Vous n'êtes pas identifié(e).
L'icône rouge permet de télécharger chaque page du wiki visitée au format
PDF et la grise au format ODT →
Ci-dessous, les différences entre deux révisions de la page.
Les deux révisions précédentes Révision précédente Prochaine révision | Révision précédente Prochaine révision Les deux révisions suivantes | ||
utilisateurs:hypathie:tutos:proxy-transparent [17/10/2014 09:42] Hypathie [Configuration de squid comme proxy transparent] |
utilisateurs:hypathie:tutos:proxy-transparent [17/10/2014 10:24] Hypathie [Configuration de squid comme proxy transparent] |
||
---|---|---|---|
Ligne 185: | Ligne 185: | ||
>''# maximum_object_size 4096 KB'' | >''# maximum_object_size 4096 KB'' | ||
+ | <note important> | ||
+ | Comparer :\\ | ||
+ | -> ''# cache_mem 256 MB''\\ | ||
+ | -> ''#cache_dir ufs /var/spool/squid3 100 16 256''\\ | ||
+ | |||
+ | => La définition de la mémoire cache (256 MB) serait plus large que l'espace disque défini (100MB) !\\ | ||
+ | |||
+ | Donc attention en dé-commentant ! | ||
+ | |||
+ | df -h /var | ||
+ | Sys. fich. Taille Util. Dispo Uti% Monté sur | ||
+ | /dev/mapper/systeme-var 2,8G 1,0G 1,7G 39% /var | ||
+ | |||
+ | </note> | ||
* Ce qui donne : | * Ce qui donne : | ||
+ | <code> | ||
+ | acl manager proto cache_object | ||
+ | acl localhost src 127.0.0.1/32 ::1 | ||
+ | acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1 | ||
+ | acl localnet src 192.168.1.0/24 # RFC1918 possible internal network | ||
+ | acl SSL_ports port 443 | ||
+ | acl Safe_ports port 80 # http | ||
+ | acl Safe_ports port 21 # ftp | ||
+ | acl Safe_ports port 443 # https | ||
+ | acl Safe_ports port 70 # gopher | ||
+ | acl Safe_ports port 210 # wais | ||
+ | acl Safe_ports port 1025-65535 # unregistered ports | ||
+ | acl Safe_ports port 280 # http-mgmt | ||
+ | acl Safe_ports port 488 # gss-http | ||
+ | acl Safe_ports port 591 # filemaker | ||
+ | acl Safe_ports port 777 # multiling http | ||
+ | acl CONNECT method CONNECT | ||
+ | acl lan src 192.168.0.1 192.168.1.0/24 | ||
+ | http_access allow manager localhost | ||
+ | http_access deny manager | ||
+ | http_access deny !Safe_ports | ||
+ | http_access deny CONNECT !SSL_ports | ||
+ | http_access allow localhost | ||
+ | http_access allow localnet | ||
+ | http_access allow lan | ||
+ | http_access deny all | ||
+ | http_port 3128 transparent | ||
+ | |||
+ | #Default: | ||
+ | #cache_mem 256 MB | ||
+ | cache_mem 100 MB | ||
+ | #Default: | ||
+ | maximum_object_size_in_memory 512 KB | ||
+ | # Décommentez et régler les éléments suivants pour ajouter un répertoire de cach | ||
+ | e disque: | ||
+ | cache_dir ufs /var/spool/squid3 100 16 256 | ||
+ | #Default: | ||
+ | store_dir_select_algorithm least-load | ||
+ | # A value of 0 indicates no limit. | ||
+ | #Default: | ||
+ | max_open_disk_fds 0 | ||
+ | # TAG: minimum_object_size (bytes) | ||
+ | # Objects smaller than this size will NOT be saved on disk. The | ||
+ | # value is specified in kilobytes, and the default is 0 KB, which | ||
+ | # means there is no minimum. | ||
+ | #Default: | ||
+ | minimum_object_size 0 KB | ||
+ | #Default: | ||
+ | maximum_object_size 4096 KB | ||
+ | |||
+ | |||
+ | # Leave coredumps in the first cache dir | ||
+ | coredump_dir /var/spool/squid3 | ||
+ | #Default: | ||
+ | access_log /var/log/squid3/access.log squid | ||
+ | refresh_pattern ^ftp: 1440 20% 10080 | ||
+ | refresh_pattern ^gopher: 1440 0% 1440 | ||
+ | refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 | ||
+ | refresh_pattern . 0 20% 4320 | ||
+ | </code> | ||
* Et quand on relance squid3 | * Et quand on relance squid3 | ||
<code root>/etc/init.d/squid3 start</code> | <code root>/etc/init.d/squid3 start</code> | ||
- | <code>2014/10/17 09:28:42| WARNING cache_mem is larger than total disk cache space! | + | <code> |
2014/10/17 09:28:42| Creating Swap Directories | 2014/10/17 09:28:42| Creating Swap Directories | ||
2014/10/17 09:28:42| /var/spool/squid3 exists | 2014/10/17 09:28:42| /var/spool/squid3 exists | ||
Ligne 208: | Ligne 282: | ||
2014/10/17 09:28:42| Making directories in /var/spool/squid3/0E | 2014/10/17 09:28:42| Making directories in /var/spool/squid3/0E | ||
2014/10/17 09:28:43| Making directories in /var/spool/squid3/0F | 2014/10/17 09:28:43| Making directories in /var/spool/squid3/0F | ||
- | 2014/10/17 09:28:43| WARNING cache_mem is larger than total disk cache space! | ||
. ok </code> | . ok </code> | ||
===== configuration d'iptables (NAT) ===== | ===== configuration d'iptables (NAT) ===== |