حالت موضوعي | حالت خطي

darklove · 2012-05-13, 09:24 PM,

Linux

کد :
# cd /usr/src

# nano/usr/include/bits/typesizes.h

      #define __FD_SETSIZE            16384

# wget -c http://www.squid-cache.org/Versions/v3/3.1/squid-3.1.15.tar.gz

# tar xf squid-3.1.15.tar.gz

# cd squid-3.1.15 

# ulimit -HSn 16384

# ulimit -HSd unlimited

./configure \

  --prefix=/usr/local/squid \

  --enable-forward-log \

  --enable-follow-x-forwarded-for \

  --enable-snmp \

  --enable-linux-netfilter \

  --enable-http-violations \

  --enable-delay-pools \

  --enable-storeio=diskd,aufs,ufs \

  --with-large-files \

  --enable-large-cache-files \

  --with-filedescriptors=16384 \

  --enable-async-io=128 \

  --enable-removal-policies=lru,heap \

  --enable-useragent-log \

  --enable-referer-log \

  --enable-err-languages=English \

  --enable-default-err-language=English \

  --enable-wccpv2 

# make && make install

# cat /dev/null > /usr/local/squid/etc/squid.conf

# nano /usr/local/squid/etc/squid.conf

acl manager proto cache_object

acl localhost src 127.0.0.1/32

acl mynet src 192.168.0.0/24

acl SSL_ports port  443

acl Safe_ports port 80          # http

acl Safe_ports port 21          # ftp

acl Safe_ports port 443         # https

acl Safe_ports port 70          # gopher

acl Safe_ports port 210         # wais

acl Safe_ports port 1025-65535  # unregistered ports

acl Safe_ports port 280         # http-mgmt

acl Safe_ports port 488         # gss-http

acl Safe_ports port 591         # filemaker

acl Safe_ports port 777         # multiling http

acl CONNECT method CONNECT

http_access allow manager localhost

http_access deny manager

http_access deny !Safe_ports

http_access deny CONNECT !SSL_ports

http_access allow localhost

http_access allow mynet

http_access deny all

icp_access deny all

http_port 3128 intercept

hierarchy_stoplist cgi-bin ?

cache_mem 2048 MB

maximum_object_size 256 MB

cache_dir aufs /cache 125000 128 256

coredump_dir /cache

cache_access_log /usr/local/squid/var/logs/access.log

cache_mgr Root@Cache

visible_hostname Cache-Server

refresh_pattern ^ftp:                    1440    20%     10080

refresh_pattern ^gopher:                 1440    0%      1440

refresh_pattern -i (/cgi-bin/|\?)        0       0%      0

refresh_pattern .                        0       20%     4320

wccp2_router 192.168.0.254

wccp_version 4

wccp2_forwarding_method gre

wccp2_return_method gre

wccp2_service standard 0

# nano /etc/rc.d/rc.gre

#!/bin/bash

## Config

Router=192.168.0.254

Cache=192.168.0.1

##

modprobe ip_gre

ip tunnel add wccp0 mode gre remote $Router local $Cache dev eth0

ifconfig wccp0 127.0.0.1 netmask 255.255.255.255 up

echo 0 >/proc/sys/net/ipv4/conf/wccp0/rp_filter

echo 0 >/proc/sys/net/ipv4/conf/eth0/rp_filter

echo 1 >/proc/sys/net/ipv4/ip_forward

# chmod 777 /etc/rc.d/rc.gre

# echo "/etc/rc.d/rc.gre" >> /etc/rc.d/rc.local

# echo "ulimit -HSn 16384" >> /etc/rc.d/rc.local

# echo "ulimit -HSd unlimited" >> /etc/rc.d/rc.local

# echo "/usr/local/squid/sbin/squid" >> /etc/rc.d/rc.local

Cisco

کد :
ip wccp web-cache

ip cef

interface FastEthernet2/0

 description User Interface

 ip wccp web-cache redirect in