Squid Agent Service Simple configuration

Squid as the application layer of agent services software,squid is mainly used to provide cache acceleration, application layer filtering control functions.

Working mechanism:

When a client requests a Web page through a proxy , the specified vigorously server checks its own cache, and if a page is already in the cache that the client needs, the page content in the cache is directly fed back to the client, and if there are no pages for the client to access in the cache, the proxy server the Internet sends a request, and when the returned Web page is obtained, the Web page data is saved to the cache and sent to the client.

the advantage of theproxy server squid :1,and improve the client's Web access response speed. 2, because the client's Web request is replaced by proxy server, which can hide the user's real IP address, To a certain extent, it plays a security role.

Proxy type:

traditional agents acting on the public Web: manually set the port and address of the proxy server before the proxy can access the network. For Web browsers, domain name resolution requests when visiting a Web site are also sent to the specified proxy server.

transparent proxies acting on the LAN: you do not need to manually set the port and address of the proxy server, and the default route, firewall policy will redirect the Web , the actual still to the proxy server to handle. The redirection process is "Transparent" to the client, and the user does not even know that they are using a proxy server to handle it.

Lab Environment: two Linux6 Systems, one windows7 System.

1,win7 do client IP address 192.168.100.100, Gateway 192.168.100.1.

2 public network web server, eth0 : 10.0.0.10 255.255.255.0 , Gateway 10.0.0.1

3,Linux squid proxy server,eth0:192.168.100.1 , eth1 : 10.0.0.1 .

Step One: when the address is configured, the default routing feature is started on the Squid proxy server.

[Email protected] ~]# vim/etc/sysctl.conf

Net.ipv4.ip_forward = 1

[email protected] ~]# sysctl-p // refresh takes effect

Net.ipv4.ip_forward = 1

Step Two: to access Linux web servers with Win7 clients

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/72/9F/wKioL1XpkFuiH_ilAAJQfU9I1Po187.jpg "title=" Picture 1.png "alt=" wkiol1xpkfuih_ilaajqfu9i1po187.jpg "/>

Step Three: View the log files on the Linux Web service. The address that is accessed is all the client's IP address.

[email protected] ~]# Vim/etc/httpd/logs/access_log // view Web log records

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/72/A3/wKiom1XpjkPwC9mtAAKg0pGmMyA228.jpg "title=" Picture 2.png "alt=" wkiom1xpjkpwc9mtaakg0pgmmya228.jpg "/>

Step Four: Install the squid package in the Squid proxy server , then unzip and install it with yum .

[[email protected] ~] #tar zxvf squid-3.4.6.tar.gz-c/opt // unzip to the /opt directory  

[[email protected] ~] #yum-y install gcc gcc-c++ // manual compilation

[[email protected] ~] #cd/opt/squid-3.4.6.tar.gz // Enter this directory

[email protected] squid-3.4.6]#/configure \

--PREFIX=/USR/LOCAL/SQUID \//installation directory

--SYSCONFDIR=/ETC \//Modify the configuration file to a different directory separately

--ENABLE-ARP-ACL \//Can be set in rules directly managed by the client Mac,

Prevent clients from using IP spoofing

--enable-linux-netfilter \//using kernel filtering

--enable-linux-tproxy \//Support transparent mode

--enable-async-io= value \//asynchronous I/O for improved storage performance,

Equivalent to--enable-pthreads

or--enable-storeio=ufs,aufs--with

or-pthreads--with-aufs-thread= value

--enable-err-language= "Simplify_chinese" \//error message display language

--enable-underscore \//allow underline in URL

--enable-poll \//Use poll () mode for improved performance

--enable-gnuregex \//using the GNU regular expression

Compiled and installed

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/72/A3/wKiom1XpjzPRLlJfAADxoGDBBQM665.jpg "title=" Picture 3.png "alt=" Wkiom1xpjzprlljfaadxogdbbqm665.jpg "/>

[[email protected] squid-3.4.6] #make && make install

[[email protected] squid-3.4.6] #ln-S/usr/local/squid/sbin/*/usr/local/sbin/ // Create a soft connection

[[email protected] squid-3.4.6] #useradd-m-s/sbin/nologin squid // Create A dedicated user for squid service

[[email protected] squid-3.4.6] #chown-R squid:squid/usr/local/squid/var/ // Modify the owner and group information of the file

[[email protected] squid-3.4.6] #vi/etc/squid.conf // Edit configuration file

Http_port 3128//squid Proxy service Port

Cache_mem MB// max Cache size

Maximum_object_size 4096 KB// Cache object Size

Visible_hostname root.benet.com// specify local hostname and domain name

Cache_effective_user Squid// designated squid program user

Cache_effective_group Squid// designated squid program group

Cache_dir Ufs/usr/local/squid/var/cache/squid// cache path, remove "#" number on line enable

To start the service view port

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/72/A3/wKiom1XpjnuAM0L-AAB0h5wnyjI222.jpg "title=" Picture 4.png "alt=" wkiom1xpjnuam0l-aab0h5wnyji222.jpg "/>

After you start the agent service:

Manually set up a proxy service for your windows 7 Browser, click Tools on the right side of the browser →internet options → connections → LAN settings, enter linux-2 Local Proxy service IP address, and specify the proxy port.

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/72/A3/wKiom1Xpjp-AoyenAAPNpCHSiXU677.jpg "title=" Picture 6.png "alt=" Wkiom1xpjp-aoyenaapnpchsixu677.jpg "/>

Finally , view the log files on the Linux web Server

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/72/9F/wKioL1XpkLLCDmTtAAIVa7LJX2Y616.jpg "title=" Picture 5.png "alt=" wkiol1xpkllcdmttaaiva7ljx2y616.jpg "/>

This article is from the "NJ Niche" blog, please be sure to keep this source http://9863378.blog.51cto.com/9853378/1691393

Squid Agent Service Simple configuration