openwrt x86配置squid

参考1：http://bbs.chinaunix.net/thread-3675190-1-1.html
参考2：http://www.haiyun.me/archives/openwrt-squid-proxy-cache.html
配置文件

visible_hostname proxy.www #主机名
cache_mgr 139@139.com #管理员邮箱
http_port 3128 transparent #监听端口3128，透明代理
icp_port 0 #单机模式
dns_nameservers 192.168.1.1 #DNS
#cache_effective_user squid #运行用户
#cache_effective_group squid #运行用户组
pid_filename /tmp/squid.pid #pid文件
error_directory /usr/share/squid/errors/English #错误提示文件
emulate_httpd_log on #开启httpd日记格式
#logformat log %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %<st "%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh #自定义日记模式
cache_access_log /mnt/log/access.log #日记路径
cache_log none #无cache日记
cache_store_log none #无store日记
cache_dir ufs /mnt/cache/ 2048 16 256 #硬盘缓存2G，一级目录16，二级目录256
cache_mem 16 MB #内存缓存16M
cache_swap_low 90
cache_swap_high 95
minimum_object_size 0 KB #最小缓存不限制
maximum_object_size 4096 KB #最大缓存4M
cache_vary on #开启vary缓存
connect_timeout 1 minute #连接超时1分
request_timeout 1 minutes #请求超时1分
 
acl QUERY urlpath_regex -i cgi-bin \?
cache deny QUERY #不缓存cgin-bin
 
acl bt url_regex -i ^http://.*\.torrent$
http_access deny bt    #禁止下载torrent
acl files urlpath_regex -i "/etc/squid/files.txt" #过滤下载文件后缀
acl sites dstdom_regex "/etc/squid/sites.txt"   #过滤特定网址
acl keys url_regex -i "/etc/squid/keys.txt"  #过滤特定关键词
acl nocache_sites dstdom_regex "/etc/squid/nocache_sites.txt" #指定不缓存网址
acl nocache_files urlpath_regex -i "/etc/squid/nocache_files.txt" #指定不缓存文件后缀
http_access deny files             
http_access deny sites
http_access deny keys   
cache deny nocache_sites
cache deny nocache_files
 
acl all src 0.0.0.0/0.0.0.0 
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl localnet src 192.168.1.0/255.255.255.0
acl SSL_ports port 443 563 10000
acl Safe_ports port 80 21 443 56370 210 1025-65535 280 488 591
 
http_access allow manager localhost
http_access deny manager
http_access allow localnet
http_access deny all
 
#acl apache rep_header Server ^Apache
broken_vary_encoding allow all #开启压缩
header_access X-Forwarded-For deny all #禁止 X-Forwarded头
header_access HTTP_VIA deny all   #禁止HTTP_VIA
header_access Via deny all #禁止Via头
refresh_pattern -i \.css$ 1440 50% 129600 reload-into-ims 
refresh_pattern -i \.xml$ 1440 50% 129600 reload-into-ims
refresh_pattern -i \.htm$ 1440 90% 129600 reload-into-ims
refresh_pattern -i \.html$ 1440 90% 129600 reload-into-ims
refresh_pattern -i \.shtml$ 1440 90% 129600 reload-into-ims
refresh_pattern -i \.png$ 1440 90% 129600 reload-into-ims
refresh_pattern -i \.jpg$ 1440 90% 129600 reload-into-ims
refresh_pattern -i \.jpeg$ 1440 90% 129600 reload-into-ims
refresh_pattern -i \.gif$ 1440 90% 129600 reload-into-ims
refresh_pattern -i \.bmp$ 1440 90% 129600 reload-into-ims
refresh_pattern -i \.js$ 1440 90% 129600 reload-into-ims
 
refresh_pattern -i \.mp3$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.wmv$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.rm$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.swf$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.mpeg$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.wma$ 1440 50% 2880 ignore-reload
 
refresh_pattern -i \.exe$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.rar$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.zip$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.gz$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.bz2$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.7z$ 1440 50% 2880 ignore-reload</st>

visible_hostname proxy.www #主机名

cache_mgr 139@139.com #管理员邮箱

http_port 3128 transparent #监听端口3128，透明代理

icp_port 0 #单机模式

dns_nameservers 192.168.1.1 #DNS

#cache_effective_user squid #运行用户

#cache_effective_group squid #运行用户组

pid_filename /tmp/squid.pid #pid文件

error_directory /usr/share/squid/errors/English #错误提示文件

emulate_httpd_log on #开启httpd日记格式

#logformat log %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %<st "%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh #自定义日记模式

cache_access_log /mnt/log/access.log #日记路径

cache_log none #无cache日记

cache_store_log none #无store日记

cache_dir ufs /mnt/cache/ 2048 16 256 #硬盘缓存2G，一级目录16，二级目录256

cache_mem 16 MB #内存缓存16M

cache_swap_low 90

cache_swap_high 95

minimum_object_size 0 KB #最小缓存不限制

maximum_object_size 4096 KB #最大缓存4M

cache_vary on #开启vary缓存

connect_timeout 1 minute #连接超时1分

request_timeout 1 minutes #请求超时1分

acl QUERY urlpath_regex -i cgi-bin \?

cache deny QUERY #不缓存cgin-bin

acl bt url_regex -i ^http://.*\.torrent$

http_access deny bt #禁止下载torrent

acl files urlpath_regex -i "/etc/squid/files.txt" #过滤下载文件后缀

acl sites dstdom_regex "/etc/squid/sites.txt" #过滤特定网址

acl keys url_regex -i "/etc/squid/keys.txt" #过滤特定关键词

acl nocache_sites dstdom_regex "/etc/squid/nocache_sites.txt" #指定不缓存网址

acl nocache_files urlpath_regex -i "/etc/squid/nocache_files.txt" #指定不缓存文件后缀

http_access deny files

http_access deny sites

http_access deny keys

cache deny nocache_sites

cache deny nocache_files

acl all src 0.0.0.0/0.0.0.0

acl manager proto cache_object

acl localhost src 127.0.0.1/255.255.255.255

acl localnet src 192.168.1.0/255.255.255.0

acl SSL_ports port 443 563 10000

acl Safe_ports port 80 21 443 56370 210 1025-65535 280 488 591

http_access allow manager localhost

http_access deny manager

http_access allow localnet

http_access deny all

#acl apache rep_header Server ^Apache

broken_vary_encoding allow all #开启压缩

header_access X-Forwarded-For deny all #禁止 X-Forwarded头

header_access HTTP_VIA deny all #禁止HTTP_VIA

header_access Via deny all #禁止Via头

refresh_pattern -i \.css$ 1440 50% 129600 reload-into-ims

refresh_pattern -i \.xml$ 1440 50% 129600 reload-into-ims

refresh_pattern -i \.htm$ 1440 90% 129600 reload-into-ims

refresh_pattern -i \.html$ 1440 90% 129600 reload-into-ims

refresh_pattern -i \.shtml$ 1440 90% 129600 reload-into-ims

refresh_pattern -i \.png$ 1440 90% 129600 reload-into-ims

refresh_pattern -i \.jpg$ 1440 90% 129600 reload-into-ims

refresh_pattern -i \.jpeg$ 1440 90% 129600 reload-into-ims

refresh_pattern -i \.gif$ 1440 90% 129600 reload-into-ims

refresh_pattern -i \.bmp$ 1440 90% 129600 reload-into-ims

refresh_pattern -i \.js$ 1440 90% 129600 reload-into-ims

refresh_pattern -i \.mp3$ 1440 50% 2880 ignore-reload

refresh_pattern -i \.wmv$ 1440 50% 2880 ignore-reload

refresh_pattern -i \.rm$ 1440 50% 2880 ignore-reload

refresh_pattern -i \.swf$ 1440 50% 2880 ignore-reload

refresh_pattern -i \.mpeg$ 1440 50% 2880 ignore-reload

refresh_pattern -i \.wma$ 1440 50% 2880 ignore-reload

refresh_pattern -i \.exe$ 1440 50% 2880 ignore-reload

refresh_pattern -i \.rar$ 1440 50% 2880 ignore-reload

refresh_pattern -i \.zip$ 1440 50% 2880 ignore-reload

refresh_pattern -i \.gz$ 1440 50% 2880 ignore-reload

refresh_pattern -i \.bz2$ 1440 50% 2880 ignore-reload

refresh_pattern -i \.7z$ 1440 50% 2880 ignore-reload</st>

squid相关指令：

squid -k reconfigure #重置
squid -k parse  #检测配置文件
squid -k shutdown #关闭
squid -k rotate  #分割日记

squid -k reconfigure #重置

squid -k parse #检测配置文件

squid -k shutdown #关闭

squid -k rotate #分割日记

Openwrt下安装squid后无init脚本，管理不方便，自己简单写了个。

#/bin/bash
START=70
stop() {
  squid -k shutdown
}
start() {
  squid
  }
restart() {
killall -9 squid
  squid -k reconfigure
  }
check() {
  squid -k parse
  }

#/bin/bash

START=70

stop() {

squid -k shutdown

}

start() {

squid

}

restart() {

killall -9 squid

squid -k reconfigure

}

check() {

squid -k parse

}

iptables配置：

opkg install iptables-mod-nat-extra
iptables -t nat -A PREROUTING -i br-lan -p tcp  --dport 80 -j REDIRECT --to-ports 3128

1 2	opkg install iptables-mod-nat-extra iptables -t nat -A PREROUTING -i br-lan -p tcp --dport 80 -j REDIRECT --to-ports 3128

声明：本站所有文章，如无特殊说明或标注，均为本站原创发布。任何个人或组织，在未征得本站同意时，禁止复制、盗用、采集、发布本站内容到任何网站、书籍等各类媒体平台。如若本站内容侵犯了原著者的合法权益，可联系我们进行处理。

openwrt x86配置squid

排行榜展示

虚拟机装爱快64位和32位需分配多大内存

你找到开启网心云的正确姿势吗？

自定义Sql连不上出错提示

罗技鼠标按键编号图

esxi硬件性能弱把爱快换为mikrotik routeros跑网心云

新路由3newifi3 d2和新路由2newifi2 d1 备份原机编程固件

文章展示

把乐视原系统换了

赚钱宝2代非Pro(512M+4G)做打印服务器alist samba

openwrt 插件和部分命令

精简的win系统了解下

什么cloudread fydeos chromebook旧电脑能用都是p

密码保护：把usb打印机变为wifi网络打印机

openwrt x86配置squid

相关文章

排行榜展示

文章展示