Date: Thu, 2 Sep 2010 00:03:16 +0100 From: RW <rwmaillists@googlemail.com> To: freebsd-questions@freebsd.org Subject: Re: Should a "squid" user have a shell? Message-ID: <20100902000316.5a5cf931@gumby.homeunix.com> In-Reply-To: <AANLkTikHwZ45sV_CNXFvTAWkbxmOC3N-kHJG1NY=d5LP@mail.gmail.com> References: <AANLkTinEdd4701=ua16EeyFNy83Phva5rLEed4hhAhCU@mail.gmail.com> <AANLkTi=awQQfuW7ese0fnUiFu=F8Mv9iDG3iqEwvum9b@mail.gmail.com> <AANLkTikHwZ45sV_CNXFvTAWkbxmOC3N-kHJG1NY=d5LP@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 1 Sep 2010 09:38:03 -0700 Ed Flecko <edflecko@gmail.com> wrote: > Thank you Jerry. > > The only reason I'm not using the squid port is because I found a > website > ( http://teklimbu.wordpress.com/2007/10/03/enterprise-freebsd-squid-proxy-server/ ) > that has detailed instructions on installing squid for an Enterprise > environment claiming the performance is very good. > > Since I'm new to using squid and using squid on FreeBSD, I'm simply > trying to duplicate his setup. It's quite possible that I could > achieve the same performance results from using the port install of > squid...but maybe I wouldn't. You might as well build the port. There's nothing special in his configure settings - although the squid port provides a variable for this if you if you want to add extra configure settings not supported by the port options. The port will apply some patches to the code that may, or may not, be need. It will also provide an rc script and create the user/group. Either way you need to run squid -z to create the directories. IIRC this will create the directories with the correct ownership if the effective user/group is correct in squid.conf. That just leaves squid.conf which you have to setup anyway, since the port defaults to a small "ufs" cache. I'd suggest taking the default and stripping out the very lengthy comments, and them merging in any settings you want from his file - having looked-up what they actually do. Some of his setting are sensible, such as using diskd, some less so, such as the acl to deny query url caching, which more efficiently handled through refresh patterns in the default file. Also I'd suggest not using heap GDSF/LFUDA cache replacement until you have established you can't get a week's retention from the default lru policy. The suggestion of running a local dns cache shouldn't make much difference since squid does it own caching.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100902000316.5a5cf931>