Linux
کد :
# cd /usr/src
# nano/usr/include/bits/typesizes.h
#define __FD_SETSIZE 16384
# wget -c http://www.squid-cache.org/Versions/v3/3.1/squid-3.1.15.tar.gz
# tar xf squid-3.1.15.tar.gz
# cd squid-3.1.15
# ulimit -HSn 16384
# ulimit -HSd unlimited
./configure \
--prefix=/usr/local/squid \
--enable-forward-log \
--enable-follow-x-forwarded-for \
--enable-snmp \
--enable-linux-netfilter \
--enable-http-violations \
--enable-delay-pools \
--enable-storeio=diskd,aufs,ufs \
--with-large-files \
--enable-large-cache-files \
--with-filedescriptors=16384 \
--enable-async-io=128 \
--enable-removal-policies=lru,heap \
--enable-useragent-log \
--enable-referer-log \
--enable-err-languages=English \
--enable-default-err-language=English \
--enable-wccpv2
# make && make install
# cat /dev/null > /usr/local/squid/etc/squid.conf
# nano /usr/local/squid/etc/squid.conf
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl mynet src 192.168.0.0/24
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow mynet
http_access deny all
icp_access deny all
http_port 3128 intercept
hierarchy_stoplist cgi-bin ?
cache_mem 2048 MB
maximum_object_size 256 MB
cache_dir aufs /cache 125000 128 256
coredump_dir /cache
cache_access_log /usr/local/squid/var/logs/access.log
cache_mgr Root@Cache
visible_hostname Cache-Server
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
wccp2_router 192.168.0.254
wccp_version 4
wccp2_forwarding_method gre
wccp2_return_method gre
wccp2_service standard 0
# nano /etc/rc.d/rc.gre
#!/bin/bash
## Config
Router=192.168.0.254
Cache=192.168.0.1
##
modprobe ip_gre
ip tunnel add wccp0 mode gre remote $Router local $Cache dev eth0
ifconfig wccp0 127.0.0.1 netmask 255.255.255.255 up
echo 0 >/proc/sys/net/ipv4/conf/wccp0/rp_filter
echo 0 >/proc/sys/net/ipv4/conf/eth0/rp_filter
echo 1 >/proc/sys/net/ipv4/ip_forward
# chmod 777 /etc/rc.d/rc.gre
# echo "/etc/rc.d/rc.gre" >> /etc/rc.d/rc.local
# echo "ulimit -HSn 16384" >> /etc/rc.d/rc.local
# echo "ulimit -HSd unlimited" >> /etc/rc.d/rc.local
# echo "/usr/local/squid/sbin/squid" >> /etc/rc.d/rc.local
Cisco
کد :
ip wccp web-cache
ip cef
interface FastEthernet2/0
description User Interface
ip wccp web-cache redirect in