Wccp نصب میکنیم بدین صورت
کد:
tar xvf ip_wccp-1.7.tar
cd ip_wccp_1.7
make
make install
بعد Config Squid
کد:
http_port 3128
icp_port 3130
hierarchy_stoplist cgi-bin
hierarchy_stoplist ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 64 MB
memory_pools on
maximum_object_size 16 MB
minimum_object_size 0 KB
cache_dir diskd /var/spool/squid 3000 16 64 Q1=72 Q2=64
coredump_dir /var/spool/squid
cache_store_log none
cache_log none
refresh_pattern ^ftp: 1440 40% 10080
refresh_pattern ^gopher: 1440 20% 1440
refresh_pattern . 320 40% 43200
request_header_max_size 8 KB
negative_ttl 5 minutes
connect_timeout 2 minutes
read_timeout 15 minutes
request_timeout 30 seconds
shutdown_lifetime 10 seconds
client_lifetime 14 hours
acl nimda1 urlpath_regex -i \.elm$
acl nimda2 urlpath_regex -i root.exe
acl nimda3 urlpath_regex -i cmd.exe
acl nimda4 urlpath_regex -i ^http://.*www
acl nimda5 urlpath_regex -i readme.exe
acl nimda6 urlpath_regex -i default.id
acl nimda7 urlpath_regex -i :25
#######################auth######################
auth_param basic children 4
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
authenticate_ttl 1 hour
authenticate_ip_ttl 1 second
#################################################
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1
acl local src 192.168.0.0/24
acl SSL_ports port 443 563
acl Safe_ports port 80 20 21 443 70 210 8080 280 488 591 777 901 1024-65535
acl purge method PURGE
acl CONNECT method CONNECT
#################################################
http_access deny nimda1
http_access deny nimda2
http_access deny nimda3
http_access deny nimda4
http_access deny nimda5
http_access deny nimda6
http_access deny nimda7
#################################################
http_access allow manager localhost
http_access allow manager local
http_access deny manager
http_access allow purge localhost
http_access allow purge local
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow local
http_access deny all
icp_access allow all
http_reply_access allow all
#################################################
cache_mgr Metal_S2004@Yahoo.Com
cache_effective_user squid
cache_effective_group squid
visible_hostname CacheServer
wccp_router 192.168.0.1
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
forwarded_for on
emulate_httpd_log off
log_fqdn off
logfile_rotate 3
acl snmppublic snmp_community public
snmp_access allow snmppublic localhost
snmp_access deny all
snmp_incoming_address 0.0.0.0
snmp_outgoing_address 255.255.255.255
بعد run کردن wccp
کد:
modprobe ip_wccp
modprobe ip_gre
و بعد این دستورات میزنیم
کد:
iptunnel add gre1 mode gre remote <ip-address-of-router> local <ip-address-of-squid-cache> dev eth0
ifconfig gre1 127.0.0.2 up
iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128
و مقادری را عوض میکنیم
کد:
/etc/sysctl.conf
net.ipv4.ip_forward = 1
net.ipv4.conf.all.rp_filter = 1
kernel.sysrq = 0
و در پایان
کد:
service squid start
service iptables stop
chkconfig squid on
chkconfig iptables off
اگه اشتباه لپی بود ببخشید
چون با عجله نوشتم
موضوعات مشابه: