In the first part is about installation procedures squid2.7stable9, then we will do the configuration stage squid2.7stable9
let’s start
make directory for cache
mkdir -p cache1 cache2 cache3
set owner folder cache1, cache2 and cache3 as user: proxy group:proxy and then set permision 644
sudo chown proxy:proxy -R cache1 sudo chown proxy:proxy -R cache2 sudo chown proxy:proxy -R cache3 sudo chmod 777 cache1 sudo chmod 777 cache2 sudo chmod 777 cache1
backup default squid configuration
sudo mv /etc/squid/squid.conf /etc/squid/squid.conf.backup
create new file squid.conf, and then copy this script to squid.conf
sudo touch /etc/squid/squid.conf
sudo nano /etc/squid/squid.conf
acl QUERY urlpath_regex -i cgi-bin ? localhost acl all src all acl manager proto cache_object acl localhost src 127.0.0.1/32 acl mikrotik src 192.168.2.0/24 #change this IP/Netmask if not same on your network acl to_localhost dst 127.0.0.0/8 acl OLCNETWORK src 192.168.1.0/24 #change this IP/Netmask if not same on your network acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl snmppublic snmp_community public acl CONNECT method CONNECT acl PURGE method PURGE snmp_access allow snmppublic localhost http_access allow PURGE localhost http_access deny PURGE http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow OLCNETWORK http_access allow mikrotik snmp_access deny all http_access deny all # NETWORK OPTIONS # ----------------------------------------------------------------------------- http_port 3128 transparent zph_mode tos zph_local 0x30 zph_parent 0 zph_option 136 # PARENT/SIBLING CACHE OPTIONS # ----------------------------------------------------------------------------- hierarchy_stoplist cgi-bin localhost # OPTIONS WHICH AFFECT THE CACHE SIZE # ----------------------------------------------------------------------------- cache_mem 8 MB maximum_object_size_in_memory 64 KB memory_replacement_policy heap GDSF cache_replacement_policy heap LFUDA cache_dir aufs /cache1 7500 16 256 cache_dir aufs /cache2 7500 16 256 cache_dir aufs /cache3 7500 16 256 store_dir_select_algorithm least-load maximum_object_size 20480 KB cache_swap_low 90 cache_swap_high 95 update_headers off # LOGFILE PATHNAMES AND CACHE DIRECTORIES # ----------------------------------------------------------------------------- access_log none cache_log /dev/null cache_store_log none logfile_rotate 5 log_ip_on_direct off log_icp_queries off buffered_logs off netdb_filename none pid_filename /var/run/squid.pid # OPTIONS FOR TUNING THE CACHE # ----------------------------------------------------------------------------- cache deny QUERY refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i .(gif|png|jp?g|ico|bmp|tiff?)$ 10080 95% 43200 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-private refresh_pattern -i .(rpm|cab|deb|exe|msi|psd|msu|zip|tar|gz|tgz|rar|bin|7z|doc?|xls?|ppt?|pdf)$ 10080 90% 43200 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-private refresh_pattern -i .(avi|iso|wav|mid|mp?|mpeg|mov|3gp|wm?|swf|flv|x-flv|axd)$ 43200 95% 432000 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-private refresh_pattern -i (/cgi-bin/|?) 0 0% 0 refresh_pattern . 1440 90% 10080 quick_abort_min 0 KB quick_abort_max 0 KB quick_abort_pct 98 store_avg_object_size 32 KB # HTTP OPTIONS # ----------------------------------------------------------------------------- server_http11 on collapsed_forwarding on vary_ignore_expire on header_access From deny all header_access Server deny all header_access Link deny all header_access Via deny all header_access X-Forwarded-For deny all # TIMEOUTS # ----------------------------------------------------------------------------- forward_timeout 240 seconds connect_timeout 60 seconds peer_connect_timeout 5 seconds read_timeout 600 seconds request_timeout 60 seconds persistent_request_timeout 60 seconds client_lifetime 86400 seconds half_closed_clients off pconn_timeout 60 seconds shutdown_lifetime 15 seconds # ADMINISTRATIVE PARAMETERS # ----------------------------------------------------------------------------- cache_mgr OLCNETWORK cache_effective_user squid cache_effective_group squid httpd_suppress_version_string on visible_hostname OLCNETWORK # ADVANCED NETWORKING OPTIONS # ----------------------------------------------------------------------------- max_filedescriptors 65535 # DNS OPTIONS # ----------------------------------------------------------------------------- check_hostnames off dns_timeout 30 seconds dns_nameservers 192.168.2.1 hosts_file /etc/hosts ipcache_size 8192 ipcache_low 95 ipcache_high 98 fqdncache_size 4096 # MISCELLANEOUS # ----------------------------------------------------------------------------- memory_pools off forwarded_for off reload_into_ims on coredump_dir /home/squid pipeline_prefetch on
sudo squid -f /etc/squid/squid.conf -z sudo squid -k reconfigure
Finnish 
