Set up a proxy server in LINUX

Article Title: Set up a proxy server in LINUX. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.

　　1. Selection of third-party agent server software in LINUX

There are still a lot of options to choose from, such as Apache: it has powerful features, high speed and high efficiency. However, the performance advantage of acting as a proxy server in LINUX is not obvious and is not recommended; we recommend that you use Squid, which has many reports on this software. It consists of a major service program squid, a DNS query program dnsserver, and several management tools, its obvious feature is to reduce the server waiting for DNS query time. "Linux + Squid" is the best proxy server combination!

　　2. Install Squid

In fact, basically all of today's Linux systems have compiled Squids. Just install them directly. If you do not have a compiled Squid, you can download it through FTP: // squid.nlanr.net/pub.

Step 1: Remember that squid does not allow root to execute it by default. You must create a new directory and user for squid: assume that the user directory is set to/usr/local/squid. Then execute the command to extract tar.gz: Tar zxvf squid? Src.tar.gz

Step 2: Go to the squid directory and run ". /configure ", this command should be clear to Linux friends, it will automatically check the system configuration, because there is no parameter, it is installed in this directory by default.

Step 3: After the configuration file is created, enter make to start compiling Squid. Finally, run the make install command to install Squid.

　　3. Configure Squid

It is worth noting that, if you have no special requirements on the security of the Squid proxy server, you only need to change the location to make the Squid work normally! Find "Squid. conf" in the Squid directory and open it. Further find the "http_access deny all" field, and change "deny" to "allow! (It must be noted that the line without the "#" number is changed)

If you want Squid to work as needed, you have. conf "to make some changes. Here we will briefly describe several parameters that will affect Squid's efficiency in this configuration file:

Cache_mem: Set the physical memory occupied by Squid. Note that it is best not to exceed 1/4 of the physical memory of the Local Machine, otherwise it may affect the performance of the local machine, for example, cache_mem 64 M.

Http_port: used to set the listening port of Squid. The default value is 3128. I personally think this can be changed.

Cache_inclutive_user: Set the user who uses the cache. The default value is nobody, which must be changed. We recommend that you create a new one.

Cache_dir: Set the cache size and location. For example, cache_dir/usr/local/squid/cache 100 32 128, the part before the number 100 indicates the cache location, 100 indicates that the Maximum cache size is 100 MB, and 32 and 128 indicate the number of directories.

After the main parameters are clear and the corresponding changes are made, you can configure them in the following two steps. If the other parameters are kept by default, the simplest configuration required by the operator is completed.

Step 1: assume that the IP address of the local Nic is 192.168.0.1, The subnet mask is 255.255.255.0, and squid is enabled. conf, enter the following command in a separate line: acl local_net src 192.168.0.1/255.255.255.0 Step 2: Define the IP address group that can be cached. That is, the "http_access allow local_net" command line mentioned above.

　4. Run the test in the browser

Select Edit-Preference-Advanced-Proxies in the Mozilla browser, click Manual Proxy configuration, and then click View to set the IP address of the Squid server (172.21.101.132) as the proxy server address, the default port number is 3128. If you have modified "http_port:" in the "Squid. conf" configuration file in the previous step, enter the modified port number. To control the running of Squid, click Start-server settings-service to open the service configuration window and click Squid in the middle window; to enable LINUX to automatically start Squid at startup, you only need to check the previous check box. OK. Now you can perform Web browsing.

If you want to check whether Squid is running properly, there are two feasible methods: Command method (squid-k check ); another way is to go to the Squid directory to view Access logs. log to see if all the web pages viewed are saved in this log file.

　　5. Conclusion

The above section only describes the most basic content of using Squid to implement proxy. It aims to provide you with an idea of setting up. In fact, Squid has many advanced functions, for example, it can be used as a level-2 proxy or a firewall.

LINUX itself is a complete security system. To make Squid better adapt to it and give full play to the advantages of LINUX + Squid combination, you must thoroughly learn the Squid configuration file, because all advanced functions must be set in the configuration file using the command line. In view of the limited level of the author, you can refer to Squid advanced settings for further settings. However, I still think that you should modify the settings based on your actual situation and do not need to configure all the options. Finally, we would like to remind you that Squid does not support proxy for POP and NNTP protocols.