RHEL6.4 build Squid Proxy Server

Lab requirement: Build a squid proxy server so that the Intranet host 192.168.100.1 can access the Internet web Server 1.1.1.119425100.254/

Lab requirement: Build a squid proxy server so that the Intranet host 192.168.100.1 can access the Internet web Server 1.1.1.1

192.168.100.254/24

Eth0 (intranet Interface)

Intranet client host 192.168.100.1 ------------- squid Proxy Server ------------ Internet web Server 1.1.1.1

Eth1 (Public Network Interface)

1.1.1.254/8

1. Set up squid Proxy Server

1. Install a software package that provides proxy services

# Yum-y install squid

2. Modify the master configuration file

# Vim/etc/squid. conf

......

59 # http_access deny all

60 http_access allow all // allow all users to use

......

66 cache_mem 8 MB

67 minimum_object_size 0 KB // do not cache data smaller than how many KB, 0 is not limited

68 maximum_object_size 4096 KB // do not cache data larger than 4 MB

69 cache_swap_low 90

70 cache_swap_high 95 // The old cache is deleted when the disk usage exceeds 95% until 90%.

71 # Uncomment and adjust the following to add a disk cache directory.

72 cache_dir ufs/var/spool/squid 100 16 256

......

3. Start the service

# Service squid start

# Chkconfig squid on

4. Start the internet server 1.1.1.1web service and create a test webpage.

5. Configure the client and test I

Specify the Proxy Server IP address (192.168.100.254) and port number (3128) in the browser)

Client Access to the Internet URL Server

Http: // 1.1.1.1/Webpage file name. If yes, the test is successful.

2. Change the preceding experiment to a transparent proxy (it must be set up on the client's gateway host)

(The client can directly access the website server on the Internet without specifying the IP address and port number of the proxy server in the browser)

1. Modify the squid service proxy method to transparent proxy

Vim/etc/squid. conf

63 http_port 3128 transparent

Service squid restart

2. configure the firewall rules on the proxy server and forward the requests from the local machine with access destination ports 80 and 443 to the local machine's port 3128.

# Iptables-t nat-a prerouting-s 192.168.100.0/24-I eth0-p tcp -- dport 80-j REDIRECT -- to-port 3128

# Iptables-t nat-a prerouting-s 192.168.100.0/24-I eth0-p tcp -- dport 443-j REDIRECT -- to-port 312

# Service iptables save

3. Add and test the gateway on the client

# Route add default gw 192.168.100.254

The client cancels the proxy settings of the browser.

Directly ask http: // 1.1.1.1/the webpage file name. If the webpage file name can be accessed, the test is successful.

Squid: Click here
Squid: Click here

Configure Squid proxy http and rsync http://www.linuxidc.com/Linux/2013-05/84642.htm

Squid: high-speed Web Access http://www.linuxidc.com/Linux/2013-04/83512.htm

CentOS 6.2 compilation and installation Squid configuration reverse proxy server http://www.linuxidc.com/Linux/2012-11/74529.htm

Simple configuration of Squid proxy and reverse proxy http://www.linuxidc.com/Linux/2014-04/99465.htm

CentOS 6.4 DNS + Squid + Nginx + MySQL to build a high availability Web Server http://www.linuxidc.com/Linux/2014-04/99984.htm

This article permanently updates the link address: Http://www.linuxidc.com/Linux/2014-05/102262.htm