http_portcache_dir ufs /var/data 3000 12 56 //不要超过3G cache_mem 2048 MB //内存2/3 acl aa src xx acl bb dst xx http_access allow aa http_access deny all
image.png
cache_swap_high 95
cache_swap_low 80
maximum_object_size 40960 KB
//src/dst srcdomain dstdomain
acl internal srcdom_regex -i ..example.com
urlpath_regex -i ..gif$
url_regex
acl none_work time 12:00-13:00
SMTWHFA
acl max_conn maxconn 10 //允许一个客户端最多几条连接
port
image.png
image.png
image.png
image.png
多项
image.png
refresh_pattern过期时间设置
image.png
cache_store_log none
--
透明代理:squid NAT
http_port 3128 transparent
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 3128
iptables -t nat -A POSTROUTING -o eth2 -s 192.168.0.0/24 -j SNAT --to 10.0.1.200
反向代理:负载均衡
image.png
单台反向代理
image.png
443反向代理
image.png
HTTP协议命令:GET,HEAD,POST,PUT,DELETE,CONNECT,TRACE,DEBUG,OPTIONS 防火墙用string过滤地址
image.png
