2.1-squid forward Proxy

1. Install squid

Yum Install Squid

2. Modify the Squid configuration file

Cache_dir UFS/VAR/SPOOL/SQUID 100 16 256

Cache_mem MB

.... Inserting code under Refresh_pattern

Refresh_pattern \. (jpg|png|gif|js|css|mp3|mp4|exe) 1440 20% 2880 ignore-reload

Visible_hostname WYP

"Cache_dir" This is used to specify the cache directory on the local disk, the following 1024 is the size, in units of M, depending on the size of your disk.

"Cache_mem" It is used to specify the size of the cache memory, that is, to store the cache in memory, depending on the memory of your machine, if your machine is just running Squid service, then left the system 512M memory, the other can be divided into Squid.

"Refresh_pattern" is used to match the buffered object

"Visible_hostname" must write a name, otherwise error, or start failure.

3. Once the configuration file is saved, you can check for syntax errors first:

# Squid-kcheck can be shortened to-KCH

4. Restart Squid

# Squid-kreconfigur can be shortened to-kre

5. One more thing to do before booting up is to initialize the cache directory:

# Mkdir/data/cache

# Chown-r squid:squid/data/cache/

# squid-z

2013/06/12 16:25:14| Creating Swap Directories

2013/06/12 16:25:14| /data/cache exists

OK, after the initialization is complete, squid can be started:

#/etc/init.d/squid Start

Starting squid:.

Test:

1. Use IE to test, set proxy IP and port, open Web site with Web page.

2. Test with curl, such as: Curl-xlocalhost:3128-i www.baidu.com

3. Monitor port traffic with Tcpdump-nn Port 3128来

Sometimes, we will have this demand, is to restrict certain domain names can not be accessed through the proxy, or just want to proxy a few domain names, how to do it? Found in squid.conf:

ACL Connect method Connect

Add four lines below it:

ACL http Proto http

ACL Good_domain dstdomain. apelearn.com. aminglinux.com

Http_access Allow HTTP Good_domain #允许访问白名单

Http_access deny HTTP!good_domain #拒绝访问非白名单

Where my whitelist domain name is ". apelearn.com. Aminglinux.com", here. Represents a universal match. Front

Can be any character, you just need to fill out your whitelist domain name can be. Restart Squid again to test the look:

/etc/init.d/squid restart

# curl-xlocalhost:80-i http://www.baidu.com/

The visit to Baidu has become 403. What if you want to set a blacklist? The truth is the same:

ACL http Proto http

ACL Bad_domain dstdomain. Sina.com. souhu.com

Http_access Allow HTTP!bad_domain

Http_access deny HTTP Bad_domain

After restarting squid, test:

#/etc/init.d/squid Restart

# curl-xlocalhost:80 http://www.sina.com/-I.

# curl-xlocalhost:80 http://www.baidu.com/-I.

Baidu.com can be accessed, and sina.com cannot be accessed.

2.1-squid forward Proxy