Squid 設定的注意事項

以下設定為 squid-2.X 的設定, 如果您還在使用 squid-1.X, 建議您升級至新版本。

以其他 Proxy 為 Parent 時的配合設定

  1. squid 預設值是不讓 cgi 的 request 經過 parent proxy, 建議如下設定 
    #hierarchy_stoplist cgi-bin ?	# 此行更改為下行
hierarchy_stoplist
  2. squid-2.3.x 預設值傾向於直接連接到原來的 WWW Server, 建議如下設定 
    #prefer_direct on    # 此行更改為下行
prefer_direct off
    但是 squid-2.4.x 則定義不同,因此反而要使用 
    #prefer_direct off   # 此行更改為下行
prefer_direct on
    原因參考如下說明:

    在 squid-2.3.x 的 squid.conf 中: 

    #  TAG: prefer_direct
#       By default, if the ICP, HTCP, Cache Digest, etc. techniques
#       do not yield a parent cache, Squid gives higher preference
#       to forwarding the request direct to origin servers, rather
#       than selecting a parent cache anyway.
#
#       If you want Squid to give higher precedence to a parent
#       cache, instead of going direct, then turn this option off.
#prefer_direct on
    在 squid-2.4.x 的 squid.conf 中: 
    #  TAG: prefer_direct
#       Normally Squid tries to use parents for most requests. If you by some
#       reason like it to first try going direct and only use a parent if
#       going direct fails then set this to off.
#
#       By combining nonhierarchical_direct off and prefer_direct on you
#       can set up Squid to use a parent as a backup path if going direct
#       fails.
#
#Default:
# prefer_direct off

其他設定上可能出現的小問題

  1. squid 預設值會對某些 port 做設限, 如 
    acl SSL_ports port 443 563
acl Safe_ports port 80 21 443 563 70 210 1025-65535
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
    如有這方面的困擾請自行更改設定。
Comments to : master@proxy.ntu.edu.tw