1. The choice of third party proxy server software under Linux
Can choose in fact still quite a few, for example Apache: Has the formidable function, the high speed and the high-efficiency and so on characteristic, but under the Linux proxy server's performance superiority is not obvious, does not suggest the use, the recommendation uses squid, regarding this software related report also many, it by a main service program squid , a DNS query program DNSServer and several management tools, its more obvious feature is to reduce the server waiting for DNS query time, "Linux+squid" is the best proxy server combination!
2. Install Squid
In fact, today's Linux basically have been compiled squid, directly installed it can. If you don't have a compiled squid on hand, you can go to FTP://squid.nlanr.net/pub to download it.
The first step: Remember squid by default does not allow root to execute it, you must create a new directory for squid and users: we assume that the user directory is set to/usr/local/squid. Then perform the following command to decompress tar.gz:
Tar ZXVF squid–src.tar.gz
Step Two: Enter squid directory, run "./configure", this command familiar with Linux friends should be clear, it will automatically check the system configuration, because there is no parameter, so the default installation in this directory.
Step three: After setting up the configuration file, you can enter make to start compiling squid, and finally use the made install command for squid installation.
3. Configure Squid
Here it is necessary to explain, if you have no special requirements for the safety of Squid Proxy server, it only needs to change a place to let squid work! In Squid directory to find "squid.conf" and open, further find "http_access deny all" this field, as long as the "deny" to "allow" on all ok! (Be sure to change the line that has no "#" in front of it)
And if you want squid to work as you wish, you have to make some changes to "squid.conf," Here's a brief description of several parameters that will affect squid's productivity in this profile:
Cache_mem: Set the physical memory consumed by squid. Note that the setting is best not to exceed 1/4 of the physical memory of the machine, otherwise it may affect the performance of the machine, such as: Cache_mem 64M.
Http_port: A listening port for setting squid. The default value is 3128, and the individual thinks it can be changed.
Cache_effective_user: Sets the user who uses the cache. The default is nobody, generally have to make amends, suggest to re-establish one.
Cache_dir: Sets the size and location of the cache. For example: Cache_dir/usr/local/squid/cache 100 32 128, the number 100 indicates the cache location, and 100 indicates that the cache maximum does not exceed 100m,32 and 128 for the directory number.
After you clear these key parameter items and make the corresponding changes, generally the following two-step configuration, the other items remain the default is to complete the most simple configuration of their own requirements.
The first step: we assume that the local network card IP address is 192.168.0.1, the subnet mask is 255.255.255.0, open squid.conf, a single line to enter the following command:
ACL local_net src 192.168.0.1/255.255.255.0
Step two: Define the groups of IP addresses that allow caching to be used. The "http_access allow local_net" command line mentioned earlier.
4. Run tests in a browser
In the browser Mozilla in turn select "Edit-preference-advanced-proxies", and then select "Manual Proxy Configuration" After the point "View", The SQUID server's IP address (172.21.101.132) can be used as the proxy server address, and the default port number is 3128. If you have modified the "Http_port:" In the previous step "squid.conf" configuration file, please fill in the port number you have modified. In addition, to control the operation of Squid, you can click "Start-Server Settings-Services", open the "Service Configuration" window, in the middle of the window to select "Squid" can be, and if you want to allow Linux to start automatically when the squid, as long as the check box to select the front of the line. OK, now it should be ready for web browsing.
If you want to check whether squid is in the normal running state, there are two ways to do it: first, the command mode (squid-k check); Another way is to go into the Squid directory to view access log file Access.log to see if the browsed pages are saved in this log file.
5. Erection Summary
The above introduction is only the use of squid to achieve the most basic content of the agent, designed to provide you with a set of ideas, in fact, squid also has a lot of advanced features, such as the use of two-level agents, as a firewall and so on.
Linux itself is a set of perfect security system, but to let squid better adapt to it, play out the advantages of linux+squid combination, but also in-depth to learn squid profile, because all the advanced features in the configuration file in the command line to set the way. In view of the author's limited level, you can refer to the Squid Advanced settings related reports to further set. However, I still think that should be based on their own actual situation changes, do not need to configure all the options. Finally, squid does not support the agent for pop and NNTP two protocols.