SquidGuard
出自 新化國中wiki平台
Os: Debian Ob2d-lenny Ob2d-squeeze
- 安裝:
apt-get install squidguard
- 設定:
- \etc\squid3\squid.conf
#Recommended minimum configuration: acl manager proto cache_object +acl mynetworks src 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8 # @@ -644,6 +645,7 @@ # Adapt localnet in the ACL section to list your (internal) IP networks # from where browsing should be allowed #http_access allow localnet +http_access allow mynetworks http_access allow localhost # And finally deny all other access to this proxy @@ -677,6 +679,7 @@ # #Allow ICP queries from local networks only #icp_access allow localnet +icp_access allow mynetworks icp_access deny all # TAG: htcp_access @@ -867,7 +870,7 @@ # visible on the internal address. # # Squid normally listens to port 3128 -http_port 3128 +http_port 3128 transparent # TAG: https_port # Note: This option is only available if Squid is rebuilt with the @@ -1564,6 +1567,7 @@ # #Default: # cache_mem 8 MB +cache_mem 64 MB # TAG: maximum_object_size_in_memory (bytes) # Objects greater than this size will not be attempted to kept in @@ -1573,6 +1577,7 @@ # #Default: # maximum_object_size_in_memory 8 KB +maximum_object_size_in_memory 128 KB # TAG: memory_replacement_policy # The memory replacement policy parameter determines which @@ -1582,7 +1587,7 @@ # #Default: # memory_replacement_policy lru - +memory_replacement_policy heap LFUDA # DISK CACHE OPTIONS # ----------------------------------------------------------------------------- @@ -1624,6 +1629,7 @@ # #Default: # cache_replacement_policy lru +cache_replacement_policy heap LFUDA # TAG: cache_dir # Usage: @@ -1731,6 +1737,7 @@ # #Default: # cache_dir ufs /var/spool/squid3 100 16 256 +cache_dir aufs /var/spool/squid3 16384 16 256 # TAG: store_dir_select_algorithm # Set this to 'round-robin' as an alternative. @@ -2211,6 +2218,7 @@ # #Default: # none +url_rewrite_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf # TAG: url_rewrite_children # The number of redirector processes to spawn. If you start @@ -2220,6 +2228,7 @@ # #Default: # url_rewrite_children 5 +url_rewrite_children 20 # TAG: url_rewrite_concurrency # The number of requests each redirector helper can handle in @@ -2509,6 +2518,7 @@ # #Default: # request_header_max_size 20 KB +request_header_max_size 32 KB # TAG: reply_header_max_size (KB) # This specifies the maximum size for HTTP headers in a reply. @@ -2519,6 +2529,7 @@ # #Default: # reply_header_max_size 20 KB +reply_header_max_size 32 KB # TAG: request_body_max_size (bytes) # This specifies the maximum size for an HTTP request body. @@ -4001,6 +4012,8 @@ # #Default: # none +acl debian dstdomain .debian.org +always_direct allow debian # TAG: never_direct # Usage: never_direct allow|deny [!]aclname ... @@ -4690,7 +4703,7 @@ # reasons. # #Default: -# pipeline_prefetch off +pipeline_prefetch on # TAG: high_response_time_warning (msec) # If the one-minute median response time exceeds this value,
