HostedDB - Dedicated UNIX Servers

Securing-Optimizing-RH-Linux-1_2_349
Comments and suggestions concerning this book should be mailed to gmourani@videotron.ca © Copyright 1999-2000 Gerhard Mourani and Open Network Architecture ® 349 log_icp_queries off This option “log_icp_queries” specify if you want ICP (ICP is used to exchange hints about the existence of URLs in neighbor caches) queries to be logged to “access.log” file or not. Since we don’t use the ICP feature in Squid accelerator mode, we can turn safety this option to “OFF”. cachemgr_passwd my-secret-pass all This option “cachemgr_passwd” specify a password that will be require for accessing the operations of the “cachemgr.cgi” program utility. This CGI utility program is designed to run through a web interface and outputs statistics about Squid configuration and performance. The <my-secret-pass> is the password you have chosen and the keyword <all> specifies to set this password to be the same for all actions you can perform in this program. See “The cachemgr.cgi program utility of Squid”, bellow in this chapter for more information. buffered_logs on This option “buffered_logs” if turned “ON” can  speed up the writing of some log files slightly. This is an optimization feature. Configuration of the “/etc/squid/squid.conf” file as a proxy-caching mode With some minor modification of the “squid.conf” file we have definite above to run Squid in httpd- accelerator mode, we can run Squid as proxy-caching server. In proxy cache server, all users in your corporate network use Squid to access the Internet. With this configuration you can have complete control and apply special policy on what can be viewed, acceded, downloaded, you can also control bandwidth usage, connection time and so on. Proxy cache server can be configured to run as stand-alone server for your corporate or to use and share caches hierarchy with other proxy server around the Internet. With the first example bellow we show you how to configure Squid as stand-alone server and then speak a little bit about a cache hierarchy configuration, where two or more proxy-cache servers cooperate by serving documents to each other. Edit the squid.conf file (vi /etc/squid/squid.conf) and add/change the following options for proxy cache that run as a stand-alone server: http_port 8080 icp_port 0 acl QUERY urlpath_regex cgi-bin \? no_cache deny QUERY cache_mem 16 MB