Документация по ОС FreeBSD Вторник, 24.02.2026, 04:24
Главная
Регистрация
Вход
Приветствую Вас Гость | RSS
Меню сайта

Категории каталога
Apache [58]
DNS [25]
FTP [27]
Mail [74]
Samba [24]
Squid [46]
SSH [23]
VPN [35]
РРР [20]
Net [173]

Главная » Статьи » Сеть » Squid
Небольшая шпаргалка по Squid [2010]
Данная шпаргалка является небольшой компиляцией уже опубликованных раньше советов и предназначена, в основном, для администраторов небольших фирм или филиалов. Идля меня, чтобы я не забыл, что же я делал! Squid в данном случае используется для кэширования трафика, авторизации пользователей через Windows AD, антивирусная защита выполняется с помощью ClamAV.

 Обновляем систему и получаем порты после установки:

freebsd-update fetch
freebsd-update install
portsnap fetch
portsnap extract

 Устанавливаем bash

cd /usr/ports/shells/bash
make install

 Устанавливаем sudo и отключаем пользователя root. Напоминаю, что у вас должен иметься пользователь, например, admin, входящий в группу wheel.

cd /usr/ports/security/sudo
make install

  Правим sudoers, хотя можно воспользоваться утилитой visudo:

vi /usr/local/etc/sudoers

# User privilege specification
root ALL=(ALL) ALL
admin ALL=(ALL) ALL

 Отключаем root:

vipw

root:*:0:0::0:0:Charlie &:/root:/bin/csh
admin:$1$Q79D6ctDINpCzMV/:1001:1001::0:0:Admin Branch:/home/admin:/usr/local/bin/bash

 Ставим необходимые пакеты. MySQL я установил «чтоб было», в данном варианте он не нужен.

cd /usr/ports/www/apache22
make install
cd /usr/ports/lang/php5
make install
cd /usr/ports/lang/php5-extensions
make install
cd /usr/ports/databases/mysql50-server
make install

 Создаем каталоги для virtual-host. Это нам необходимо в случае, если на сервере будет крутиться еще что-то, например MRTG (в моем примере такого деления нет), дабы оно не пересекалось с каталогами Rejik и Lightsquid

mkdir /usr/local/www/apache22/data/squid
mkdir /usr/local/www/apache22/data/squid/www
mkdir /usr/local/www/apache22/data/squid/cgi-bin
mkdir /usr/local/www/apache22/data/squid/logfile
mkdir /usr/local/www/apache22/data/squid/error

 Настраиваем Apache

vi /usr/local/etc/apache22/httpd.conf

DirectoryIndex index.php index.html

AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
# Virtual hosts
Include etc/apache22/extra/httpd-vhosts.conf

 Правим файл виртуальных хостов

vi /usr/local/etc/apache22/extra/httpd-vhosts.conf

<VirtualHost *:80>
ServerAdmin msgibnev@yoyo.ru
DocumentRoot /usr/local/www/apache22/data/squid/www
ServerName proxy-branch.yoyo.ru
ServerAlias proxy-branch.yoyo.ru
ErrorLog /usr/local/www/apache22/data/squid/logfile/error_log
CustomLog /usr/local/www/apache22/data/squid/logfile/access_log common
RewriteEngine On
RewriteOptions Inherit

<Directory "/usr/local/www/apache22/data">
Options Indexes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>

ScriptAlias /cgi-bin/ "/usr/local/www/apache22/data/squid/cgi-bin/"

<Directory "/usr/local/www/apache22/data/squid/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>

Alias /error/ "/usr/local/www/apache22/data/squid/error/"

<Directory "/usr/local/www/apache22/data/squid/error">
AllowOverride None
Options IncludesNoExec
AddOutputFilter Includes html
AddHandler type-map var
Order allow,deny
Allow from all
</Directory>

</VirtualHost>

 Запускаем Apache:

vi /etc/rc.conf

apache22_enable="YES"

/usr/local/etc/rc.d/apache22 start

 Устанавливаем Squid. Я в ходе make config выбрал следующие опции: SQUID_LDAP_AUTH, SQUID_SNMP, SQUID_ECAP, SQUID_ICAP

cd /usr/ports/www/squid31/
make install
vi /etc/rc.conf

squid_enable="YES"

 Активируем кэш и устанавливаем Rejik

squid -z
cd /usr/ports/www/rejik
make install
cp -R /usr/ports/www/rejik/work/banlists /usr/local/rejik
cp -R /usr/ports/www/rejik/work/squid-like-www-en/* /usr/local/www/apache22/data/squid/www/

 Добавляем необходимые настройки в Squid

vi /usr/local/etc/squid/squid.conf

url_rewrite_program /usr/local/rejik/redirector /usr/local/rejik/redirector.conf
url_rewrite_children 15

 Правим файл конфигурации Rejik по собственному разумению. Если ничсего не понимаем – то ничего не трогаем, только отключаем логирование (раскомментировать строку log off)
 Устанавливаем права доступа

/usr/local/rejik/tools/set-permissions

 В AD создаем группы squid_inet (обычный доступ) и squid_inet_full (привилегированный доступ), в которых находятся пользователи test_user и test_user_full соответственно.

 Проверяем, можем ли получить доступ к LADP от имени пользователя squidreader

ldapsearch -D "squidreader@msk.yoyo.ru" -x -W -b "dc=msk,dc=yoyo,dc=ru" -h ldap_server

 Создаем файл пароля для пользователя squidreader

/usr/local/etc/squid/adpw.txt

Poiuyt-0

 Проверяем правильность определения группы пользователя из LDAP:

/usr/local/libexec/squid/squid_ldap_group -R -b "dc=msk,dc=yoyo,dc=ru" -f "(&(sAMAccountName=%v)(memberOf=cn=%a,ou=Group-Bank,dc=msk,dc=yoyo,dc=ru))" -D squidreader@msk.yoyo.ru -W /usr/local/etc/squid/adpw.txt -H ldap://ldap_server:3268

 Ответ должен быть примерно таким:

test_user squid_inet
OK

 Проверяем правильность аутентификации пользователя

/usr/local/libexec/squid/squid_ldap_auth -R -D squidreader@msk.yoyo.ru -W /usr/local/etc/squid/adpw.txt -b "dc=msk,dc=yoyo,dc=ru" -f "sAMAccountName=%s" -H ldap://ldap_server:3268

 Ответ должен быть примерно таким:

test_user Poiuyt-0
OK

 Создадим файл, в котором будет находиться список сайтов, доступных привилегированным пользователям:

vi /usr/local/etc/squid/privilegy_site_list

.*.odnoklassniki.ru.*
.*.vkontakte.ru.*
.*.mail.ru.*

 Правим файл конфигурации Squid. На данный момент он имеет такой вид:

vi /usr/local/etc/squid/squid.conf

#
# Recommended minimum configuration:
#
acl manager proto cache_object
acl localhost src 127.0.0.1/32

#=======================================
# LDAP
#=======================================

auth_param basic program /usr/local/libexec/squid/squid_ldap_auth -R -D squidreader@msk.yoyo.ru -W /usr/local/etc/squid/adpw.txt -b "dc=msk,dc=yoyo,dc=ru" -f "sAMAccountName=%s" -H ldap://ldap_server:3268
auth_param basic realm yoyo Squid Proxy

external_acl_type ldap_users ttl=7200 negative_ttl=3600 children=20 protocol=3.0 %LOGIN /usr/local/libexec/squid/squid_ldap_group -R -b "dc=msk,dc=yoyo,dc=ru" -f "(&(cn=%v)(memberOf=cn=%a,ou=Group-Bank,dc=msk,dc=yoyo,dc=ru))" -D squidreader@msk.yoyo.ru -W /usr/local/etc/squid/adpw.txt -H ldap://ldap_server:3268

#=======================================
# Rejik
#=======================================
url_rewrite_program /usr/local/rejik/redirector /usr/local/rejik/redirector.conf
url_rewrite_children 15

#IPv6 Not Available:acl localhost src ::1/128
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
#IPv6 Not Available:acl to_localhost dst ::1/128

# Example rule allowing access from your local networks.
# Adapt to list your (internal) IP networks from where browsing
# should be allowed
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
#IPv6 Not Available:acl localnet src fc00::/7 # RFC 4193 local private network range
#IPv6 Not Available:acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines

acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT

#=======================================
# ACL for LDAP
#=======================================

acl Inet_ldap_access_standart external ldap_users squid_inet
acl Inet_ldap_access_full external ldap_users squid_inet_full
acl Inet_ldap_deny url_regex -i "/usr/local/etc/squid/privilegy_site_list"

#
# Recommended minimum Access Permission configuration:
#
# Only allow cachemgr access from localhost
http_access allow manager localhost
http_access deny manager

# Deny requests to certain unsafe ports
http_access deny !Safe_ports

# Deny CONNECT to other than secure SSL ports
http_access deny CONNECT !SSL_ports

http_access allow localhost

#=======================================
# HTTP_ACCESS for LDAP
#=======================================

http_access allow Inet_ldap_access_full
http_access deny Inet_ldap_deny
deny_info http://10.33.18.16/porno.html Inet_ldap_deny
http_access allow Inet_ldap_access_standart

# And finally deny all other access to this proxy
http_access deny all

# Squid normally listens to port 3128
http_port 3128

# We recommend you to use at least the following line.
hierarchy_stoplist cgi-bin ?

# Uncomment and adjust the following to add a disk cache directory.
#cache_dir ufs /usr/local/squid/cache 100 16 256

#=======================================
# Cache settings
#=======================================

cache_swap_low 70
cache_swap_high 90
cache_mem 256 MB
memory_pools on
memory_pools_limit 120 MB
maximum_object_size 20 MB
minimum_object_size 0 KB
maximum_object_size_in_memory 48 KB
request_header_max_size 12 KB
request_body_max_size 0 KB
ipcache_size 32768
ipcache_low 80
ipcache_high 95
fqdncache_size 1024000
cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF

# Leave coredumps in the first cache dir
coredump_dir /usr/local/squid/cache

# Add any of your own refresh_pattern entries above these.
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320

 Устанавливаем Lightsquid для просмотра статистики:

cd /usr/ports/www/lightsquid
make install
cp -r /usr/local/www/lightsquid/* /usr/local/www/apache22/data/squid/cgi-bin/
cd /usr/local/www/apache22/data/squid/cgi-bin/
chmod +x *.cgi
chmod +x *.pl
chown -R www:www *

 Выполняем конфигурирование:

vi /usr/local/etc/lightsquid/lightsquid.cfg

#path to additional `cfg` files
$cfgpath ="/usr/local/etc/lightsquid";
#path to `tpl` folder
$tplpath ="/usr/local/www/apache22/data/squid/cgi-bin/tpl";
#path to `lang` folder
$langpath ="/usr/local/share/lightsquid/lang";
#path to `report` folder
$reportpath ="/usr/local/www/apache22/data/squid/cgi-bin/report";
#path to access.log
$logpath ="/var/log/squid";
#path to `ip2name` folder
$ip2namepath ="/usr/local/libexec/lightsquid";

 Конфигурируем группы:

vi /usr/local/etc/lightsquid/group.cfg

test_user 01 TestUser_StandartAccess
test_user_full 02 TestUser_FullAccess
test_user_def 03 TestUser_DefaultAccess

 Конфигурируем соответствие IP-адресов фамилиям сотрудников (при необходимости):

vi /usr/local/etc/lightsquid/realname.cfg

 Проверяем правильность конфигурирования:

/usr/local/www/apache22/data/squid/cgi-bin/check-setup.pl

 Ответ должен быть примерно таким:

LightSquid Config Checker, (c) 2005-9 Sergey Erokhin GNU GPL

LogPath : /var/log/squid
reportpath: /usr/local/www/apache22/data/squid/cgi-bin/report
Lang : /usr/local/share/lightsquid/lang/eng
Template : /usr/local/www/apache22/data/squid/cgi-bin/tpl/base
Ip2Name : /usr/local/libexec/lightsquid/ip2name.simple

all check passed, now try access to cgi part in browser

 Запускаем парсер:

/usr/local/www/apache22/data/squid/cgi-bin/lightparser.pl

 Смотрим статистику на http://адрес_сервера/cgi-bin/index.cgi. Если все нормально, то добавляем задание в cron:

crontab -e

0-59/5 * * * * /usr/local/www/apache22/data/squid/cgi-bin/lightparser.pl

 Устанавливаем антивирусную защиту:

cd /usr/ports/security/clamav
make install

 Добавляем в rc.conf обновление ClamAV:

vi /etc/rc.conf

clamav_freshclam_enable="YES"

 Запускаем демон обновления:

/usr/local/etc/rc.d/clamav-freshclam start

 Устанавливаем ICAP:

cd /usr/ports/www/c-icap
make install
chown -R cicap:cicap /var/run/c-icap

 Подготавливаем Syslog к приему сообщений от ICAP:

vi /etc/syslog.conf

*.local1 /var/log/c-icap.log

 Добаляем в файл конфигурации следующие строки:

vi /usr/local/etc/c-icap.conf

acl squid_respmod src 0.0.0.0 type respmod
icap_access allow squid_respmod

 Запускаем службу:

vi /etc/rc.conf

c_icap_enable="YES"

 Добаляем в файл конфигурации Squid следующие строки:

vi /usr/local/etc/squid/squid.conf

icap_enable on
icap_preview_enable on
icap_preview_size 128
icap_send_client_ip on
icap_service service_avi_req reqmod_precache 0 icap://localhost:1344/srv_clamav
icap_service service_avi respmod_precache 1 icap://localhost:1344/srv_clamav
icap_class class_antivirus service_avi
icap_class class_antivirus service_avi_req
icap_access class_antivirus allow all

 Настраиваем MRTG:

cd /usr/ports/net-mgmt/mrtg
make install
cd /usr/ports/net-mgmt/net-snmp
make install
mkdir /usr/local/www/apache22/data/squid/www/mrtg

 Создаем файл конфигурации MRTG:

vi /usr/local/etc/squid/mrtg.conf

WorkDir: /usr/local/www/apache22/data/squid/www/mrtg
LoadMIBs: /usr/local/etc/squid/mib.txt

Language: russian

Target[cacheHits]: cacheHttpHits&cacheProtoClientHttpRequests:squidmrtg@localhost:3401
Title[cacheHits]: HTTP Hits
PageTop[cacheHits]: <h1>HTTP Hits / Requests</h1>
MaxBytes[cacheHits]: 10000000
Supress[cacheHits]: y
YLegend[cacheHits]: perminute
ShortLegend[cacheHits]: req/min
LegendI[cacheHits]: HTTP hits
LegendO[cacheHits]: HTTP requests
Legend1[cacheHits]: HTTP hits
Legend2[cacheHits]: HTTP requests
Options[cacheHits]: nopercent, perminute, dorelpercent

Target[cacheServerRequests]: cacheServerRequests&cacheServerRequests:squidmrtg@localhost:3401
MaxBytes[cacheServerRequests]: 10000000
Title[cacheServerRequests]: Server Requests
Options[cacheServerRequests]: nopercent
PageTop[cacheServerRequests]: <h1>Server Requests </h1>
YLegend[cacheServerRequests]: requests/sec
ShortLegend[cacheServerRequests]: req/s
LegendI[cacheServerRequests]: Requests 
LegendO[cacheServerRequests]:
Legend1[cacheServerRequests]: Requests
Legend2[cacheServerRequests]:

Target[cacheServerErrors]: cacheServerErrors&cacheServerErrors:squidmrtg@localhost:3401
MaxBytes[cacheServerErrors]: 10000000
Title[cacheServerErrors]: Server Errors
Options[cacheServerErrors]: nopercent
PageTop[cacheServerErrors]: <h1>Server Errors </h1>
YLegend[cacheServerErrors]: errors/sec
ShortLegend[cacheServerErrors]: err/s
LegendI[cacheServerErrors]: Errors 
LegendO[cacheServerErrors]:
Legend1[cacheServerErrors]: Errors
Legend2[cacheServerErrors]:

Target[cacheServerInOutKb]: cacheServerInKb&cacheServerOutKb:squidmrtg@localhost:3401 * 1024
MaxBytes[cacheServerInOutKb]: 1000000000
Title[cacheServerInOutKb]: Server In/Out Traffic
Options[cacheServerInOutKb]: nopercent
PageTop[cacheServerInOutKb]: <h1>Server In/Out Traffic </h1>
YLegend[cacheServerInOutKb]: Bytes/sec
ShortLegend[cacheServerInOutKb]: Bytes/s
LegendI[cacheServerInOutKb]: Server In 
LegendO[cacheServerInOutKb]: Server Out 
Legend1[cacheServerInOutKb]: Server In
Legend2[cacheServerInOutKb]: Server Out

Target[cacheHttpErrors]: cacheHttpErrors&cacheHttpErrors:squidmrtg@localhost:3401
MaxBytes[cacheHttpErrors]: 10000000
Title[cacheHttpErrors]: HTTP Errors
Options[cacheHttpErrors]: nopercent
PageTop[cacheHttpErrors]: <h1>HTTP Errors </h1>
YLegend[cacheHttpErrors]: errors/sec
ShortLegend[cacheHttpErrors]: err/s
LegendI[cacheHttpErrors]: Errors 
LegendO[cacheHttpErrors]:
Legend1[cacheHttpErrors]: Errors
Legend2[cacheHttpErrors]:

Target[cacheIcpPktsSentRecv]: cacheIcpPktsSent&cacheIcpPktsRecv:squidmrtg@localhost:3401
MaxBytes[cacheIcpPktsSentRecv]: 10000000
Title[cacheIcpPktsSentRecv]: ICP Packets Sent/Received
Options[cacheIcpPktsSentRecv]: nopercent
PageTop[cacheIcpPktsSentRecv]: <h1>ICP Packets Sent/Recieved </h1>
YLegend[cacheIcpPktsSentRecv]: packets/sec
ShortLegend[cacheIcpPktsSentRecv]: pkts/s
LegendI[cacheIcpPktsSentRecv]: Pkts Sent 
LegendO[cacheIcpPktsSentRecv]: Pkts Received 
Legend1[cacheIcpPktsSentRecv]: Pkts Sent
Legend2[cacheIcpPktsSentRecv]: Pkts Received

Target[cacheIcpKbSentRecv]: cacheIcpKbSent&cacheIcpKbRecv:squidmrtg@localhost:3401 * 1024
MaxBytes[cacheIcpKbSentRecv]: 1000000000
Title[cacheIcpKbSentRecv]: ICP Bytes Sent/Received
Options[cacheIcpKbSentRecv]: nopercent
PageTop[cacheIcpKbSentRecv]: <h1>ICP Bytes Sent/Received </h1>
YLegend[cacheIcpKbSentRecv]: Bytes/sec
ShortLegend[cacheIcpKbSentRecv]: Bytes/s
LegendI[cacheIcpKbSentRecv]: Sent 
LegendO[cacheIcpKbSentRecv]: Received 
Legend1[cacheIcpKbSentRecv]: Sent
Legend2[cacheIcpKbSentRecv]: Received

Target[cacheHttpInOutKb]: cacheHttpInKb&cacheHttpOutKb:squidmrtg@localhost:3401 * 1024
MaxBytes[cacheHttpInOutKb]: 1000000000
Title[cacheHttpInOutKb]: HTTP In/Out Traffic
Options[cacheHttpInOutKb]: nopercent
PageTop[cacheHttpInOutKb]: <h1>HTTP In/Out Traffic </h1>
YLegend[cacheHttpInOutKb]: Bytes/second
ShortLegend[cacheHttpInOutKb]: Bytes/s
LegendI[cacheHttpInOutKb]: HTTP In 
LegendO[cacheHttpInOutKb]: HTTP Out 
Legend1[cacheHttpInOutKb]: HTTP In
Legend2[cacheHttpInOutKb]: HTTP Out

Target[cacheCurrentSwapSize]: cacheCurrentSwapSize&cacheCurrentSwapSize:squidmrtg@localhost:3401
MaxBytes[cacheCurrentSwapSize]: 1000000000
Title[cacheCurrentSwapSize]: Current Swap Size
Options[cacheCurrentSwapSize]: gauge, nopercent
PageTop[cacheCurrentSwapSize]: <h1>Current Swap Size </h1>
YLegend[cacheCurrentSwapSize]: swap size
ShortLegend[cacheCurrentSwapSize]: Bytes
LegendI[cacheCurrentSwapSize]: Swap Size 
LegendO[cacheCurrentSwapSize]:
Legend1[cacheCurrentSwapSize]: Swap Size
Legend2[cacheCurrentSwapSize]:

Target[cacheNumObjCount]: cacheNumObjCount&cacheNumObjCount:squidmrtg@localhost:3401
MaxBytes[cacheNumObjCount]: 10000000
Title[cacheNumObjCount]: Num Object Count
Options[cacheNumObjCount]: gauge, nopercent
PageTop[cacheNumObjCount]: <h1>Num Object Count </h1>
YLegend[cacheNumObjCount]: # of objects
ShortLegend[cacheNumObjCount]: objects
LegendI[cacheNumObjCount]: Num Objects 
LegendO[cacheNumObjCount]:
Legend1[cacheNumObjCount]: Num Objects
Legend2[cacheNumObjCount]:

Target[cacheCpuUsage]: cacheCpuUsage&cacheCpuUsage:squidmrtg@localhost:3401
MaxBytes[cacheCpuUsage]: 100
AbsMax[cacheCpuUsage]: 100
Title[cacheCpuUsage]: CPU Usage
Options[cacheCpuUsage]: absolute, gauge, noinfo, nopercent
Unscaled[cacheCpuUsage]: dwmy
PageTop[cacheCpuUsage]: <h1>CPU Usage </h1>
YLegend[cacheCpuUsage]: usage %
ShortLegend[cacheCpuUsage]:%
LegendI[cacheCpuUsage]: CPU Usage 
LegendO[cacheCpuUsage]:
Legend1[cacheCpuUsage]: CPU Usage
Legend2[cacheCpuUsage]:

Target[cacheMemUsage]: cacheMemUsage&cacheMemUsage:squidmrtg@localhost:3401 * 1024
MaxBytes[cacheMemUsage]: 2000000000
Title[cacheMemUsage]: Memory Usage
Options[cacheMemUsage]: gauge, nopercent
PageTop[cacheMemUsage]: <h1>Total memory accounted for </h1>
YLegend[cacheMemUsage]: Bytes
ShortLegend[cacheMemUsage]: Bytes
LegendI[cacheMemUsage]: Mem Usage 
LegendO[cacheMemUsage]:
Legend1[cacheMemUsage]: Mem Usage
Legend2[cacheMemUsage]:

Target[cacheSysPageFaults]: cacheSysPageFaults&cacheSysPageFaults:squidmrtg@localhost:3401
MaxBytes[cacheSysPageFaults]: 10000000
Title[cacheSysPageFaults]: Sys Page Faults
Options[cacheSysPageFaults]: nopercent
PageTop[cacheSysPageFaults]: <h1>Sys Page Faults </h1>
YLegend[cacheSysPageFaults]: page faults/sec
ShortLegend[cacheSysPageFaults]: PF/s
LegendI[cacheSysPageFaults]: Page Faults 
LegendO[cacheSysPageFaults]:
Legend1[cacheSysPageFaults]: Page Faults
Legend2[cacheSysPageFaults]:

Target[cacheSysVMsize]: cacheSysVMsize&cacheSysVMsize:squidmrtg@localhost:3401 * 1024
MaxBytes[cacheSysVMsize]: 1000000000
Title[cacheSysVMsize]: Storage Mem Size
Options[cacheSysVMsize]: gauge, nopercent
PageTop[cacheSysVMsize]: <h1>Storage Mem Size </h1>
YLegend[cacheSysVMsize]: mem size
ShortLegend[cacheSysVMsize]: Bytes
LegendI[cacheSysVMsize]: Mem Size 
LegendO[cacheSysVMsize]:
Legend1[cacheSysVMsize]: Mem Size
Legend2[cacheSysVMsize]:

Target[cacheSysStorage]: cacheSysStorage&cacheSysStorage:squidmrtg@localhost:3401
MaxBytes[cacheSysStorage]: 1000000000
Title[cacheSysStorage]: Storage Swap Size
Options[cacheSysStorage]: gauge, nopercent
PageTop[cacheSysStorage]: <h1>Storage Swap Size </h1>
YLegend[cacheSysStorage]: swap size (KB)
ShortLegend[cacheSysStorage]: KBytes
LegendI[cacheSysStorage]: Swap Size 
LegendO[cacheSysStorage]:
Legend1[cacheSysStorage]: Swap Size
Legend2[cacheSysStorage]:

Target[cacheSysNumReads]: cacheSysNumReads&cacheSysNumReads:squidmrtg@localhost:3401
MaxBytes[cacheSysNumReads]: 10000000
Title[cacheSysNumReads]: HTTP I/O number of reads
Options[cacheSysNumReads]: nopercent
PageTop[cacheSysNumReads]: <h1>HTTP I/O number of reads </h1>
YLegend[cacheSysNumReads]: reads/sec
ShortLegend[cacheSysNumReads]: reads/s
LegendI[cacheSysNumReads]: I/O 
LegendO[cacheSysNumReads]:
Legend1[cacheSysNumReads]: I/O
Legend2[cacheSysNumReads]:

Target[cacheCpuTime]: cacheCpuTime&cacheCpuTime:squidmrtg@localhost:3401
MaxBytes[cacheCpuTime]: 1000000000
Title[cacheCpuTime]: Cpu Time
Options[cacheCpuTime]: gauge, nopercent
PageTop[cacheCpuTime]: <h1>Amount of cpu seconds consumed </h1>
YLegend[cacheCpuTime]: cpu seconds
ShortLegend[cacheCpuTime]: cpu seconds
LegendI[cacheCpuTime]: Mem Time 
LegendO[cacheCpuTime]:
Legend1[cacheCpuTime]: Mem Time
Legend2[cacheCpuTime]:

Target[cacheMaxResSize]: cacheMaxResSize&cacheMaxResSize:squidmrtg@localhost:3401 * 1024
MaxBytes[cacheMaxResSize]: 1000000000
Title[cacheMaxResSize]: Max Resident Size
Options[cacheMaxResSize]: gauge, nopercent
PageTop[cacheMaxResSize]: <h1>Maximum Resident Size </h1>
YLegend[cacheMaxResSize]: Bytes
ShortLegend[cacheMaxResSize]: Bytes
LegendI[cacheMaxResSize]: Size 
LegendO[cacheMaxResSize]:
Legend1[cacheMaxResSize]: Size
Legend2[cacheMaxResSize]:

Target[cacheCurrentLRUExpiration]: cacheCurrentLRUExpiration&cacheCurrentLRUExpiration:squidmrtg@localhost:3401
MaxBytes[cacheCurrentLRUExpiration]: 1000000000
Title[cacheCurrentLRUExpiration]: LRU Expiration Age
Options[cacheCurrentLRUExpiration]: gauge, nopercent
PageTop[cacheCurrentLRUExpiration]: <h1>Storage LRU Expiration Age </h1>
YLegend[cacheCurrentLRUExpiration]: expir (days)
ShortLegend[cacheCurrentLRUExpiration]: days
LegendI[cacheCurrentLRUExpiration]: Age 
LegendO[cacheCurrentLRUExpiration]:
Legend1[cacheCurrentLRUExpiration]: Age
Legend2[cacheCurrentLRUExpiration]:

Target[cacheCurrentUnlinkRequests]: cacheCurrentUnlinkRequests&cacheCurrentUnlinkRequests:squidmrtg@localhost:3401
MaxBytes[cacheCurrentUnlinkRequests]: 1000000000
Title[cacheCurrentUnlinkRequests]: Unlinkd Requests
Options[cacheCurrentUnlinkRequests]: nopercent
PageTop[cacheCurrentUnlinkRequests]: <h1>Requests given to unlinkd </h1>
YLegend[cacheCurrentUnlinkRequests]: requests/sec
ShortLegend[cacheCurrentUnlinkRequests]: reqs/s
LegendI[cacheCurrentUnlinkRequests]: Unlinkd requests 
LegendO[cacheCurrentUnlinkRequests]:
Legend1[cacheCurrentUnlinkRequests]: Unlinkd requests
Legend2[cacheCurrentUnlinkRequests]:

Target[cacheCurrentUnusedFileDescrCount]: cacheCurrentUnusedFDescrCnt&cacheCurrentUnusedFDescrCnt:squidmrtg@localhost:3401
MaxBytes[cacheCurrentUnusedFileDescrCount]: 1000000000
Title[cacheCurrentUnusedFileDescrCount]: Available File Descriptors
Options[cacheCurrentUnusedFileDescrCount]: gauge, nopercent
PageTop[cacheCurrentUnusedFileDescrCount]: <h1>Available number of file descriptors </h1>
YLegend[cacheCurrentUnusedFileDescrCount]: # of FDs
ShortLegend[cacheCurrentUnusedFileDescrCount]: FDs
LegendI[cacheCurrentUnusedFileDescrCount]: File Descriptors 
LegendO[cacheCurrentUnusedFileDescrCount]:
Legend1[cacheCurrentUnusedFileDescrCount]: File Descriptors
Legend2[cacheCurrentUnusedFileDescrCount]:

Target[cacheCurrentReservedFileDescrCount]: cacheCurrentResFileDescrCnt&cacheCurrentResFileDescrCnt:squidmrtg@localhost:3401
MaxBytes[cacheCurrentReservedFileDescrCount]: 1000000000
Title[cacheCurrentReservedFileDescrCount]: Reserved File Descriptors
Options[cacheCurrentReservedFileDescrCount]: gauge, nopercent
PageTop[cacheCurrentReservedFileDescrCount]: <h1>Reserved number of file descriptors </h1>
YLegend[cacheCurrentReservedFileDescrCount]: # of FDs
ShortLegend[cacheCurrentReservedFileDescrCount]: FDs
LegendI[cacheCurrentReservedFileDescrCount]: File Descriptors 
LegendO[cacheCurrentReservedFileDescrCount]:
Legend1[cacheCurrentReservedFileDescrCount]: File Descriptors
Legend2[cacheCurrentReservedFileDescrCount]:

Target[cacheClients]: cacheClients&cacheClients:squidmrtg@localhost:3401
MaxBytes[cacheClients]: 1000000000
Title[cacheClients]: Number of Clients
Options[cacheClients]: nopercent
PageTop[cacheClients]: <h1>Number of clients accessing cache </h1>
YLegend[cacheClients]: clients/sec
ShortLegend[cacheClients]: clients/s
LegendI[cacheClients]: Num Clients 
LegendO[cacheClients]:
Legend1[cacheClients]: Num Clients
Legend2[cacheClients]:

Target[cacheHttpAllSvcTime]: cacheHttpAllSvcTime.5&cacheHttpAllSvcTime.60:squidmrtg@localhost:3401
MaxBytes[cacheHttpAllSvcTime]: 1000000000
Title[cacheHttpAllSvcTime]: HTTP All Service Time
Options[cacheHttpAllSvcTime]: gauge, nopercent
PageTop[cacheHttpAllSvcTime]: <h1>HTTP all service time </h1>
YLegend[cacheHttpAllSvcTime]: svc time (ms)
ShortLegend[cacheHttpAllSvcTime]: ms
LegendI[cacheHttpAllSvcTime]: Median Svc Time (5min) 
LegendO[cacheHttpAllSvcTime]: Median Svc Time (60min) 
Legend1[cacheHttpAllSvcTime]: Median Svc Time
Legend2[cacheHttpAllSvcTime]: Median Svc Time

Target[cacheHttpMissSvcTime]: cacheHttpMissSvcTime.5&cacheHttpMissSvcTime.60:squidmrtg@localhost:3401
MaxBytes[cacheHttpMissSvcTime]: 1000000000
Title[cacheHttpMissSvcTime]: HTTP Miss Service Time
Options[cacheHttpMissSvcTime]: gauge, nopercent
PageTop[cacheHttpMissSvcTime]: <h1>HTTP miss service time </h1>
YLegend[cacheHttpMissSvcTime]: svc time (ms)
ShortLegend[cacheHttpMissSvcTime]: ms
LegendI[cacheHttpMissSvcTime]: Median Svc Time (5min) 
LegendO[cacheHttpMissSvcTime]: Median Svc Time (60min) 
Legend1[cacheHttpMissSvcTime]: Median Svc Time
Legend2[cacheHttpMissSvcTime]: Median Svc Time

Target[cacheHttpNmSvcTime]: cacheHttpNmSvcTime.5&cacheHttpNmSvcTime.60:squidmrtg@localhost:3401
MaxBytes[cacheHttpNmSvcTime]: 1000000000
Title[cacheHttpNmSvcTime]: HTTP Near Miss Service Time
Options[cacheHttpNmSvcTime]: gauge, nopercent
PageTop[cacheHttpNmSvcTime]: <h1>HTTP near miss service time </h1>
YLegend[cacheHttpNmSvcTime]: svc time (ms)
ShortLegend[cacheHttpNmSvcTime]: ms
LegendI[cacheHttpNmSvcTime]: Median Svc Time (5min) 
LegendO[cacheHttpNmSvcTime]: Median Svc Time (60min) 
Legend1[cacheHttpNmSvcTime]: Median Svc Time
Legend2[cacheHttpNmSvcTime]: Median Svc Time

Target[cacheHttpHitSvcTime]: cacheHttpHitSvcTime.5&cacheHttpHitSvcTime.60:squidmrtg@localhost:3401
MaxBytes[cacheHttpHitSvcTime]: 1000000000
Title[cacheHttpHitSvcTime]: HTTP Hit Service Time
Options[cacheHttpHitSvcTime]: gauge, nopercent
PageTop[cacheHttpHitSvcTime]: <h1>HTTP hit service time </h1>
YLegend[cacheHttpHitSvcTime]: svc time (ms)
ShortLegend[cacheHttpHitSvcTime]: ms
LegendI[cacheHttpHitSvcTime]: Median Svc Time (5min) 
LegendO[cacheHttpHitSvcTime]: Median Svc Time (60min) 
Legend1[cacheHttpHitSvcTime]: Median Svc Time
Legend2[cacheHttpHitSvcTime]: Median Svc Time

Target[cacheIcpQuerySvcTime]: cacheIcpQuerySvcTime.5&cacheIcpQuerySvcTime.60:squidmrtg@localhost:3401
MaxBytes[cacheIcpQuerySvcTime]: 1000000000
Title[cacheIcpQuerySvcTime]: ICP Query Service Time
Options[cacheIcpQuerySvcTime]: gauge, nopercent
PageTop[cacheIcpQuerySvcTime]: <h1>ICP query service time </h1>
YLegend[cacheIcpQuerySvcTime]: svc time (ms)
ShortLegend[cacheIcpQuerySvcTime]: ms
LegendI[cacheIcpQuerySvcTime]: Median Svc Time (5min) 
LegendO[cacheIcpQuerySvcTime]: Median Svc Time (60min) 
Legend1[cacheIcpQuerySvcTime]: Median Svc Time
Legend2[cacheIcpQuerySvcTime]: Median Svc Time

Target[cacheIcpReplySvcTime]: cacheIcpReplySvcTime.5&cacheIcpReplySvcTime.60:squidmrtg@localhost:3401
MaxBytes[cacheIcpReplySvcTime]: 1000000000
Title[cacheIcpReplySvcTime]: ICP Reply Service Time
Options[cacheIcpReplySvcTime]: gauge, nopercent
PageTop[cacheIcpReplySvcTime]: <h1>ICP reply service time </h1>
YLegend[cacheIcpReplySvcTime]: svc time (ms)
ShortLegend[cacheIcpReplySvcTime]: ms
LegendI[cacheIcpReplySvcTime]: Median Svc Time (5min) 
LegendO[cacheIcpReplySvcTime]: Median Svc Time (60min) 
Legend1[cacheIcpReplySvcTime]: Median Svc Time
Legend2[cacheIcpReplySvcTime]: Median Svc Time

Target[cacheDnsSvcTime]: cacheDnsSvcTime.5&cacheDnsSvcTime.60:squidmrtg@localhost:3401
MaxBytes[cacheDnsSvcTime]: 1000000000
Title[cacheDnsSvcTime]: DNS Service Time
Options[cacheDnsSvcTime]: gauge, nopercent
PageTop[cacheDnsSvcTime]: <h1>DNS service time </h1>
YLegend[cacheDnsSvcTime]: svc time (ms)
ShortLegend[cacheDnsSvcTime]: ms
LegendI[cacheDnsSvcTime]: Median Svc Time (5min) 
LegendO[cacheDnsSvcTime]: Median Svc Time (60min) 
Legend1[cacheDnsSvcTime]: Median Svc Time
Legend2[cacheDnsSvcTime]: Median Svc Time

Target[cacheRequestHitRatio]: cacheRequestHitRatio.5&cacheRequestHitRatio.60:squidmrtg@localhost:3401
MaxBytes[cacheRequestHitRatio]: 100
AbsMax[cacheRequestHitRatio]: 100
Title[cacheRequestHitRatio]: Request Hit Ratio
Options[cacheRequestHitRatio]: absolute, gauge, noinfo, nopercent
Unscaled[cacheRequestHitRatio]: dwmy
PageTop[cacheRequestHitRatio]: <h1>Request Hit Ratio </h1>
YLegend[cacheRequestHitRatio]: %
ShortLegend[cacheRequestHitRatio]: %
LegendI[cacheRequestHitRatio]: Median Hit Ratio (5min) 
LegendO[cacheRequestHitRatio]: Median Hit Ratio (60min) 
Legend1[cacheRequestHitRatio]: Median Hit Ratio
Legend2[cacheRequestHitRatio]: Median Hit Ratio

Target[cacheRequestByteRatio]: cacheRequestByteRatio.5&cacheRequestByteRatio.60:squidmrtg@localhost:3401
MaxBytes[cacheRequestByteRatio]: 100
AbsMax[cacheRequestByteRatio]: 100
Title[cacheRequestByteRatio]: Byte Hit Ratio
Options[cacheRequestByteRatio]: absolute, gauge, noinfo, nopercent
Unscaled[cacheRequestByteRatio]: dwmy
PageTop[cacheRequestByteRatio]: <h1>Byte Hit Ratio </h1>
YLegend[cacheRequestByteRatio]: %
ShortLegend[cacheRequestByteRatio]:%
LegendI[cacheRequestByteRatio]: Median Hit Ratio (5min) 
LegendO[cacheRequestByteRatio]: Median Hit Ratio (60min) 
Legend1[cacheRequestByteRatio]: Median Hit Ratio
Legend2[cacheRequestByteRatio]: Median Hit Ratio

Target[cacheBlockingGetHostByAddr]: cacheBlockingGetHostByAddr&cacheBlockingGetHostByAddr:squidmrtg@localhost:3401
MaxBytes[cacheBlockingGetHostByAddr]: 1000000000
Title[cacheBlockingGetHostByAddr]: Blocking gethostbyaddr
Options[cacheBlockingGetHostByAddr]: nopercent
PageTop[cacheBlockingGetHostByAddr]: <h1>Blocking gethostbyaddr count </h1>
YLegend[cacheBlockingGetHostByAddr]: blocks/sec
ShortLegend[cacheBlockingGetHostByAddr]: blocks/s
LegendI[cacheBlockingGetHostByAddr]: Blocking 
LegendO[cacheBlockingGetHostByAddr]:
Legend1[cacheBlockingGetHostByAddr]: Blocking
Legend2[cacheBlockingGetHostByAddr]:

 Проверяем работу SNMP:

snmpwalk -v 2c -c squidmrtg localhost:3401 .1.3.6.1.4.1.3495.1.1

Если все нормально. то вывод будет примерно таким:

SNMPv2-SMI::enterprises.3495.1.1.1.0 = INTEGER: 9152
SNMPv2-SMI::enterprises.3495.1.1.2.0 = INTEGER: 0
SNMPv2-SMI::enterprises.3495.1.1.3.0 = Timeticks: (776462) 2:09:24.62

 Добавляем в файл конфигурации Squid следующие строки:

vi /usr/local/etc/squid/squid.conf

acl My_SNMP snmp_community squidmrtg
snmp_port 3401
snmp_access allow My_SNMP localhost
snmp_access deny all

 Создаем index.html

usr/local/mrtg/bin/indexmaker squid.cfg > /usr/local/etc/squid/mrtg.conf

 Добавляем задание в cron:

0-59/5 * * * * /usr/local/bin/mrtg /usr/local/etc/squid/mrtg.conf

Источник: http://dreamcatcher.ru/2010/04/30/Небольшая-шпаргалка-по-squid/
Категория: Squid | Добавил: oleg (11.05.2010) | Автор: Mixa
Просмотров: 1791 | Рейтинг: 0.0/0 |
Всего комментариев: 0
Добавлять комментарии могут только зарегистрированные пользователи.
[ Регистрация | Вход ]
Форма входа

Beastie

Друзья сайта

Copyright MyCorp © 2026