/0B

2016/10/15 09:13:14| Making directories in /usr/local/squid/var/cache/0C

2016/10/15 09:13:14| Making directories in /usr/local/squid/var/cache/0D

2016/10/15 09:13:14| Making directories in /usr/local/squid/var/cache/0E

2016/10/15 09:13:14| Making directories in /usr/local/squid/var/cache/0F

下面看一下初始化的结果：

[root@squid etc]# ll /usr/local/squid/var/cache/

total 64

drwxr-x--- 258 squid squid 4096 Oct 15 09:13 00

drwxr-x--- 258 squid squid 4096 Oct 15 09:13 01

drwxr-x--- 258 squid squid 4096 Oct 15 09:13 02

drwxr-x--- 258 squid squid 4096 Oct 15 09:13 03

drwxr-x--- 258 squid squid 4096 Oct 15 09:13 04

drwxr-x--- 258 squid squid 4096 Oct 15 09:13 05

drwxr-x--- 258 squid squid 4096 Oct 15 09:13 06

drwxr-x--- 258 squid squid 4096 Oct 15 09:13 07

drwxr-x--- 258 squid squid 4096 Oct 15 09:13 08

drwxr-x--- 258 squid squid 4096 Oct 15 09:13 09

drwxr-x--- 258 squid squid 4096 Oct 15 09:13 0A

drwxr-x--- 258 squid squid 4096 Oct 15 09:13 0B

drwxr-x--- 258 squid squid 4096 Oct 15 09:13 0C

drwxr-x--- 258 squid squid 4096 Oct 15 09:13 0D

drwxr-x--- 258 squid squid 4096 Oct 15 09:13 0E

drwxr-x--- 258 squid squid 4096 Oct 15 09:13 0F

[root@squid ~]# ls /usr/local/squid/var/cache/00/

00 0C 18 24 30 3C 48 54 60 6C 78 84 90 9C A8 B4 C0 CC D8 E4 F0 FC

01 0D 19 25 31 3D 49 55 61 6D 79 85 91 9D A9 B5 C1 CD D9 E5 F1 FD

02 0E 1A 26 32 3E 4A 56 62 6E 7A 86 92 9E AA B6 C2 CE DA E6 F2 FE

03 0F 1B 27 33 3F 4B 57 63 6F 7B 87 93 9F AB B7 C3 CF DB E7 F3 FF

04 10 1C 28 34 40 4C 58 64 70 7C 88 94 A0 AC B8 C4 D0 DC E8 F4

05 11 1D 29 35 41 4D 59 65 71 7D 89 95 A1 AD B9 C5 D1 DD E9 F5

06 12 1E 2A 36 42 4E 5A 66 72 7E 8A 96 A2 AE BA C6 D2 DE EA F6

07 13 1F 2B 37 43 4F 5B 67 73 7F 8B 97 A3 AF BB C7 D3 DF EB F7

08 14 20 2C 38 44 50 5C 68 74 80 8C 98 A4 B0 BC C8 D4 E0 EC F8

09 15 21 2D 39 45 51 5D 69 75 81 8D 99 A5 B1 BD C9 D5 E1 ED F9

0A 16 22 2E 3A 46 52 5E 6A 76 82 8E 9A A6 B2 BE CA D6 E2 EE FA

0B 17 23 2F 3B 47 53 5F 6B 77 83 8F 9B A7 B3 BF CB D7 E3 EF FB

[root@squid ~]# ls /usr/local/squid/var/cache/00/ |wc -l

256

也就是根据在squid.conf文件配置的cache_dir ufs /usr/local/squid/var/cache 100 16 256，一共在cache_dir中生成16个目录，每个目录下又生成256个目录。

下面启动squid：

[root@squid etc]# /usr/local/squid/sbin/squid -N -d1 #启动squid（前台启动）

2016/10/15 09:15:14| Starting Squid Cache version 3.0.STABLE20 for x86_64-unkNown-linux-gnu...

2016/10/15 09:15:14| Process ID 21815

2016/10/15 09:15:14| With 64000 file descriptors available

2016/10/15 09:15:14| Performing DNS Tests...

2016/10/15 09:15:14| Successful DNS name lookup tests...

2016/10/15 09:15:14| helperOpenServers: Starting 5/5 'dnsserver' processes

2016/10/15 09:15:14| User-Agent logging is disabled.

2016/10/15 09:15:14| Referer logging is disabled.

2016/10/15 09:15:14| Unlinkd pipe opened on FD 14

2016/10/15 09:15:14| Swap maxSize 102400 + 8192 KB,estimated 8507 objects

2016/10/15 09:15:14| Target number of buckets: 425

2016/10/15 09:15:14| Using 8192 Store buckets

2016/10/15 09:15:14| Max Mem size: 8192 KB

2016/10/15 09:15:14| Max Swap size: 102400 KB

2016/10/15 09:15:14| Rebuilding storage in /usr/local/squid/var/cache (DIRTY)

2016/10/15 09:15:14| Using Least Load store dir selection

2016/10/15 09:15:14| Set Current Directory to /usr/local/squid/var/cache

2016/10/15 09:15:14| Loaded Icons.

2016/10/15 09:15:14| Accepting HTTP connections at 0.0.0.0,port 3128,FD 15.

2016/10/15 09:15:14| Accepting ICP messages at 0.0.0.0,port 3130,FD 16.

2016/10/15 09:15:14| HTCP disabled.

2016/10/15 09:15:14| Pinger socket opened on FD 18

2016/10/15 09:15:14| Ready to serve requests.

2016/10/15 09:15:15| Done scanning /usr/local/squid/var/cache swaplog (0 entries)

2016/10/15 09:15:15| Finished rebuilding storage from disk.

2016/10/15 09:15:15| 0 Entries scanned

2016/10/15 09:15:15| 0 Invalid entries.

2016/10/15 09:15:15| 0 With invalid flags.

2016/10/15 09:15:15| 0 Objects loaded.

2016/10/15 09:15:15| 0 Objects expired.

2016/10/15 09:15:15| 0 Objects cancelled.

2016/10/15 09:15:15| 0 Duplicate URLs purged.

2016/10/15 09:15:15| 0 Swapfile clashes avoided.

2016/10/15 09:15:15| Took 0.99 seconds ( 0.00 objects/sec).

2016/10/15 09:15:15| Beginning Validation Procedure

2016/10/15 09:15:15| Completed Validation Procedure

2016/10/15 09:15:15| Validated 25 Entries

2016/10/15 09:15:15| store_swap_size = 0

2016/10/15 09:15:15| storeLateRelease: released 0 objects

2016/10/15 09:55:14| NETDB state saved; 0 entries,0 msec

2016/10/15 10:36:54| NETDB state saved; 0 entries,0 msec

查看一下监听端口：

[root@squid ~]# netstat -tunlp|grep squid

tcp 0 0 0.0.0.0:3128 0.0.0.0:* LISTEN 21815/squid

udp 0 0 0.0.0.0:3130 0.0.0.0:* 21815/squid

[root@squid ~]# lsof -i :3128

COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME

squid 21815 squid 15u IPv4 36097 0t0 TCP *:squid (LISTEN)

四、简单的测试

由于上面的配置只是简单的一个正向代理的配置，所以这里使用IE浏览器进行代理连接测试。

首先，打开IE浏览器的浏览器选项，在连接选项卡中点击局域网设置。

在代理服务器中输入squid服务器的IP和端口，确定，然后打开百度进行刷新。

为了确定是否是从squid代理进行浏览网页，我清空了squid的access.log，然后再进行跟踪，下面是详细的日志信息：

[root@squid ~]# > /usr/local/squid/var/logs/access.log

[root@squid ~]# tail -f /usr/local/squid/var/logs/access.log

1476545163.478 214 192.168.49.1 TCP_MISS/200 48583 CONNECT www.baidu.com:443 - DIRECT/14.215.177.38 -

1476545163.545 69 192.168.49.1 TCP_MISS/200 12924 CONNECT ss0.baidu.com:443 - DIRECT/119.146.74.33 -

1476545163.547 74 192.168.49.1 TCP_MISS/200 12252 CONNECT ss2.baidu.com:443 - DIRECT/119.146.74.33 -

1476545163.613 131 192.168.49.1 TCP_MISS/200 618 CONNECT ss0.bdstatic.com:443 - DIRECT/119.146.74.32 -

1476545163.635 161 192.168.49.1 TCP_MISS/200 1151 CONNECT ss0.bdstatic.com:443 - DIRECT/119.146.74.32 -

1476545163.636 163 192.168.49.1 TCP_MISS/200 1135 CONNECT ss0.bdstatic.com:443 - DIRECT/119.146.74.32 -

1476545163.751 277 192.168.49.1 TCP_MISS/200 1103 CONNECT ss0.bdstatic.com:443 - DIRECT/119.146.74.32 -

1476545164.094 622 192.168.49.1 TCP_MISS/200 1087 CONNECT ss0.bdstatic.com:443 - DIRECT/119.146.74.32 -

1476545164.094 618 192.168.49.1 TCP_MISS/200 1055 CONNECT ss0.bdstatic.com:443 - DIRECT/119.146.74.32 -

1476545164.094 622 192.168.49.1 TCP_MISS/200 1524 CONNECT ss0.bdstatic.com:443 - DIRECT/119.146.74.32 -

1476545164.095 480 192.168.49.1 TCP_MISS/200 1684 CONNECT ss1.bdstatic.com:443 - DIRECT/119.146.74.32 -

1476545164.095 460 192.168.49.1 TCP_MISS/200 3139 CONNECT ss1.bdstatic.com:443 - DIRECT/119.146.74.32 -

1476545164.444 107 192.168.49.1 TCP_MISS/200 634 CONNECT sp3.baidu.com:443 - DIRECT/14.215.177.37 -

1476545223.537 60061 192.168.49.1 TCP_MISS/200 15152 CONNECT ss1.baidu.com:443 - DIRECT/119.146.74.33 -

1476545223.549 60076 192.168.49.1 TCP_MISS/200 1156 CONNECT ss0.bdstatic.com:443 - DIRECT/119.146.74.32 -

1476545223.555 60079 192.168.49.1 TCP_MISS/200 9479 CONNECT ss1.baidu.com:443 - DIRECT/119.146.74.33 -

1476545223.738 60100 192.168.49.1 TCP_MISS/200 2238 CONNECT ss1.bdstatic.com:443 - DIRECT/119.146.74.32 -

1476545224.154 60606 192.168.49.1 TCP_MISS/200 1625 CONNECT ss0.bdstatic.com:443 - DIRECT/119.146.74.32 -

1476545224.154 60606 192.168.49.1 TCP_MISS/200 1657 CONNECT ss0.bdstatic.com:443 - DIRECT/119.146.74.32 -

1476545224.376 60236 192.168.49.1 TCP_MISS/200 25575 CONNECT www.baidu.com:443 - DIRECT/14.215.177.37 -

1476545224.437 60109 192.168.49.1 TCP_MISS/200 953 CONNECT www.baidu.com:443 - DIRECT/14.215.177.38 -

1476545258.936 95184 192.168.49.1 TCP_MISS/200 3736 CONNECT sp0.baidu.com:443 - DIRECT/14.215.177.38 -

1476545258.994 78103 192.168.49.1 TCP_MISS/200 1742 CONNECT sp1.baidu.com:443 - DIRECT/14.215.177.37 -

五、其他

把squid命令路径添加到系统环境变量：

echo 'PATH=/usr/local/squid/sbin:/usr/local/squid/bin:$PATH' >> /etc/profile

source /etc/profile

让squid在后台运行：

/usr/local/squid/sbin/squid -D

将squid添加到开机启动：

echo '/usr/local/squid/sbin/squid -D' >>/etc/rc.local

squid启动脚本：

#!/bin/bash

# chkconfig: 345 88 14

# description: squid Daemon

case "$1" in

start)

/usr/local/squid/sbin/squid -D

;;

stop) /usr/local/squid/sbin/squid -k shutdown

;;

restart)

/usr/local/squid/sbin/squid -k reconfigure

;;

parse)

/usr/local/squid/sbin/squid -k parse

;;

check)

/usr/local/squid/sbin/squid -k check

;;

echo "Usage: $0 start|stop|restart|check|parse"

;;

esac

配置squid日志轮询：

/usr/local/squid/sbin/squid -k rotate

配置squid日志切割：

1）添加定时任务：

0 0 * * * /bin/sh /opt/tools/rotate_squid.sh >/dev/null 2>&1

2）rotate_squid.sh脚本的内容如下：

cd /usr/local/squid/var/logs

[ -f access.log ] && mv access.log access_$(date +%F).log

/usr/local/squid/sbin/squid -k rotate

CentOS 6.5上安装squid 3.0

相关文章