Squid Tuning for FreeBSD

First you shoud install Squid from ports and compile with options to support diskd. 1. Install Squid from ports. cd /usr/ports/www/squid make install 2. Compile Squid with diskd support: cd /usr/ports/www/squid/work/squid-2.5.STABLE9 ./configure --bindir=/usr/local/sbin --sysconfdir=/usr/local/etc/squid --datadir=/usr/local/etc/squid --libexecdir=/usr/local/libexec/squid --localstatedir=/usr/local/squid --enable-removal-policies=lru,heap --enable-auth=basic,ntlm,digest --enable-basic-auth-helpers=NCSA,PAM,MSNT,SMB,winbind,YP --enable-digest-auth-helpers=password --enable-external-acl-helpers=ip_user,unix_group,wbinfo_group,winbind_group --enable-ntlm-auth-helpers=SMB,winbind --enable-storeio=ufs,diskd,null --enable-underscores --enable-err-languages=English --enable-default-err-language=Romanian --with-large-files --enable-large-cache-files --enable-delay-pools --enable-ipf-transparent --disable-ident-lookups --enable-snmp --enable-removal-policies --prefix=/usr/local i386-portbld-freebsd5.4 make install 3. Add FreeBSD sysctl parameters into your /boot/loader.conf: kern.ipc.nmbclusters: 32768 kern.maxfiles=65536 kern.maxfilesperproc=32768 net.inet.ip.portrange.last: 65535 4. Compile kernel with this options: options SHMSEG=16 options SHMMNI=32 options SHMMAX=2097152 options SHMALL=4096 options MAXFILES=8192 5. Your squid.conf should like like that: (please modify the path where your stored squid cache, the size of cache and also the allowed ip range for your squid daemon. Don't forget do do a 'squid -z' if you did not, at install time (for creating cache directories). #my settings http_port 8080 icp_port 0 hierarchy_stoplist cgi-bin ? acl QUERY urlpath_regex cgi-bin \? no_cache deny QUERY cache_mem 128 MB maximum_object_size 80000 KB ipcache_size 1024 ipcache_low 90 ipcache_high 95 cache_dir diskd /mnt/squid 28000 32 512 Q1=72 Q2=64 log_fqdn off logfile_rotate 10 dns_nameservers 10.0.0.1 auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours refresh_pattern ^ftp:        1440    20%    10080 refresh_pattern ^gopher:    1440    0%    1440 refresh_pattern .        0    20%    4320 #next, remove acl localnet src 10.0.0.0/255.255.0.0 acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 563 acl Safe_ports port 80 21 443 563 210 1025-65535 280 488 591 777 acl CONNECT method CONNECT acl all src 0.0.0.0/0.0.0.0 http_access deny !Safe_ports http_access allow localnet http_reply_access allow all visible_hostname localhost httpd_accel_host virtual httpd_accel_port 80 httpd_accel_with_proxy on httpd_accel_uses_host_header on coredump_dir /usr/local/squid/cache