Accelerate! Pfsense squid running in the 1.2-rc3 (Teach you how to run squid)



  • Accelerate! Pfsense squid running in the 1.2-rc3 (# accelerate! Squid! Pfsense run in the 1.2-RC3))

    ########### This tutorial is bilingual (my mother tongue is Chinese. Understand little English only, with direct GOOGLE automatic translation )#################

    This is the introductory tutorial, Upgrade to neglect some of the settings. Squid on the nature of stress I do not need to repeat. Here for the time being accelerated HTTP settings (for the transparent proxy 192.168.1.0/24)

    (#First, the tutorial is given entry. Upgrade to neglect some of the settings. Squid on the nature of stress I do not need to repeat. Here for the time being accelerated HTTP settings (for the transparent proxy 192.168.1.0/24))

    declare: First of all, in the provision of what pfsense cache is not the issue, the key is to let him run! And played the role of cache!
            Secondly, the picture just below your general understanding of squid settings steps it is not necessarily up and running.
            Third, if there is the status of STOP squid, please read the transcript. Thank you.
      First
      1 install squid package (Picture 1)

    2 WEB installed in the inside shows Proxy server (Picture 2)

    3 Click into three general settings will see (the Picture 3)

    4 settings finished click cache management (Picture 4)

    5 Show running (see picture 5)

    Second: running articles
        1 entered the shell. Want to run a chown-R proxy: proxy / var / squid / cache (this is set permissions, and / var / squid / cache is your cache directory)

    2 in the best squid before running squid-k parse

    3  run squid -z , squid create cache used to run. (Should spend a little time, you can use the squid-zX observation process)

    4 squid-N-d1 their own room and whether there is a fault and, if so, please look up FAQ.

    5 All normal for squid then let it run up. Squid-s (if there is such information 2007/12/21 19:31:58 | Squid is already running! Process ID 1065, then please end clean. Squid-shutdown.
        In order to ensure complete end of squid, please - interrupt, and then - kill)

    6 again check your status under the Services. Look at whether the running. Luck.

    Basically, in accordance with such settings, squid should be able to operate a normal!

    Third: improve performance articles.

    After running articles settings, the performance is not the best.

    The reasons are as follows```
    ##########  HP company had the squid for a detailed testing.

    Refer to the documents, I made a school abroad Acting adjusted accordingly. Default cache_replacement_policy and memory_replacement_policy are LRU. The algorithm used in cache efficiency is relatively low. After the actual testing, the use of LFUDA (Least Frequently Used with Dynamic Aging) as a cache replacement policy, the cache hit rate highest. Use heap LRU as a memory replacement policy, the maximum memory cache hit rate. Measurement tools to include the use of overseas agents, the use of agency users, Chinanet bandwidth exports reached 5-7 M, has been much higher than the actual bandwidth M 4. Cache indeed played a role.

    I export to the relatively large bandwidth ((60M Campus Network) telecommunications (10 M) (with a))
    I do not know how settings are and the above article suggests matching. ##############

    
    ![1.png](/public/_imported_attachments_/1/1.png)
    ![1.png_thumb](/public/_imported_attachments_/1/1.png_thumb)
    ![2.png](/public/_imported_attachments_/1/2.png)
    ![2.png_thumb](/public/_imported_attachments_/1/2.png_thumb)
    ![3.png](/public/_imported_attachments_/1/3.png)
    ![3.png_thumb](/public/_imported_attachments_/1/3.png_thumb)
    ![4.png](/public/_imported_attachments_/1/4.png)
    ![4.png_thumb](/public/_imported_attachments_/1/4.png_thumb)
    ![5.png](/public/_imported_attachments_/1/5.png)
    ![5.png_thumb](/public/_imported_attachments_/1/5.png_thumb)
    ![6.png](/public/_imported_attachments_/1/6.png)
    ![6.png_thumb](/public/_imported_attachments_/1/6.png_thumb)


  • Writing interruption! ARP virus raging in my LAN!
    SORRY     >:( >:( >:(

    ARP virus has been resolved, arp a while "Storm" to stop the …

    Then Advanced unfinished chapter ....



  • this is my  squid.conf

    # less /usr/local/etc/squid/squid.conf |more
    # Do not edit manually!
    http_port 192.168.1.253:80
    http_port 127.0.0.1:80 transparent
    icp_port 0
    
    pid_filename /var/run/squid.pid
    cache_effective_user proxy
    cache_effective_group proxy
    error_directory /usr/local/etc/squid/errors/English
    visible_hostname localhost
    cache_mgr sniperpr@gmail.com
    
    access_log /var/squid/log/access.log
    cache_log /var/squid/log/cache.log
    cache_store_log none
    shutdown_lifetime 3 seconds
    # Allow local network(s) on interface(s)
    acl localnet src  192.168.1.0/255.255.255.0
    uri_whitespace strip
    
    cache_dir [color]diskd[/color] /var/squid/cache 150000 16 256
    cache_mem 16 MB
    maximum_object_size 4096 KB
    minimum_object_size 0 KB
    [color]cache_replacement_policy heap[/color] [color]LFUDA[/color]
    [color]memory_replacement_policy[/color] [color]heap GDSF[/color]
    offline_mode off
    
    # No redirector configured
    
    # Setup some default acls
    acl all src 0.0.0.0/0
    acl localhost src 127.0.0.1
    acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 443 1025-65535
    acl sslports port 443 563 443
    acl manager proto cache_object
    acl purge method PURGE
    acl connect method CONNECT
    acl dynamic urlpath_regex cgi-bin \?
    cache deny dynamic
    http_access allow manager localhost
    http_access deny manager
    http_access allow purge localhost
    http_access deny purge
    http_access deny !safeports
    http_access deny CONNECT !sslports
    
    # Always allow localhost connections
    http_access allow localhost
    
    request_body_max_size 0 KB
    reply_body_max_size 0 allow all
    delay_pools 1
    delay_class 1 2
    delay_parameters 1 -1/-1 -1/-1
    delay_initial_bucket_level 100
    delay_access 1 allow all
    
    # Allow local network(s) on interface(s)
    http_access allow localnet
    # Custom options
    [color]cache_swap_low 85[/color]
    cache_swap_high 99
    
    # Default block all to be sure
    http_access deny all
    
    

    cache_dir diskd /var/squid/cache 150000 16 256
    cache_replacement_policy heap LFUDA
    memory_replacement_policy heap GDSF
    cache_swap_low 85

    Please note that the red font.
    Next to explain why such settings.

    Squid Cache: Version 2.6.STABLE5
    configure options: '--bindir=/usr/local/sbin' '--sbindir=/usr/local/sbin' '--datadir=/usr/local/etc/squid' '--libexecdir=/usr/local/libexec/squid' '--localstatedir=/usr/local/squid' '--sysconfdir=/usr/local/etc/squid' '--enable-removal-policies=lru heap' '--disable-linux-netfilter' '--disable-linux-tproxy' '--disable-epoll' '--enable-auth=basic ntlm digest' '--enable-basic-auth-helpers=NCSA PAM MSNT SMB LDAP YP' '--enable-digest-auth-helpers=password ldap' '--enable-external-acl-helpers=ip_user session unix_group wbinfo_group ldap_group' '--enable-ntlm-auth-helpers=SMB' '--enable-storeio=ufs [color]diskd[/color] null' '--enable-delay-pools' '--enable-ssl' '--with-openssl=/usr' '--enable-wccpv2' '--enable-pf-transparent' '--enable-kqueue' '--enable-err-languages=Azerbaijani Bulgarian Catalan Czech Danish Dutch  English Estonian Finnish French German Greek Hebrew  Hungarian Italian Japanese Korean Lithuanian  Polish Portuguese Romanian Russian-1251 Russian-koi8-r  Serbian Simplify_Chinese Slovak Spanish Swedish  Traditional_Chinese Turkish' '--enable-default-err-language=English' '--prefix=/usr/local' 'i386-portbld-freebsd6.1' 'LDFLAGS= -L/usr/local/lib -rpath=/usr/lib:/usr/local/lib -L/usr/local/lib' 'CFLAGS=-O2 -fno-strict-aliasing -pipe  -I/usr/local/include -I/usr/include' 'CPPFLAGS=' 'host_alias=i386-portbld-freebsd6.1' 'build_alias=i386-portbld-freebsd6.1' 'target_alias=i386-portbld-freebsd6.1' 'CC=cc'
    

    The red font, in the squid-rc3 pfsense 1.2 compiler parameter. Why should this parameter? What is the origin?
    The map to explain why "diskd"   
    –enable-storeio=ufs diskd nul

    Thanks
    Squid: The Definitive Guide
    By Duane Wessels

    How to edit / etc / fstab?
    Mount-u-w /
    Chmod
    Ok





Log in to reply