[squid-users] Squid.conf setting queries

From: ads squid <[email protected]>
Date: Fri, 1 Aug 2003 06:17:24 -0700 (PDT)

I have configured squid.conf as follows but I can not
see any performance difference. Can you guid whether
squid.conf is correct. If so what may be problem?
Here is my squid.conf file.
###################
#squid.conf
#Every option in this file is very well documented in
the original squid.conf file
#and on
http://www.visolve.com/squidman/Configuration%20Guide.html

#
#The ports our Squid will listen on.
http_port 3128
icp_port 3130
#cgi-bins will not be cached.
squid-users@squid-cache.orgacl QUERY urlpath_regex
cgi-bin \?
no_cache deny QUERY
#Memory the Squid will use. Well, Squid will use far
more than that.

#I want assign 400 MB RAM
cache_mem 400 MB
#I want to allot 10 GB of hard disk space.

cache_dir ufs /cache 10000 16 256

#Places where Squid's logs will go to.
cache_log /var/log/squid/cache.log
cache_access_log /var/log/squid/access.log
cache_store_log /var/log/squid/store.log
cache_swap_log /var/log/squid/swap.log
#How many times to rotate the logs before deleting
them.
#See the FAQ for more info.
logfile_rotate 0

redirect_rewrites_host_header off
cache_replacement_policy GDSF

acl STOP1 src 192.168.0.23/32
acl WORKING time MTWHF 08:30-19:30
http_access deny STOP1 WORKING

acl STOP src 192.168.0.42/32
acl ABHAT time MTWHF 19:30-23:30
http_access deny STOP ABHAT

acl STOP2 src www.kazza.com
acl SUNK time MTWHF 07:30-23:30
http_access deny STOP2 SUNK

acl localnet src 192.168.0.0/255.255.255.0
acl localhost src 127.0.0.1/255.255.255.255
acl Safe_ports port 80 443 210 119 70 20 21 1025-65535
acl CONNECT method CONNECT
acl all src 0.0.0.0/0.0.0.0
http_access allow localnet
http_access allow localhost
http_access deny !Safe_ports

http_access deny CONNECT
http_access deny all

acl losers src 192.168.0.0/255.255.255.0
acl 1CONN maxconn 1
http_access deny 1CONN losers

maximum_object_size 3000 KB
store_avg_object_size 50 KB

#Set these if you want your proxy to work in a
transparent way.
#Transparent proxy means you generally don't have to
configure all
#your client's browsers, but hase some drawbacks too.
#Leaving these uncommented won't do any harm.
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

#all our LAN users will be seen by external web
servers
cache_mgr your@email
cachemgr_passwd secret_password all

#This is a name of a user our Squid will work as.
cache_effective_user squid
cache_effective_group squid

log_icp_queries off
buffered_logs on

#####DELAY POOLS
#This is the most important part for shaping incoming
traffic with Squid
#For detailed description see squid.conf file or docs
at http://www.squid-#cache.org

#We don't want to limit downloads on our local
network.
acl magic_words1 url_regex -i 192.168

#We want to limit downloads of these type of files
#Put this all in one line
acl magic_words2 url_regex -i .mpeg .mpe .mpg .wav
.mov
#acl magic_words2 url_regex -i ftp .exe .mp3 .vqf
.tar.gz .gz .rpm .zip .#rar .
#avi .mpeg .mpe .mpg .qt .ram .rm .iso .raw .wav .mov
#We don't block .html, .gif, .jpg and similar files,
because they
#generally don't consume much bandwidth

acl day time 07:00-23:30

#visible_hostname myproxyserver
visible_hostname nerworkshastri
#We have two different delay_pools
#View Squid documentation to get familiar
#with delay_pools and delay_class.
delay_pools 2

#First delay pool
#We don't want to delay our local traffic.
#There are three pool classes; here we will deal only
with the second.
#First delay class (1) of second type (2).
delay_class 1 2

#-1/-1 mean that there are no limits.
delay_parameters 1 -1/-1 -1/-1

#magic_words1: 192.168 we have set before
delay_access 1 allow magic_words1

#Second delay pool.
#we want to delay downloading files mentioned in
magic_words2.
#Second delay class (2) of second type (2).
                                                      
                        delay_class 2 2

#The numbers here are values in bytes;
#we must remember that Squid doesn't consider
start/stop bits
#5000/150000 are values for the whole network
#5000/120000 are values for the single IP
#after downloaded files exceed about 150000 bytes,
#(or even twice or three times as much)
#they will continue to download at about 5000 bytes/s

delay_parameters 2 2000/50000 2000/50000
#We have set day to 09:00-23:59 before.
delay_access 2 allow day
delay_access 2 deny !day
delay_access 2 allow magic_words2
####################################
I have saved file. Then run command
[root@abc root]# /usr/local/squid/sbin/squid
2003/08/01 18:37:30| Squid is already running!
Process ID 7021

No error.So O.K.
But these restrictions are not working at all. User
can still access to kazza. Also not much performance
improvemnt is seen. Is there anything wrong in
configuration file.

Thanks.
 

__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com
Received on Fri Aug 01 2003 - 07:17:30 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:18:32 MST