Squid with TOS ( DSCP ) And Mikrotik

[darklove]

Linux

کد:

# cd /usr/src
# wget -c http://www.squid-cache.org/Versions/v3/3.1/squid-3.1.15.tar.gz
# tar xvf squid-3.1.15.tar.gz
# cd squid-3.1.15 
# nano /usr/include/bits/typesizes.h
     #define __FD_SETSIZE            16384
# ulimit -HSn 16384
# ulimit -HSd unlimited
# ./configure \
  --prefix=/usr/local/squid \
  --enable-forward-log \
  --enable-follow-x-forwarded-for \
  --enable-snmp \
  --enable-linux-netfilter \
  --enable-http-violations \
  --enable-delay-pools \
  --enable-storeio=diskd,aufs,ufs \
  --with-large-files \
  --enable-large-cache-files \
  --with-filedescriptors=16384 \
  --enable-async-io=128 \
  --enable-removal-policies=lru,heap \
  --enable-useragent-log \
  --enable-referer-log \
  --enable-err-languages=English \
  --enable-default-err-language=English \
  --enable-zph-qos 
# make && make install
# cat /dev/null > /usr/local/squid/etc/squid.conf
# nano /usr/local/squid/etc/squid.conf

acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl mynet src 192.168.0.0/24
acl SSL_ports port  443
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl CONNECT method CONNECT

http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow mynet
http_access deny all
icp_access deny all

http_port 3128 transparent

hierarchy_stoplist cgi-bin ?

cache_mem 2048 MB
maximum_object_size 256 MB

cache_dir aufs /cache 55500 128 256
coredump_dir /cache

cache_access_log /usr/local/squid/var/logs/access.log

cache_mgr Root@Cache
visible_hostname Cache-Server

qos_flows local-hit=0x30

refresh_pattern ^ftp:                    1440    20%     10080
refresh_pattern ^gopher:                 1440    0%      1440
refresh_pattern -i (/cgi-bin/|\?)        0       0%      0
refresh_pattern .                        0       20%     4320

# nano /etc/rc.d/rc.local
ulimit -HSn 16384
ulimit -HSd unlimited
/usr/local/squid/sbin/squid

Mikrotik

کد:

ip firewall mangle add chain=postrouting tos=12 action=mark-packet new-packet-mark=proxy-hit passthrough=no
queue tree add name="pmark" parent=global-out packet-mark=proxy-hit limit-at=0 queue=default priority=8 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s

---

موضوعات مشابه:

• تنظیمات squid به همراه ras mikrotik
• squid and mikrotik
• نحوه محاسبه dscp
• Squid Mikrotik
• ورژن های squid نسخه های مختلف Mikrotik

---