SquidGuard

出自 新化國中wiki平台
前往: 導覽搜尋

Os: Debian Ob2d-lenny Ob2d-squeeze

  • 安裝:
apt-get install squidguard
  • 設定:
    1. \etc\squid3\squid.conf
#Recommended minimum configuration:
acl manager proto cache_object
+acl mynetworks src 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8
#
@@ -644,6 +645,7 @@
# Adapt localnet in the ACL section to list your (internal) IP networks
# from where browsing should be allowed
#http_access allow localnet
+http_access allow mynetworks
http_access allow localhost
# And finally deny all other access to this proxy
@@ -677,6 +679,7 @@
#
#Allow ICP queries from local networks only
#icp_access allow localnet
+icp_access allow mynetworks
icp_access deny all
# TAG: htcp_access
@@ -867,7 +870,7 @@
# visible on the internal address.
#
# Squid normally listens to port 3128
-http_port 3128
+http_port 3128 transparent
# TAG: https_port
# Note: This option is only available if Squid is rebuilt with the
@@ -1564,6 +1567,7 @@
#
#Default:
# cache_mem 8 MB
+cache_mem 64 MB
# TAG: maximum_object_size_in_memory (bytes)
# Objects greater than this size will not be attempted to kept in
@@ -1573,6 +1577,7 @@
#
#Default:
# maximum_object_size_in_memory 8 KB
+maximum_object_size_in_memory 128 KB
# TAG: memory_replacement_policy
# The memory replacement policy parameter determines which
@@ -1582,7 +1587,7 @@
#
#Default:
# memory_replacement_policy lru
-
+memory_replacement_policy heap LFUDA
# DISK CACHE OPTIONS
# -----------------------------------------------------------------------------
@@ -1624,6 +1629,7 @@
#
#Default:
# cache_replacement_policy lru
+cache_replacement_policy heap LFUDA
# TAG: cache_dir
# Usage:
@@ -1731,6 +1737,7 @@
#
#Default:
# cache_dir ufs /var/spool/squid3 100 16 256
+cache_dir aufs /var/spool/squid3 16384 16 256
# TAG: store_dir_select_algorithm
# Set this to 'round-robin' as an alternative.
@@ -2211,6 +2218,7 @@
#
#Default:
# none
+url_rewrite_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf
# TAG: url_rewrite_children
# The number of redirector processes to spawn. If you start
@@ -2220,6 +2228,7 @@
#
#Default:
# url_rewrite_children 5
+url_rewrite_children 20
# TAG: url_rewrite_concurrency
# The number of requests each redirector helper can handle in
@@ -2509,6 +2518,7 @@
#
#Default:
# request_header_max_size 20 KB
+request_header_max_size 32 KB
# TAG: reply_header_max_size (KB)
# This specifies the maximum size for HTTP headers in a reply.
@@ -2519,6 +2529,7 @@
#
#Default:
# reply_header_max_size 20 KB
+reply_header_max_size 32 KB
# TAG: request_body_max_size (bytes)
# This specifies the maximum size for an HTTP request body.
@@ -4001,6 +4012,8 @@
#
#Default:
# none
+acl debian dstdomain .debian.org
+always_direct allow debian
# TAG: never_direct
# Usage: never_direct allow|deny [!]aclname ...
@@ -4690,7 +4703,7 @@
# reasons.
#
#Default:
-# pipeline_prefetch off
+pipeline_prefetch on
# TAG: high_response_time_warning (msec)
# If the one-minute median response time exceeds this value,