Instances teach you how to create a proxy server in Linux

Article Title: instances teach you how to create proxy servers in Linux. Linux is a technology channel of the IT lab in China. Some basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source are included. before setting up, let's take a look at the characteristics of proxy servers. Let's understand the proxy server in this way: Assume that computer A requires data from computer B. Computer A first establishes A connection with computer C. After computer C receives data requests from computer, connect to computer B, download the data requested by computer A, and then transmit the data to computer A. Computer C is called A proxy server.

The role of the proxy server can be summarized in three aspects:

1. Some websites with limited IP addresses can be accessed through the proxy server;

Second, it can be used as a firewall;

Third, you can hide your real IP address to improve security.

Next let's take a look at the setup steps.

　　1. Configure LINUX Internet access

Step 1: Click Start-System Tools-network device control, and then click Configure.

Step 2: select the NIC connected to the external ADSL Network, and then click "edit ..

Step 3: Select "Activate device when the computer starts" in the next window, click "static IP number", and enter the nic ip Address "192.168.0.1" in the "Number" box ", the default subnet mask is 255.255.255.0, And the Default Gateway number is null. OK.

　　Ii. Proxy setup process

The focus of this instance is not on LINUX system configuration, but on the configuration process of using third-party proxy server software.

1. Selection of third-party agent server software in LINUX

There are still a lot of options available, such as Apache: with powerful features, high speed and high efficiency, etc,

However, in LINUX, the performance advantage of acting as a proxy server is not obvious and is not recommended. Squid is recommended, and there are many reports on this software. It consists of a main service program squid, a dns query program dnsserver is composed of several management tools. Its obvious feature is that it can reduce the time for the server to wait for DNS query. "Linux + Squid" is the best proxy server combination!

2. Install Squid

In fact, basically all of today's Linux systems have compiled Squids. Just install them directly. If you do not have a compiled Squid, you can download it through FTP: // squid.nlanr.net/pub.

Step 1: Remember that squid does not allow root to execute it by default. You must create a new directory and user for squid: assume that the user directory is set to/usr/local/squid. Then execute the following command to relieve tar.gz:

Tar zxvf squid? Src.tar.gz

Step 2: Go to the squid directory and run ". /configure ", this command should be clear to Linux friends, it will automatically check the system configuration, because there is no parameter, it is installed in this directory by default.

Step 3: After the configuration file is created, enter make to start compiling Squid. Finally, run the make install command to install Squid.

3. Configure Squid

It is worth noting that, if you have no special requirements on the security of the Squid proxy server, you only need to change the location to make the Squid work normally! Find "Squid. conf" in the Squid directory and open it. Further find the "http_access deny all" field, and change "deny" to "allow! (It must be noted that the line without the "#" number is changed)

If you want Squid to work as needed, you have. conf "to make some changes. Here we will briefly describe several parameters that will affect Squid's efficiency in this configuration file:

Cache_mem: Set the physical memory occupied by Squid. Note that it is best not to exceed 1/4 of the physical memory of the Local Machine, otherwise it may affect the performance of the local machine, for example, cache_mem 64 M.

Http_port: used to set the listening port of Squid. The default value is 3128. I personally think this can be changed.

Cache_inclutive_user: Set the user who uses the cache. The default value is nobody, which must be changed. We recommend that you create a new one.

Cache_dir: Set the cache size and location. For example, cache_dir/usr/local/squid/cache 100 32 128, the part before the number 100 indicates the cache location, 100 indicates that the Maximum cache size is 100 MB, and 32 and 128 indicate the number of directories.

After the main parameters are clear and the corresponding changes are made, you can configure them in the following two steps. If the other parameters are kept by default, the simplest configuration required by the operator is completed.

Step 1: assume that the IP address of the local Nic is 192.168.0.1 and the subnet mask is 255.255.255.0. Open squid. conf and enter the following command in a separate line:

Acl local_net src 192.168.0.1/255.255.255.0

Step 2: Define the IP address groups that allow the use of the cache. That is, the "http_access allow local_net" command line mentioned above.

4. Run the test in the browser

Select Edit-Preference-Advanced-Proxies in the Mozilla browser, click Manual Proxy configuration, and then click View to set the IP address of the Squid server (172.21.101.132) as the proxy server address, the default port number is 3128. If you have modified "http_port:" in the "Squid. conf" configuration file in the previous step, enter the modified port number.

To control the running of Squid, click Start-server settings-service to open the service configuration window and click Squid in the middle window; to enable LINUX to automatically start Squid at startup, you only need to check the previous check box. OK. Now you can browse the Web ,.

If you want to check whether Squid is running properly, there are two feasible methods: Command method (squid-k check ); another way is to go to the Squid directory to view Access logs. log to see if all the web pages viewed are saved in this log file.

　　Iii. Conclusion

The above section only describes the most basic content of using Squid to implement proxy. It aims to provide you with an idea of setting up. In fact, Squid has many advanced functions, for example, it can be used as a level-2 proxy or a firewall.

LINUX itself is a complete security system. To make Squid better adapt to it and give full play to the advantages of LINUX + Squid combination, you must thoroughly learn the Squid configuration file, because all advanced functions must be set in the configuration file using the command line. In view of the limited level of the author, you can refer to Squid advanced settings for further settings. However, I still think that you should modify the settings based on your actual situation and do not need to configure all the options. Finally, we would like to remind you that Squid does not support proxy for POP and NNTP protocols.