Squid software provides users with many documents related to configuration, applications and libraries, logs, etc. for configuration and management. Squid has a main configuration file. At the same time, all Squid configuration files in the Red Hat environment are located in the /etc/squid subdirectory. In this directory, the system also provides a default configuration file with the name, however, in actual applications, there are certain problems with the default configuration file, so before using Squid, the relevant content of the configuration file must be modified first.
The following describes the structure of the file and some commonly used options. The configuration file can be divided into 13 parts. Although Squid's configuration file is huge, the scale of this configuration file reaches more than 3,000 lines. However, if you only provide proxy services for a small and medium-sized network and only prepare to use one server, then the configuration problem will become relatively simple, and you only need to modify a few options in the configuration file to meet the application needs. These commonly used options are:
1. http_port
This option defines the port where Squid listens for HTTPD client connection requests. The default is 3128, and if HTTPD acceleration mode is used, it is 80. Multiple ports can be specified, but all specified ports must appear on a command line for the program to correctly identify them.
2. cache_mem(bytes)
This option is used to specify the ideal value of memory that Squid can use. This part of the memory is used to store the following objects: In-Transit objects, Hot Objects, that is, objects commonly accessed by users, and Negative-Cached objects.
3. cache_dir Directory-Name Mbytes Level1 Level2
This option specifies the size of the swap space used by Squid to store objects and its directory structure. Multiple swap spaces can be defined using multiple cache_dir commands, and these swap spaces can be distributed on different disk partitions. "directory" indicates the top-level directory for the swap space. If you want to use the entire disk as swap space, you can mount the entire disk as the mount point. The default value is /var/spool/squid. Mbytes defines the total amount of space available.
Configure access control
Using the access control feature, you can control caches, accessing specific sites or groups of sites, etc. when accessing according to specific time intervals. Squid access control has two elements: ACL elements and access list. By using these methods, system administrators can strictly and clearly define the access control policy of proxy servers.
1. ACL elements
The syntax for this element is defined as follows:
acl aclname acltype string1…
acl aclname acltype “file”…
When using a file, the file is formatted with one entry per line. Among them, acltype can be any name defined in the ACL; any two ACL elements cannot use the same name; each ACL consists of a list value. When matching detection is performed, multiple values are connected by logic or operations. In other words, if the value of any ACL element is matched, then the ACL element is matched; not all ACL elements can use all types in the access list; different ACL elements are written in different rows, and Squid combines these elements in a list.