varnishncsa -n /usr/local/varnish/ -w /var/log/varnish.log & //简化日志的输出
#!/bin/bash
# This is varnish http type log
if [ "$1" = "start" ]; then
/usr/local/bin/varnishncsa -n /usr/local/varnish | /usr/sbin/rotatelogs /var/log/varnish.%Y.%m.%d.log 3600 480 & //3600秒,表示每小时生成一个日志,480分钟表示UTC时差为8小时。因为中国在东八区。否则生成的时间比正确时间少8小时。
elif [ "$1" = "stop" ]; then
killall varnishncsa
else
echo $0 "{ start | stop }"
fi
net.ipv4.ip_local_port_range = 1024 65535
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.ipv4.tcp_rmem = 4096 87380 16777216
net.ipv4.tcp_wmem = 4096 65536 16777216
net.ipv4.tcp_fin_timeout = 30
net.core.netdev_max_backlog = 30000
net.ipv4.tcp_no_metrics_save = 1
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_max_orphans = 262144
net.ipv4.tcp_max_syn_backlog = 262144
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 2
启动压缩功能(注:varnish本身没有压缩功能,需要交给后端服务器)
if (req.http.Accept-Encoding) {
if (req.url ~ ".(jpg|gif|png|gz|tgz|mp3)$") {
remove req.http.Accept-Encoding;
} else if (req.http.Accept-Encoding ~ "gzip") {
set req.http.Accept-Encoding = "gzip";
} else if ( req.http.Accept-Encoding ~ "default") {
set req.http.Accept-Encoding = "default";
} else {
remove req.http.Accept-Encoding;
}
}
sub vcl_hash {
set req.hash += req.url;
if (req.http.Accept-Encoding ~ "gzip") {
set req.hash += "gzip";
}
else if (req.http.Accept-Encoding ~ "default") {
set req.hash += "default";
}
return (hash);
}
防盗链图片:
if (req.http.referer ~ "http://.*") {
if ( !(req.http.referer ~ "http://.*benet.com"
|| req.http.referer ~ "http://.*baidu.com"
|| req.http.referer ~ "http://.*google.com"
|| req.http.referer ~ "http://.*yahoo.cn")
{
set req.http.host = "www.benet.com";
set req.url = "/var/www/html/images/logo.gif";
}
return (lookup)
}