Build Squid Proxy Server

Last Update:2014-10-25 Source: Internet

Author: User

Tags squid proxy

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

Experiment topology:

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/4D/13/wKioL1RKOo6AXrJzAAKMWnZ2NlI216.jpg "Title =" three virtual machines, one router as the Internet "alt =" wkiol1rkoo6ax1_zaakmwnz2nli216.jpg "/> requirement: Configure iptables policies to share the Internet with SNAT

Configure the Squid proxy server. Implement cache acceleration for HTTP access

Use Yum-y install squid.1 * first *

Install the Squid proxy server.

Two NICs: eth0 192.168.5.6/24 bridge to VM1

Eth1 202.10.10.5/24 bridge to vm8

GW 202.10.10.1

Web Server is a simple website built by 2003 Server for testing,

IP: 172. 168.10.10/24

GW: 172.1610.1

DNS: 172.1610.10

XP is used as the client PC

IP: 192.168.5.5/24

GW 192.168.5.6

DNS: 172.1610.10

Vim/etc/squid. conf

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M00/4D/12/wKiom1RKPkmBpRNzAAKa_jUxFEA665.jpg "Title =" qq 51124194906.jpg "alt =" wkiom1rkpkmbprnzaaka_juxfea665.jpg "/>

Restart the squid service.

Service squid restart

Netstat-anpt | grep "squid"

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/4D/12/wKiom1RKPxvxqIl5AAB_fonJfxg264.jpg "Title =" qq 51124195925.jpg "alt =" wkiom1rkpxvxqil5aab_fonjfxg264.jpg "/>

Initialize cache directory

Squid-z

Run squid to start the service. No DNS test is performed.

Suqid-d

Edit the squid configuration file

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M00/4D/12/wKiom1RKQGfAO3VJAAHRbZMgpJ8252.jpg "Title =" qq 51124200233.jpg "alt =" wkiom1rkqgfao3vjaahrbzmgpj8252.jpg "/>

Configure the XP Client

Click IE browser. Tool -- interner option -- Link-Internet LAN Settings

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/4D/12/wKiom1RKQPGwOSI0AAG4KxHWMsc061.jpg "Title =" qq 51124200717.jpg "alt =" wkiom1rkqpgwosi0aag4kxhwmsc061.jpg "/>

Iptables-T nat-I prerouting-I eth0-P TCP -- dport 80-J redirect -- to-port 3128

All packets that enter the Intranet from eth0 to port 80 of the TCP protocol are forwarded to port 3128 of the Local Machine for processing.

Iptables-T nat-I postrouting-O eth1-J SNAT -- To 202.10.10.5

When the Intranet accesses the Internet, the IP address is converted to 202.10.10.5.

Then test on PC. .

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M00/4D/12/wKiom1RKQp-zNV_KAAG527RAHno021.jpg "Title =" qq 51124201427.png "alt =" wKiom1RKQp-zNV_KAAG527RAHno021.jpg "/>

You can also view the log tail-1/var/log/squid/access. Log

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/4D/13/wKioL1RKQ6OT7SsIAADzCozyfKw802.jpg "Title =" qq 5112420.28.jpg "alt =" wkiol1rkq6ot7ssiaadzcozyfkw802.jpg "/>

The squid policy disables the host from accessing the Internet through an IP address.

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M00/4D/13/wKioL1RKRLHRKtT2AAIGSwHkyrI075.jpg "Title =" qq 51124201935.jpg "alt =" wkiol1rkrlhrktt2aaigswhkyri075.jpg "/>

After modification, reload the service: servcie squid reload

Then the PC seems to be inaccessible.

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M02/4D/12/wKiom1RKROORs1vVAAK6XbbZ8-o117.jpg "Title =" qq 51124202406.jpg "alt =" wKiom1RKROORs1vVAAK6XbbZ8-o117.jpg "/>

The access request is rejected .... Not be retrieved

Squid policy-prohibit access to the host's IP address and host name.

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/4D/12/wKiom1RKR_aQ6APCAAI9R6Un1EI173.jpg "Title =" Capture. PNG "alt =" wkiom1rkr_aq6apcaai9r6un1ei173.jpg "/>

Save and exit; restart the service

Test again !! --

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M02/4D/13/wKioL1RKSHXS3UgsAAKkgPVmiMc383.jpg "Title =" 2.png" alt = "wkiol1rkshxs3ugsaakkgpvmimc383.jpg"/>

Let's sum up ::

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M00/4D/13/wKioL1RKSxfSgu_kAAI2K8pUvcM477.jpg "Title =" Capture. PNG "alt =" wkiol1rksxfsgu_kaai2k8puvcm477.jpg "/>

Configure squid reverse proxy

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/4D/13/wKioL1RKS8iAV2iRAACxVbgM2UE556.jpg "style =" float: none; "Title =" Capture. PNG "alt =" wkiol1rks8iav2iraacxvbgm2ue556.jpg "/>

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/4D/12/wKiom1RKS3mzI1v1AAElgHsC62A688.jpg "style =" float: none; "Title =" XX. PNG "alt =" wkiom1rks3mzi1v1aaelghsc62a688.jpg "/>

This article is from the "disconnected man in Tianya" blog and will not be reproduced!

Build Squid Proxy Server

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More