SQUID proxy server for user authentication
SQUID and MYSQL are installed using the binary installation package released by SUN, which can be found in software_companion_x86 CD; and MYSQL_AUTH can be found by GOOGLE search.
1. install and configure SQUID + MYSQL
1. create Users and Groups
# Groupadd squid
# Useradd-g squid-d/dev/null-s/bin/false squid
# Groupadd mysql
# Useradd-g mysql-s/bin/false mysql
2. install MYSQL
# Mount-F hsfs-o ro/dev/dsk/c1t0d0p0/cdrom
# Cd/cdrom/components/i386/Packages
# Pkgadd-d./-s/var/spool/pkg SFWmysql sfwgcen
# Pkgadd sfwgmn SFWmysql
# Chown-R root/opt/sfw/mysql
# Chgrp-R mysql/opt/sfw/mysql
# Chown-R mysql/opt/sfw/mysql/var
#/Opt/sfw/mysql/bin/mysql_install_db
#/Opt/sfw/mysql/bin/mysqld_safe &
# Cp/opt/sfw/mysql/share/mysql/my-medium.cnf/etc/my. cnf
# Vi/etc/my. cnf
Bind-address = 127.0.0.1
Set the startup script:
# Cp/opt/sfw/mysql/share/mysql. server/etc/init. d/mysql. server
# Ln/etc/init. d/mysql. server/etc/rc3.d/S79mysql
# Ln/etc/init. d/mysql. server/etc/rc0.d/K00mysql
# Ln/etc/init. d/mysql. server/etc/rc1.d/K00mysql
# Ln/etc/init. d/mysql. server/etc/rc2.d/K00mysql
# Ln/etc/init. d/mysql. server/etc/rcS. d/K00mysql
# Chown root: sys/etc/init. d/mysql. server/etc/rc3.d/S79mysql
# Chmod 0744/etc/init. d/mysql. server/etc/rc3.d/S79mysql
Set the ROOT password:
# Mysqladmin-u root password llzqq
3. install SQUID
# Pkgadd-d./-s/var/spool/pkg SFWsquid
# Pkgadd SFWsquid
# Cd/opt/sfw/squid/etc
# Cp squid. conf. default squid. conf
# Cp mime. conf. default mime. conf
4. configure SQUID. CONF
Http_port 192.168.0.1: 3128
Cache_mgr llzqq@nero.3322.org
Error_directory/opt/sfw/squid/share/errors/Simplify_Chinese
Dns_nameservers 202.99.160.68 202.99.168.8
Visible_hostname nero.3322.org
Httpd_accel_uses_host_header on
Httpd_accel_host virtual
Httpd_accel_port 80
Httpd_accel_with_proxy on
Cache_mem 20 MB
Maximum_object_size 4096 KB
Minimum_object_size 0 KB
Maximum_object_size_in_memory 30 KB
Minimum_object_size_in_memory 0 KB
Cache_swap_low 85
Cache_swap_high 90
Cache_dir ufs/opt/sfw/squid/var/cache
Cache_inclutive_user squid
Cache_paitive_group squid
# Http_access allow manager localhost
# Http_access allow localhost
# Http_access deny manager
# Http_access deny! Safe_ports
# Http_access deny CONNECT! SSL_ports
# Http_access deny all
Http_reply_access allow all
Icp_access allow all
Miss_access allow all
--------------------------------------------------------
# Chown-R squid: squid/opt/sfw/squid/var
#/Opt/sfw/squid/sbin/squid-z
5. SQUID startup script
# Vi/etc/rc3.d/S78squid
=====================================S78squid ======================= ====
#! /Sbin/sh
#
# Copyright (c) 2004 by llzqq, Inc
# Llzqq@126.com
# All rights reserved.
#
# Ident '@ (#) squid 1.1 04/05/24 smi'
Case '{GetProperty (Content)}' in
Start)
/Opt/sfw/squid/sbin/squid-s
;;
Stop)
/Opt/sfw/squid/sbin/squid-k shutdown
Pkill squid
;;
*)
Echo 'Usage: {GetProperty (Content)} {start | stop }'
Exit 1
;;
Esac
Exit 0
=====================================S78squid ======================= ====
# Chown root: sys/etc/rc3.d/S78squid
# Chmod 744/etc/rc3.d/S78squid
# Ln-s/etc/rc3.d/S78squid/etc/rc2.d/K78squid
II. install MYSQL_AUTH
# Gzip-d mysql_auth-0.6beta.tar.gz
# Tar vxf mysql_auth-0.6beta.tar
# Cd mysql_auth-0.6beta
The content to be modified in Makefile is as follows:
# Vi Makefile
CFLAGS =-I/opt/sfw/mysql/include-L/opt/sfw/mysql/lib/mysql
INSTALL =/usr/ucb/install
$ (INSTALL)-o root-g sys-m 700 mypasswd/usr/local/bin/mypasswd
$ (INSTALL)-o squid-g squid-MB 755 mysql_auth/usr/bin/mysql_auth
$ (INSTALL)-o squid-g squid-m 600 $ (CONF)/etc/mysql_auth.conf
$ (INSTALL)-o squid-g squid-m 600 $ (CONF)/etc/mysql_auth.conf.default
The content to be modified in src/define. h is as follows:
# Vi + 5 src/define. h
# Define CONFIG_FILE '/etc/mysql_auth.conf'
# Define DEF_MYSQLD_SOCKET '/tmp/mysql. sock'
The following content needs to be modified in src/mysql_auth.conf:
# Vi src/mysql_auth.conf
Mysqld_socket/tmp/mysql. sock
#/Usr/ccs/bin/make
#/Usr/ccs/bin/make install
Create a user database:
# Cd scripts
# Mysql-u root-p ****** <create_script
Test MYSQL_AUTH
1. add a test user
# Mypasswd llzqq 123456
Password record ADDED succesfully.
2. verify the created user
# Mysql_auth
Llzqq: 123456
0 K
3. delete an existing user and use this command.
# Mypasswd-d username
3. add the MYSQL_AUTH authentication section in SQUID. CONF.
# Vi/etc/squid. conf
Add the following code to the end of the "TAG: acl" section in SQUID. CONF.
Auth_param basic program/usr/bin/mysql_auth
Auth_param basic realm LLZQQ's CACHING SERVER
Auth_param basic children 5
Auth_param basic credentialsttl 2 hours
Acl password proxy_auth REQUIRED
Http_access allow password
Authenticate_ip_ttl 2 hours
Http_access deny all
IV. client settings
Fill in the IP address and port of the SQUID server in the proxy server settings of the browser:
IP address 192.168.0.1: 3218
Enter the IP address, port, user, and password of the SQUID server in the configuration of the flash get proxy server:
IP address 192.168.0.1: 3218
User: llzqq
Passwd: 123456
5. Notes
Install GCC before installation. otherwise, MYSQL_AUTH cannot be compiled. In addition, you must set the path in the LD_LIBRARY_PATH variable of the ROOT user before adding the User:/opt/sfw/mysql/lib/mysql.