Home > Developer > CentOS

Installation and configuration of SQUID Proxy server under CentOS 6.7

Source: Internet
Author: User
Tags rfc squid proxy
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

GFW blocked the HTTP/SOCKS5 agent, HTTP Proxy is the keyword filtering, SOCKS5 agent is the blockade protocol. However, some special low-end ports do not have such treatment, known to have 21, 25.

20 port has been blocked, 21 ports will now be limited speed 400Kbps, after conversion of about 50KB/S, we recommend the use of 25 ports, unlimited speed.

First, the system environment

Operating system: CentOS release 6.7 (Final)

Squid version: squid-3.1.10-20.el6_5.3.x86_64

Selinux=disabled

HTTP service:stoped

Second, the installation of Squid service

2.1 Check if squid software is installed

# rpm-qa| grep Squid

2.2 If it is not installed, install it using the Yum method

Yum Install Squid

2.3 Setting up boot from

# chkconfig squid on  // Auto-run squid service

2.4 Configure Squid, modify or add red parts

# # Recommended Minimum configuration: #acl manager proto cache_objectacl localhost src127.0.0.1/ +::1ACL to_localhost DST127.0.0.0/8 0.0.0.0/ +::1# Example rule allowing access from your local networks.# Adapt to list your (internal) IP networks from where Browsin g# should be allowedacl localnet src10.0.0.0/8# RFC1918 Possible internal networkacl localnet src172.16.0.0/ A# RFC1918 Possible internal networkacl localnet src192.168.0.0/ -# RFC1918 Possible internal networkacl localnet src fc00::/7# RFC4193Local private network Rangeacl localnet src FE80::/Ten# RFC4291link-local (directly plugged) Machinesacl Ssl_ports Port443ACL safe_ports Port the# Httpacl Safe_ports Port +#FTPACL safe_ports Port443# Httpsacl Safe_ports Port -# Gopheracl Safe_ports Port About# Waisacl Safe_ports Port1025-65535# unregistered Portsacl safe_ports Port280# http-Mgmtacl safe_ports Port488# gss-Httpacl safe_ports Port591# Filemakeracl Safe_ports Port777# multiling Httpacl CONNECT method connect## Recommended minimum Access Permission configuration:## only allow Cachemgr access from localhosthttp_access Allow manager Localhosthttp_access deny manager# deny requests to certain UNSAF E portshttp_access deny!safe_ports# deny connect to other than secure SSL portshttp_access Deny connect!ssl_ports# We strongly recommend the following is uncommented to protect innocent# Web applications running on the pro XY ServerW.H.O.think the only# oneW.H.O.can access services on"localhost"Is a local user#http_access deny to_localhost## INSERT YOUR OWN RULE (S) This is the access from YOUR clients## Exam PLE rule allowing access from your local networks.# Adapt localnetinchThe ACL section to list your (internal) IP networks# from where browsing should is allowedhttp_access allow localnethttp_a ccess allow localhost# and finally deny all other access to this proxy
#http_access deny allhttp_accessallow all # Squid normally listens to port3128Http_port 191.101.9.188:25 Transparent# Uncomment and adjust the following to add a disk cache directory. Cache_dir ufs /var/spool/squid# Leave CoredumpsinchThe first cachedirCoredump_dir/var/spool/squid# Add Any of your own Refresh_pattern entries above These.refresh_pattern^FTP:1440     -%10080Refresh_pattern^gopher:1440    0%1440Refresh_pattern-I. (/cgi-bin/|\?)0    0%0Refresh_pattern. 0     -%4320strip_query_terms offvisible_hostname 191.101.9.188cache_mgr [email protected]cache_store_log nonecache_access_ Log nonecache_mem mbcache_swap_low 90cache_swap_high 95maximum_object_size 128 Mbmaximum_object_size_in_memory Mbdns_nameservers 8.8.8.8 8.8.4.4client_lifetime 1 minuteshalf_closed_clients offfqdncache_size 65535ipcache_size 65535ipcache_low 90ipcache_high

Third, configure the firewall

Open 25 ports

 -J accept# Service Iptables Save

or edit Vi/etc/sysconfig/iptables

# completed on Thu A  -: -: the  .# Generated by Iptables-save v1.4.7On Thu A  -: -: the  .*filter:input ACCEPT [0:0]:forward ACCEPT [0:0]:output ACCEPT [ About:9756]-A input-p tcp-m state--state new-m TCP--dport A-J ACCEPT-A input-p tcp-m State--state new-m TCP--dport- J ACCEPT commit# completed on Thu A  -: -: the  .

Restart Service iptables Restart

Ps:

Http://bbs.itzmx.com/thread-8815-1-1.html

Http://www.cnblogs.com/mchina/p/3812190.html

http://blog.163.com/na_llong/blog/static/1135416092013714104354316/

Installation and configuration of SQUID Proxy server under CentOS 6.7

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
linux server installation and configuration web server installation and configuration squid web proxy server squid proxy server filemaker server installation and configuration guide computer installation and configuration installation and configuration
Related Article
Play Openresty 1.13.6.1 resty-cli module on CentOS 6.9 x86_64
Install build Essentials on CentOS 7 and Ubuntu 14.03
Linux CentOS Centos7 installs oci8 and PDO_OCI extensions
Setting up a PPPoE server on Linux (CentOS)
Installing a Ceph storage cluster under CentOS 7
CENTOS 6.10 Installation VirtualBox virtualization Platform

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More