summaryrefslogtreecommitdiffstats
path: root/network/squid/README.SBo
blob: 5dcc214a0608da4871be8b09d60609e6dd626c21 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
README.SBo - configuration help for squid from SlackBuilds.org

==============================================================================

If you need to start squid at boot, make sure /etc/rc.d/rc.squid is
executable and add the following to /etc/rc.d/rc.local:
  if [ -x /etc/rc.d/rc.squid ]; then
    /etc/rc.d/rc.squid start
  fi

==============================================================================

Uncomment and edit the following lines in /etc/squid.conf:

http_port <port> <option>

    Set <port> to the port you want Squid to listen on, default is 3128

    Set <option> to 'transparent' if you want to make Squid a 
    transparent proxy through the use of IPTables DNAT/REDIRECT rules.
    Note that this now replaces the older method of using httpd_accel.
    Leave blank otherwise.

cache_peer, never_direct/always_direct

    If you have a parent cache, put it here.  The administrators of the
    parent cache typically provided you with instructions.  You should
    always ask permission before adding a parent cache. See also the
    never_direct/always_direct directives. 

    Note, if you don't have a cache_peer, you'll most likely need to use
    'always_direct allow all'

cache_dir <storage> /var/log/squid/cache <mem> <L1> <L2>

    Set <storage> to 'aufs' if you want an asynchronous storage facility 
    that allows Squid to access the disk without blocking; otherwise
    use 'ufs' here.

    Set <mem> to the number of megabytes you want Squid to use for its
    cache, default is '100'

    Set <L1> to the number of top-level directories to use for the cache,
    default is '16'

    Set <L2> to the number of sub-directories to use for the cache,
    default is '256'

acl, http_access, icp_access

    Access control lists.  This is important because it prevents people
    from stealing your network resources.  To fill in the
    "allowed_hosts" ACL, use your network address (for instance
    192.168.10.0 and your network mask.

        acl manager proto cache_object
        acl localhost src 127.0.0.1/32
        acl localnet src 192.168.10.0/24

        http_access allow manager localhost
        http_access deny manager
        http_access allow localnet
        http_access deny all

        icp_access allow localnet 
        icp_access deny all

cache_mgr

    Put here the e-mail address of the manager:

cache_effective_user

    If you must start Squid as root, find a safe user and group to run
    as after startup (typically "nobody" and "nogroup").  Do not use
    "root", for security reasons.

visible_hostname

    The host name you advertise for the cache.

==============================================================================

After editing squid.conf to your liking, run Squid from the command
line TWICE:

    % /usr/sbin/squid -z
    % /usr/sbin/squid 

Check in the cache.log (/var/log/squid/cache.log) that
everything is all right.