Escolar Documentos
Profissional Documentos
Cultura Documentos
Esse tutorial eu irei ensinar a configurar o o básico do squid, que é um proxy-cache , que é
uma ferramenta fundamental para admistradores de redes com tráfego extremos para
ajudar a diminuir o consumo do link.
Um exemplo prático, se 10 usuários ascessarem o mesmo Web site ele na verdade será
carregado apenas uma vez no servidor de proxy , diminuindo o tráfego do link, que na
maioria das vezes não é muito largo. outro exemplo se 10 usuários baixarem 10 vezes um
arquivo, ele só vai ser realmente baixado 1 vez , o resto vai vir do cache do proxy, isso se
aplica a imagens vídeos e outras coisas .
Para esse tutorial é importante que você saiba o básico de comandos do console e da
estrutura de diretórios e inicialização de programas em modo texto (console) recomendo
ler o guia foca se quiser se aprofundar no mundo do software livre . Outra coisa , aprenda
a usar o google , ele sempre lhe trará respostas , antes mesmo de postar em foruns e
listas.
1. Instalar o programa .
2. Criar o arquivo ip_Liberados dentro do diretório /etc/squid/
3. Renomear a conf padrão .
4. Baixar e descompactar a conf que eu editei .
5. Reiniciar o squid
6. Habilitar o proxy no navegador
7. Testar ver se está funcionando corretamente.
8. Duvidas consultar o google .
No ubuntu .
/etc/squid
se chama squid.conf
/etc/squid/squid.conf
ou no debian
# touch /etc/squid/ip_Liberados
E vamos iserir os ips que desejamos . para saber o ip da sua máquina
sudo ifconfig
Vamos editar o arquivo que criamos e vamos inserir os ips que desejamos .
sudo nano /etc/squid/ip_Liberados
No meu caso esses.
192.168.254.1
192.168.254.20
192.168.254.2
192.168.254.3
192.168.254.4
192.168.254.5
192.168.254.15
################################
############Porta Padrão #####################
http_port 3128
#########################################
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
####### Caso exista o Apache evita conflitos #############
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
############Logs do Squid######################
access_log /var/log/squid/access.log squid
cache_log /var/log/squid/cache.log squid
############ verifica o arquivo de Host da maquina ########
hosts_file /etc/hosts
###########################################
############Configuração do cache##################
############tamanho do cache coloque o melhor pra seu uso #
cache_mem 10 GB
############ tamanho maximo de arquivos na memoria ####
maximum_object_size_in_memory 128 KB
############ tamanho maximo do arquivo no cache #######
maximum_object_size 300 MB
minimum_object_size 0 KB
cache_swap_low 90
cache_swap_high 95
###########################################
############Regras de Liberar O seu IP ###############
############ Proteger a sua rede de usos externos ao squid ###
############Acl que consulta o arquivo ##########
acl Libera_IP src “/etc/squid/ip_Liberados”
############ Regra que libera a acl Libera_IP #######
http_access allow Libera_IP
######################################
############Log de erros em Portugues##########
######################################
error_directory /usr/share/squid/errors/Portuguese
#######################################
############Atualizar Cache##################
#######################################
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
############Faixa da rede interna ##############
acl all src 0.0.0.0/255.255.255.0
#######################################
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
############Partas do SSL padrão #############
acl SSL_ports port 443 # https
acl SSL_ports port 563 # snews
acl SSL_ports port 873 # rsync
############ Portas Liberadas ##################
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 631 # cups
acl Safe_ports port 873 # rsync
acl Safe_ports port 901 # SWAT
##########################################
acl purge method PURGE
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
############Bloqueia todas as portas menos as sefe portas###
http_access deny !Safe_ports
##########################################
http_access deny CONNECT !SSL_ports
############Libera Localhost#####################
http_access allow localhost
############Bloquear todos ips e acessos externos #######
http_access deny all
############## Libera que recarregue as páginas#########
http_reply_access allow all
############Libera consultas icpms #################
icp_access allow all
############################################
cache_effective_group proxy
############endereço de erros do cache ###############
coredump_dir /var/spool/squid
No console.
cd /etc/squid
wget http://www.xjulio.info/blog/squid.conf.tar.gz
Reniciar o squid.
# /etc/init.d/squid restart
ou
Lembrando que a conf que vem no squid já é o suficiente, basta editar a parte que libera
acessos externos .