Squid proxy server)

Source: Internet
Author: User
Tags squid proxy

1. Traditional proxy

Traditional proxies can hide IP addresses mostly for the Internet.

In Linux, squid is not installed by default. Therefore, you must install the support for the perl language pack in red hat.

The squid proxy server requires two Nics. First, ensure that your traffic passes through the linux server. Therefore, ensure that SNAT can communicate with each other.

1) configure network parameters

In the test, a network card is redirected to VM2. VM3. The intranet eth0 corresponds to the VM2 Internet eth1 corresponds to VM3.

Configure the host name: it is very important to configure the host name for proxy servers or other tasks.

Warning: During the experiment, the client and the Accessed server firewall are disabled or ICMP packets are allowed to pass through. Otherwise, ping the server may fail.

2) write iptables firewall rules and enable route forwarding

The SNAT rules required here are: iptables-t nat-a postrouting-s [intranet IP address]-o [outgoing Nic, that is, Internet Nic] SNAT -- to-source [Internet IP address] 650) this. width = 650; "src ="/e/u261/themes/default/images/spacer.gif "style =" background: url ("/e/u261/lang/zh-cn/images/localimage.png") no-repeat center; border: 1px solid # ddd; "alt =" spacer.gif "/>

650) this. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/4D/F2/wKioL1RcziGARnMVAAGOGxQ6ShQ867.jpg "title =" 1.png" alt = "wKioL1RcziGARnMVAAGOGxQ6ShQ867.jpg"/>

Enable route forwarding: vi/etc/sysctl. conf. Modify net. ipv4.ip _ forward = 1 and initialize sysctl-p

3) verify SNAT

650) this. width = 650; "src ="/e/u261/themes/default/images/spacer.gif "style =" background: url ("/e/u261/lang/zh-cn/images/localimage.png") no-repeat center; border: 1px solid # ddd; "alt =" spacer.gif "/> 650) this. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/4D/F3/wKiom1RczcOg33owAARV627o-jA348.jpg "title =" 2 (2).jpg "alt =" wKiom1RczcOg33owAARV627o-jA348.jpg "/>

The first Red Hat is firewall 2008, and the second linux is that the client accesses the server through firewall rules forwarding.

4) the installation of the squid server rpm package is not detailed here.

5) configure necessary parameters (traditional proxy)

 

Http_port 3128

Visible_hostname [your host name]

Reply_body_max_size [maximum download volume you want to allow, for example, 10240000 (unit: K)] allow all

6) restart the squid proxy server for initialization.

Or squid-z (Initialize cache directory) squid-D (start squid service)

7) client settings

In the lan settings, 650) this. width = 650; "src ="/e/u261/themes/default/images/spacer.gif "style =" background: url ("/e/u261/lang/zh-cn/images/localimage.png") no-repeat center; border: 1px solid # ddd; "alt =" spacer.gif "/>

650) this. width = 650; "src =" http://s3.51cto.com/wyfs02/M00/4D/F2/wKioL1RczmqTyBl2AANdO19IxlU275.jpg "title =" 3.jpg" alt = "wKioL1RczmqTyBl2AANdO19IxlU275.jpg"/>

In linux

Set in preference advanced network

650) this. width = 650; "src ="/e/u261/themes/default/images/spacer.gif "style =" background: url ("/e/u261/lang/zh-cn/images/localimage.png") no-repeat center; border: 1px solid # ddd; "alt =" spacer.gif "/> 650) this. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/4D/F2/wKioL1RczoLTR41nAANJbmYfZLU368.jpg "title =" 4.png" alt = "wKioL1RczoLTR41nAANJbmYfZLU368.jpg"/>

If you use the graphical interface liunx, you need to manually specify the environment variable

Vi/etc/profile

HTTP_PROXY = http: // [proxy server IP address] // specify the proxy server for HTTP

HTTPS_PROXY = http: // [proxy server IP address] // specify the proxy server for HTTPS

FTP_PROXY = http: // [proxy server IP address] // for FTP

NO_PROXY = 192.168.1., 192.168.2. // no proxy is used for the two LAN segments.

Export HTTP_PROXY HTTPS_PROXY FTP_PROXY NO_PROXY // application

8) run tail/var/log/httpd/access_log to view httpd access logs.

2, Transparent proxy              

Transparent Proxy is mostly used for LAN clients without manual settings

1) modify the configuration file

650) this. width = 650; "src ="/e/u261/themes/default/images/spacer.gif "style =" background: url ("/e/u261/lang/zh-cn/images/localimage.png") no-repeat center; border: 1px solid # ddd; "alt =" spacer.gif "/> 650) this. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/4D/F3/wKiom1RczjvCk2g_AACcZgFKajM197.jpg "title =" 5.jpg" alt = "wKiom1RczjvCk2g_AACcZgFKajM197.jpg"/>

Add the IP address of the proxy server

2) set iptables redirection policy

650) this. width = 650; "src ="/e/u261/themes/default/images/spacer.gif "style =" background: url ("/e/u261/lang/zh-cn/images/localimage.png") no-repeat center; border: 1px solid # ddd; "alt =" spacer.gif "/> 650) this. width = 650; "src =" http://s3.51cto.com/wyfs02/M00/4D/F2/wKioL1RcztTB2PETAACN4SAQhYY019.jpg "title =" 6.png" alt = "wKioL1RcztTB2PETAACN4SAQhYY019.jpg"/>

3) verify: Clear the specified proxy server. Do not manually set the proxy. If you have just finished the traditional proxy, manually remove it.

Dynamically view squid logs tail-F/var/log/squid/access. log

650) this. width = 650; "src ="/e/u261/themes/default/images/spacer.gif "style =" background: url ("/e/u261/lang/zh-cn/images/localimage.png") no-repeat center; border: 1px solid # ddd; "alt =" spacer.gif "/> 650) this. width = 650; "src =" http://s3.51cto.com/wyfs02/M00/4D/F3/wKiom1RcznqDSKi2AACa2IeoaZY722.jpg "title =" 7.jpg" alt = "wKiom1RcznqDSKi2AACa2IeoaZY722.jpg"/>

A description is added successfully.


This article is from the "IT technology blog" blog, please be sure to keep this source http://xingxingxingxin.blog.51cto.com/4794205/1574210

Squid proxy server)

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.