Squid as the application layer of agent services software,squid is mainly used to provide cache acceleration, application layer filtering control functions.
Working mechanism:
When a client requests a Web page through a proxy , the specified vigorously server checks its own cache, and if a page is already in the cache that the client needs, the page content in the cache is directly fed back to the client, and if there are no pages for the client to access in the cache, the proxy server the Internet sends a request, and when the returned Web page is obtained, the Web page data is saved to the cache and sent to the client.
the advantage of theproxy server squid :1,and improve the client's Web access response speed. 2, because the client's Web request is replaced by proxy server, which can hide the user's real IP address, To a certain extent, it plays a security role.
Proxy type:
traditional agents acting on the public Web: manually set the port and address of the proxy server before the proxy can access the network. For Web browsers, domain name resolution requests when visiting a Web site are also sent to the specified proxy server.
transparent proxies acting on the LAN: you do not need to manually set the port and address of the proxy server, and the default route, firewall policy will redirect the Web , the actual still to the proxy server to handle. The redirection process is "Transparent" to the client, and the user does not even know that they are using a proxy server to handle it.
Lab Environment: two Linux6 Systems, one windows7 System.
1,win7 do client IP address 192.168.100.100, Gateway 192.168.100.1.
2 public network web server, eth0 : 10.0.0.10 255.255.255.0 , Gateway 10.0.0.1
3,Linux squid proxy server,eth0:192.168.100.1 , eth1 : 10.0.0.1 .
Step One: when the address is configured, the default routing feature is started on the Squid proxy server.
[Email protected] ~]# vim/etc/sysctl.conf
Net.ipv4.ip_forward = 1
[email protected] ~]# sysctl-p // refresh takes effect
Net.ipv4.ip_forward = 1
Step Two: to access Linux web servers with Win7 clients
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/72/9F/wKioL1XpkFuiH_ilAAJQfU9I1Po187.jpg "title=" Picture 1.png "alt=" wkiol1xpkfuih_ilaajqfu9i1po187.jpg "/>
Step Three: View the log files on the Linux Web service. The address that is accessed is all the client's IP address.
[email protected] ~]# Vim/etc/httpd/logs/access_log // view Web log records
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/72/A3/wKiom1XpjkPwC9mtAAKg0pGmMyA228.jpg "title=" Picture 2.png "alt=" wkiom1xpjkpwc9mtaakg0pgmmya228.jpg "/>
Step Four: Install the squid package in the Squid proxy server , then unzip and install it with yum .
[[email protected] ~] #tar zxvf squid-3.4.6.tar.gz-c/opt // unzip to the /opt directory
[[email protected] ~] #yum-y install gcc gcc-c++ // manual compilation
[[email protected] ~] #cd/opt/squid-3.4.6.tar.gz // Enter this directory
[email protected] squid-3.4.6]#/configure \
--PREFIX=/USR/LOCAL/SQUID \//installation directory
--SYSCONFDIR=/ETC \//Modify the configuration file to a different directory separately
--ENABLE-ARP-ACL \//Can be set in rules directly managed by the client Mac,
Prevent clients from using IP spoofing
--enable-linux-netfilter \//using kernel filtering
--enable-linux-tproxy \//Support transparent mode
--enable-async-io= value \//asynchronous I/O for improved storage performance,
Equivalent to--enable-pthreads
or--enable-storeio=ufs,aufs--with
or-pthreads--with-aufs-thread= value
--enable-err-language= "Simplify_chinese" \//error message display language
--enable-underscore \//allow underline in URL
--enable-poll \//Use poll () mode for improved performance
--enable-gnuregex \//using the GNU regular expression
Compiled and installed
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/72/A3/wKiom1XpjzPRLlJfAADxoGDBBQM665.jpg "title=" Picture 3.png "alt=" Wkiom1xpjzprlljfaadxogdbbqm665.jpg "/>
[[email protected] squid-3.4.6] #make && make install
[[email protected] squid-3.4.6] #ln-S/usr/local/squid/sbin/*/usr/local/sbin/ // Create a soft connection
[[email protected] squid-3.4.6] #useradd-m-s/sbin/nologin squid // Create A dedicated user for squid service
[[email protected] squid-3.4.6] #chown-R squid:squid/usr/local/squid/var/ // Modify the owner and group information of the file
[[email protected] squid-3.4.6] #vi/etc/squid.conf // Edit configuration file
Http_port 3128//squid Proxy service Port
Cache_mem MB// max Cache size
Maximum_object_size 4096 KB// Cache object Size
Visible_hostname root.benet.com// specify local hostname and domain name
Cache_effective_user Squid// designated squid program user
Cache_effective_group Squid// designated squid program group
Cache_dir Ufs/usr/local/squid/var/cache/squid// cache path, remove "#" number on line enable
To start the service view port
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/72/A3/wKiom1XpjnuAM0L-AAB0h5wnyjI222.jpg "title=" Picture 4.png "alt=" wkiom1xpjnuam0l-aab0h5wnyji222.jpg "/>
After you start the agent service:
Manually set up a proxy service for your windows 7 Browser, click Tools on the right side of the browser →internet options → connections → LAN settings, enter linux-2 Local Proxy service IP address, and specify the proxy port.
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/72/A3/wKiom1Xpjp-AoyenAAPNpCHSiXU677.jpg "title=" Picture 6.png "alt=" Wkiom1xpjp-aoyenaapnpchsixu677.jpg "/>
Finally , view the log files on the Linux web Server
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/72/9F/wKioL1XpkLLCDmTtAAIVa7LJX2Y616.jpg "title=" Picture 5.png "alt=" wkiol1xpkllcdmttaaiva7ljx2y616.jpg "/>
This article is from the "NJ Niche" blog, please be sure to keep this source http://9863378.blog.51cto.com/9853378/1691393
Squid Agent Service Simple configuration