Linux Proxy Server-squid forward proxy experiment

1, Agent Server squid Introduction

Squid cache (squid) is a popular free software (GNU General Public License) proxy server and Web cache server. Squid has a wide range of uses, from caching related requests as Web server cache servers to increasing the speed of Web servers, to sharing network resources for a group of people and caching the World Wide Web, domain name systems and other network searches, to help network security by filtering traffic, to LAN through proxy Internet. Squid is primarily designed to operate on Unix-type systems.

Squid can do proxies or cache.

Squid can not only do the forward proxy, but also can do reverse proxy.

Forward agent, squid behind is the client, the client Internet to go through squid; reverse proxy, squid is behind the server, the server returned to the user data need to go squid.

Positive agents used in the enterprise's office environment, employees need to access the Internet through Squid agent to the Internet, which can save network bandwidth resources. And the reverse proxy is used to build the site static items (images, HTML, streaming media, JS, CSS, etc.) cache server, which is used in the site architecture.

2. Experimental objectives

Set up a proxy server on the gateway so that the intranet can access the Web service (i.e. forward proxy) through the proxy server.

3. Experimental topology

4. Experimental steps

(1) Build the intranet test host and gateway as shown in the topology diagram (so that the internal and external network can ping each other)

(Reference: http://www.cnblogs.com/liaoyuanyang/p/6749416.html)

(2) Build Web service on the External network test host (not installed by default), and make the intranet test host and gateway can access

Intranet test Host Access Web:

Gateway to access the Web:

(Reference: http://www.cnblogs.com/liaoyuanyang/p/6750257.html)

(3) Install Squid software on the gateway (not installed by default), and configure

[[email protected] ~]# Yum install squid-y//Installation Squid
[[email protected] ~]# gedit/etc/squid/squid.conf//Enter squid configuration file

Modify the configuration file as follows:

[[Email protected] ~]# Service squid start//start squid services
[[email protected] ~]# squid-z//Initialize cache directory

(4) Gateway configuration firewall

To enable the intranet test host to use a proxy server, you must open port 3128 in the firewall rules of the gateway:

3128 -j ACCEPT

(5) Setting up a proxy server in the browser of the intranet host

Open Firefox Browser--edit--preferences--advanced--network--settings--Manually configure the agent

5. Test results

To access the Web again on the intranet:

Use Wireshark to view message information on the external network test host:

You can find that the source address at this time is the address of the gateway, not the address of the intranet, stating that the proxy server is effective!

Linux Proxy Server-squid forward proxy experiment