[squid-users] Squid configuration upgrade from 2.6 to 2.7

I have upgraded my squid server from 2.6 stable 22 to 2.7 stable  7.

Along with this, I have updated the configuration and wanted to make sure that some of the new settings won't be a problem.

The biggest change is that I increased the maximum object size the squid will cache.  Before everything at the default levels.
I increased this size sine most of the files/pages being servers up, especially the ones that have flash and vidoes would be larger
then 4K.

Let me know if there is a better way or setting I should/should not be using.

Thanks

acl all src all
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32

acl SSL_ports port 443
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl CONNECT method CONNECT

http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports

http_port 127.0.0.1:3128

hierarchy_stoplist cgi-bin ?
refresh_pattern . 0 20% 4320

acl apache rep_header Server ^Apache
broken_vary_encoding allow apache

coredump_dir /var/cache/squid

http_access allow manager localhost
http_access deny manager

http_access deny to_localhost

http_port 80 accel vport

cache_peer 172.21.1.2 parent 80 0 no-query originserver round-robin login=PASS
cache_peer 172.21.3.4 parent 80 0 no-query originserver round-robin login=PASS
cache_peer 172.21.5.6 parent 80 0 no-query originserver round-robin login=PASS

acl mainSite dstdomain www.company.com
acl otherSites dstdomain .company.com

cache_peer_access 172.21.1.2 allow mainSite
cache_peer_access 172.21.1.2 deny all
cache_peer_access 172.21.3.4 allow mainSite
cache_peer_access 172.21.3.4 deny all
cache_peer_access 172.21.5.6 allow mainSite
cache_peer_access 172.21.5.6 deny all
 
http_access allow mainSite

deny_info http://www.company.com/ otherSites

http_access deny otherSites
http_access deny all

icp_port 0
icp_access deny all
log_icp_queries off

acl loadbalancer1 src 172.21.10.1
acl loadbalancer2 src 172.21.10.12
follow_x_forwarded_for allow loadbalancer1
follow_x_forwarded_for allow loadbalancer2
follow_x_forwarded_for allow all
acl_uses_indirect_client on
delay_pool_uses_indirect_client on
log_uses_indirect_client on

logformat combined %{Host}>h %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %<st "%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh
access_log /var/log/squid/access.log combined
logfile_rotate 0
collapsed_forwarding on
vary_ignore_expire on
httpd_suppress_version_string off

cache_effective_user squid
cache_store_log none
client_db off
cache_mem  512 MB
maximum_object_size_in_memory 24 MB
cache_replacement_policy lru
cache_dir ufs /var/cache/squid 2000 10 10
maximum_object_size 20480 KB
                                               
_________________________________________________________________
Hotmail: Trusted email with Microsoft’s powerful SPAM protection.
http://clk.atdmt.com/GBL/go/196390706/direct/01/
Received on Thu Jan 07 2010 - 15:53:54 MST