Accelerate! Pfsense squid running in the 1.2-rc3 (Teach you how to run squid)
Accelerate! Pfsense squid running in the 1.2-rc3 (# accelerate! Squid! Pfsense run in the 1.2-RC3))
########### This tutorial is bilingual (my mother tongue is Chinese. Understand little English only, with direct GOOGLE automatic translation )#################
This is the introductory tutorial, Upgrade to neglect some of the settings. Squid on the nature of stress I do not need to repeat. Here for the time being accelerated HTTP settings (for the transparent proxy 192.168.1.0/24)
(#First, the tutorial is given entry. Upgrade to neglect some of the settings. Squid on the nature of stress I do not need to repeat. Here for the time being accelerated HTTP settings (for the transparent proxy 192.168.1.0/24))
declare: First of all, in the provision of what pfsense cache is not the issue, the key is to let him run! And played the role of cache!
Secondly, the picture just below your general understanding of squid settings steps it is not necessarily up and running.
Third, if there is the status of STOP squid, please read the transcript. Thank you.
1 install squid package (Picture 1)
2 WEB installed in the inside shows Proxy server (Picture 2)
3 Click into three general settings will see (the Picture 3)
4 settings finished click cache management (Picture 4)
5 Show running (see picture 5)
Second: running articles
1 entered the shell. Want to run a chown-R proxy: proxy / var / squid / cache (this is set permissions, and / var / squid / cache is your cache directory)
2 in the best squid before running squid-k parse
3 run squid -z , squid create cache used to run. (Should spend a little time, you can use the squid-zX observation process)
4 squid-N-d1 their own room and whether there is a fault and, if so, please look up FAQ.
5 All normal for squid then let it run up. Squid-s (if there is such information 2007/12/21 19:31:58 | Squid is already running! Process ID 1065, then please end clean. Squid-shutdown.
In order to ensure complete end of squid, please - interrupt, and then - kill)
6 again check your status under the Services. Look at whether the running. Luck.
Basically, in accordance with such settings, squid should be able to operate a normal!
Third: improve performance articles.
After running articles settings, the performance is not the best.
The reasons are as follows```
########## HP company had the squid for a detailed testing.
Refer to the documents, I made a school abroad Acting adjusted accordingly. Default cache_replacement_policy and memory_replacement_policy are LRU. The algorithm used in cache efficiency is relatively low. After the actual testing, the use of LFUDA (Least Frequently Used with Dynamic Aging) as a cache replacement policy, the cache hit rate highest. Use heap LRU as a memory replacement policy, the maximum memory cache hit rate. Measurement tools to include the use of overseas agents, the use of agency users, Chinanet bandwidth exports reached 5-7 M, has been much higher than the actual bandwidth M 4. Cache indeed played a role.
I export to the relatively large bandwidth ((60M Campus Network) telecommunications (10 M) (with a))
I do not know how settings are and the above article suggests matching. ##############
![1.png](/public/_imported_attachments_/1/1.png) ![1.png_thumb](/public/_imported_attachments_/1/1.png_thumb) ![2.png](/public/_imported_attachments_/1/2.png) ![2.png_thumb](/public/_imported_attachments_/1/2.png_thumb) ![3.png](/public/_imported_attachments_/1/3.png) ![3.png_thumb](/public/_imported_attachments_/1/3.png_thumb) ![4.png](/public/_imported_attachments_/1/4.png) ![4.png_thumb](/public/_imported_attachments_/1/4.png_thumb) ![5.png](/public/_imported_attachments_/1/5.png) ![5.png_thumb](/public/_imported_attachments_/1/5.png_thumb) ![6.png](/public/_imported_attachments_/1/6.png) ![6.png_thumb](/public/_imported_attachments_/1/6.png_thumb)
Writing interruption! ARP virus raging in my LAN!
SORRY >:( >:( >:(
ARP virus has been resolved, arp a while "Storm" to stop the …
Then Advanced unfinished chapter ....
this is my squid.conf
# less /usr/local/etc/squid/squid.conf |more # Do not edit manually! http_port 192.168.1.253:80 http_port 127.0.0.1:80 transparent icp_port 0 pid_filename /var/run/squid.pid cache_effective_user proxy cache_effective_group proxy error_directory /usr/local/etc/squid/errors/English visible_hostname localhost cache_mgr email@example.com access_log /var/squid/log/access.log cache_log /var/squid/log/cache.log cache_store_log none shutdown_lifetime 3 seconds # Allow local network(s) on interface(s) acl localnet src 192.168.1.0/255.255.255.0 uri_whitespace strip cache_dir [color]diskd[/color] /var/squid/cache 150000 16 256 cache_mem 16 MB maximum_object_size 4096 KB minimum_object_size 0 KB [color]cache_replacement_policy heap[/color] [color]LFUDA[/color] [color]memory_replacement_policy[/color] [color]heap GDSF[/color] offline_mode off # No redirector configured # Setup some default acls acl all src 0.0.0.0/0 acl localhost src 127.0.0.1 acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 443 1025-65535 acl sslports port 443 563 443 acl manager proto cache_object acl purge method PURGE acl connect method CONNECT acl dynamic urlpath_regex cgi-bin \? cache deny dynamic http_access allow manager localhost http_access deny manager http_access allow purge localhost http_access deny purge http_access deny !safeports http_access deny CONNECT !sslports # Always allow localhost connections http_access allow localhost request_body_max_size 0 KB reply_body_max_size 0 allow all delay_pools 1 delay_class 1 2 delay_parameters 1 -1/-1 -1/-1 delay_initial_bucket_level 100 delay_access 1 allow all # Allow local network(s) on interface(s) http_access allow localnet # Custom options [color]cache_swap_low 85[/color] cache_swap_high 99 # Default block all to be sure http_access deny all
cache_dir diskd /var/squid/cache 150000 16 256
cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF
Please note that the red font.
Next to explain why such settings.
Squid Cache: Version 2.6.STABLE5 configure options: '--bindir=/usr/local/sbin' '--sbindir=/usr/local/sbin' '--datadir=/usr/local/etc/squid' '--libexecdir=/usr/local/libexec/squid' '--localstatedir=/usr/local/squid' '--sysconfdir=/usr/local/etc/squid' '--enable-removal-policies=lru heap' '--disable-linux-netfilter' '--disable-linux-tproxy' '--disable-epoll' '--enable-auth=basic ntlm digest' '--enable-basic-auth-helpers=NCSA PAM MSNT SMB LDAP YP' '--enable-digest-auth-helpers=password ldap' '--enable-external-acl-helpers=ip_user session unix_group wbinfo_group ldap_group' '--enable-ntlm-auth-helpers=SMB' '--enable-storeio=ufs [color]diskd[/color] null' '--enable-delay-pools' '--enable-ssl' '--with-openssl=/usr' '--enable-wccpv2' '--enable-pf-transparent' '--enable-kqueue' '--enable-err-languages=Azerbaijani Bulgarian Catalan Czech Danish Dutch English Estonian Finnish French German Greek Hebrew Hungarian Italian Japanese Korean Lithuanian Polish Portuguese Romanian Russian-1251 Russian-koi8-r Serbian Simplify_Chinese Slovak Spanish Swedish Traditional_Chinese Turkish' '--enable-default-err-language=English' '--prefix=/usr/local' 'i386-portbld-freebsd6.1' 'LDFLAGS= -L/usr/local/lib -rpath=/usr/lib:/usr/local/lib -L/usr/local/lib' 'CFLAGS=-O2 -fno-strict-aliasing -pipe -I/usr/local/include -I/usr/include' 'CPPFLAGS=' 'host_alias=i386-portbld-freebsd6.1' 'build_alias=i386-portbld-freebsd6.1' 'target_alias=i386-portbld-freebsd6.1' 'CC=cc'
The red font, in the squid-rc3 pfsense 1.2 compiler parameter. Why should this parameter? What is the origin?
The map to explain why "diskd"
–enable-storeio=ufs diskd nul
Squid: The Definitive Guide
By Duane Wessels
How to edit / etc / fstab?