Archive for May, 2010

Squid Configuration Sample

.

Hi again

many of friends asked me to publish a sample useful squid configuration.  now I decided to post a weblog regarding the squid configurations. I prefer to say that there are some points which helps you to install a web-cache server for you local network .

1- First I want to mention that two partition have more speed regarding the Reed/Write comparing to one. and two disk have more speed comparing one disk. therefore try to install you cache partition in order to save your cache content in two Disk then in four partitions.

2- The difference between ext3 and ex2 is only journaling. therefore to increase your speed for your cache content partitions use ex2 since the recovery of the information is less important to R/W speed.

3- Use proper swap. maximum swap size for your linux is 2Gb and setting more than it, will not used.

4- Always try to install a cache only name server in the same machine of your cache server.

5- For having an improvement in your disk I/O always your the diskd feature for your squid proxy server. in some cases you should recompile the squid to enable this feature.

now I will explain how to install the simple squid server on the debian. First install the squid with aptitude install squid .

after try to chown the cache content partitions to the proxy user.

and then re-write these configuration for your cache.

#        Descriptin:      Mehdi Behamin co.   #

http_port  3128 transparent
################################
#httpd_accel_host virtual
#httpd_accel_port 80
#httpd_accel_with_proxy  on
#httpd_accel_uses_host_header on
################################
cache_mem 10 MB
cache_swap_low  90
cache_swap_high 95

cache_dir diskd /cache 5000 32 128 Q1=72 Q2=64
#cache_dir diskd /cache2 15000 32 128 Q1=72 Q2=64
#cache_dir diskd /cache3 15000 32 128 Q1=72 Q2=64
#cache_dir diskd /cache4 15000 32 128 Q1=72 Q2=64
#store_dir_select_algorithm round-robin

cache_replacement_policy heap LFUDA
memory_replacement_policy heap LFUDA

cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
#cache_dns_program    /usr/local/squid2/bin/dnsserver
dns_nameservers 127.0.0.1
pid_filename  /var/run/squid.pid

hierarchy_stoplist  cgi-bin
hierarchy_stoplist ?
acl QUERY urlpath_regex cgi
no_cache deny QUERY

# quick abort:
# always finish if less than 10k
#    finish if more than 50%
#    always  abort  if more  tan  1024k
quick_abort_min    20 kb
quick_abort_pct    50%
quick_abort_max    1024 kb

emulate_httpd_log   off

#redirect_program   /usr/bin/squidGuard

#redirect_children 3
#refresh_pattern .       0     20%      4320

########################################################
refresh_pattern  -i        .gif$          10080    90%    43200
refresh_pattern -i       .jpg$          10080    90%     43200
refresh_pattern  -i        .bom.gov.au      30     20%      120
refresh_pattern -i       .html$           480    50%     22160
refresh_pattern  -i        .htm$            480    50%    22160
refresh_pattern  -i      .aspx$         480     50%     22160
refresh_pattern  -i      .mspx$         480     50%     22160
refresh_pattern  -i      .asp$         480     50%     22160
refresh_pattern -i       .class$        10080    90%     43200
refresh_pattern  -i        .zip$          10080    90%    43200
refresh_pattern -i       .jpeg$         10080    90%     43200
refresh_pattern  -i        .mid$          10080    90%    43200
refresh_pattern -i       .shtml$          480    50%     22160
refresh_pattern  -i        .exe$          10080    90%    43200
refresh_pattern -i       .thm$          10080    90%     43200
refresh_pattern  -i        .wav$          10080    90%    43200
refresh_pattern -i       .txt$          10080    90%     43200
refresh_pattern  -i        .cab$          10080    90%    43200
refresh_pattern -i       .au$           10080    90%     43200
refresh_pattern  -i        .mov$          10080    90%    43200
refresh_pattern -i       .xbm$          10080    90%     43200
refresh_pattern  -i        .ram$          10080    90%    43200
refresh_pattern -i       .avi$          10080    90%     43200
refresh_pattern  -i        .chtml$          480    50%    22160
refresh_pattern -i       .thb$          10080    90%     43200
refresh_pattern  -i        .dcr$          10080    90%    43200
refresh_pattern -i       .bmp$          10080    90%     43200
refresh_pattern  -i        .phtml$          480    50%    22160
refresh_pattern -i       .mpg$          10080    90%     43200
refresh_pattern  -i        .pdf$          10080    90%    43200
refresh_pattern -i       .art$          10080    90%     43200
refresh_pattern  -i        .swf$          10080    90%    43200
refresh_pattern -i       .mp3$          10080    90%     43200
refresh_pattern  -i        .ra$           10080    90%    43200
refresh_pattern -i       .spl$          10080    90%     43200

refresh_pattern -i       .spl$          10080    90%     43200
refresh_pattern  -i        .viv$          10080    90%    43200
refresh_pattern -i       .doc$          10080    90%     43200
refresh_pattern  -i        .gz$           10080    90%    43200
refresh_pattern -i       .Z$            10080    90%     43200
refresh_pattern  -i        .tgz$          10080    90%    43200
refresh_pattern -i       .tar$          10080    90%     43200
refresh_pattern  -i        .vrm$          10080    90%    43200
refresh_pattern -i       .vrml$         10080    90%     43200
refresh_pattern  -i        .aif$          10080    90%    43200
refresh_pattern -i       .aifc$         10080    90%     43200
refresh_pattern  -i        .aiff$         10080    90%    43200
refresh_pattern -i       .arj$          10080    90%     43200
refresh_pattern  -i        .c$            10080    90%    43200
refresh_pattern -i       .cpt$          10080    90%     43200
refresh_pattern  -i        .dir$          10080    90%    43200
refresh_pattern -i       .dxr$          10080    90%     43200
refresh_pattern  -i        .hqx$          10080    90%    43200
refresh_pattern -i       .jpe$          10080    90%     43200
refresh_pattern  -i        .lha$          10080    90%    43200
refresh_pattern -i       .lzh$          10080    90%     43200
refresh_pattern  -i        .midi$         10080    90%    43200
refresh_pattern -i       .movie$        10080    90%     43200
refresh_pattern  -i        .mp2$          10080    90%    43200
refresh_pattern -i       .mpe$          10080    90%     43200
refresh_pattern  -i        .mpeg$         10080    90%    43200
refresh_pattern -i       .mpga$         10080    90%     43200
refresh_pattern  -i        .pl$           10080    90%    43200
refresh_pattern -i       .ppt$          10080    90%     43200
refresh_pattern  -i        .ps$           10080    90%    43200
refresh_pattern -i       .qt$           10080    90%     43200
refresh_pattern  -i        .qtm$          10080    90%    43200
refresh_pattern -i       .ras$          10080    90%     43200
refresh_pattern  -i        .sea$          10080    90%    43200
refresh_pattern -i       .sit$          10080    90%     43200
refresh_pattern  -i        .tif$          10080    90%    43200
refresh_pattern -i       .tiff$         10080    90%     43200
refresh_pattern  -i        .snd$          10080    90%    43200
refresh_pattern -i       .wrl$          10080    90%     43200
refresh_pattern -i        ^ftp://         480      60%    22160
refresh_pattern -i       ^gopher://      30        20%     120
refresh_pattern -i        .               480      50%    22160
refresh_pattern -i       ^gopher://      30        20%     120
refresh_pattern -i        .               480      50%    22160

maximum_object_size 16384 kb
#reply_body_max_size 500 MB

#reference_age  1  month
read_timeout 30 minutes
client_lifetime 3 hours
pconn_timeout 15 seconds
request_timeout  1  minute
shutdown_lifetime 10 seconds
# positive_dns_ttl 53 seconds

ipcache_size 10240
ipcache_low  98
ipcache_high 99

#dns_children   32

cache_mgr   mbehamin@gmail.com
cachemgr_passwd   parmid   all
#cache_effective_user squid
#cache_effective_group squid

#visible_hostname none
#error_directory /tmp

minimum_direct_hops 5

log_fqdn off
#ident_lookup off

memory_pools off
forwarded_for  on
icp_hit_stale on logfile_rotate 9

store_objects_per_bucket  10
store_avg_object_size  13  kb
netdb_high 10000
netdb_low   9900
netdb_low   9900
netdb_ping_period 30 seconds

#mcast_groups nlanr.mcast.ircache.net

log_icp_queries off
#test_reachability off

debug_options ALL,1
max_open_disk_fds       55
high_memory_warning  400   mb
high_response_time_warning   2000
high_page_fault_warning 2

#authenticate_program   /usr/local/squid/bin/ncsa_auth
#/usr/local/squid/etc/passwd
#acl NCSAPasswd proxy_auth REQUIRED

strip_query_terms off

acl Manager   proto cache_object
acl all src 192.168.10.0/255.255.255.0
acl post  method  POST
acl ssl method CONNECT
acl purge method PURGE
acl BADPORTS port 7 9 11 19 22 23 25 53 110 119 513 514
# okay to remove  this  if chg.ru cleans up its act http_access allow purge
http_access deny purge
http_access allow Manager
http_access deny Manager
http_access  deny BADPORTS
http_access deny ssl
http_access allow all

thats it. but remember before restarting your squid service try to illuminate the errors by squid -k check command.

regards

Request exceeded the limit of 10 internal redirects due to probable configuration error. Use ‘LimitInternalRecursion’ to increase the limit if necessary. Use ‘LogLevel debug’ to get a backtrace

.

Hi again

it is possible to see the above error in your apache web server error logs. this error mostly happens when there is some sources reconnect to itself to browse the website. by default the  10 number of internal redirects are allowed. in order to increase this number just add the following line in you virtual server configuration .

LimitInternalRecursion number

note:  before enabling this feature in your web server websites. check why your web program needs to do internal redirects.

if you face with such problem and dont know why your program act like this, do not hesitate to ask me.

regards

References : http://httpd.apache.org/docs/2.0/mod/core.html#limitinternalrecursion


     Copyrighted Mehdi Behamin , All Rights Reserved
    
Blog has been visited 192117 times