SQUID proxy server _ MySQL for user authentication

Source: Internet
Author: User
Tags squid proxy
SQUID proxy server for user authentication


SQUID and MYSQL are installed using the binary installation package released by SUN, which can be found in software_companion_x86 CD; and MYSQL_AUTH can be found by GOOGLE search.

1. install and configure SQUID + MYSQL

1. create Users and Groups
# Groupadd squid
# Useradd-g squid-d/dev/null-s/bin/false squid
# Groupadd mysql
# Useradd-g mysql-s/bin/false mysql

2. install MYSQL

# Mount-F hsfs-o ro/dev/dsk/c1t0d0p0/cdrom
# Cd/cdrom/components/i386/Packages
# Pkgadd-d./-s/var/spool/pkg SFWmysql sfwgcen
# Pkgadd sfwgmn SFWmysql

# Chown-R root/opt/sfw/mysql
# Chgrp-R mysql/opt/sfw/mysql
# Chown-R mysql/opt/sfw/mysql/var
#/Opt/sfw/mysql/bin/mysql_install_db
#/Opt/sfw/mysql/bin/mysqld_safe &

# Cp/opt/sfw/mysql/share/mysql/my-medium.cnf/etc/my. cnf
# Vi/etc/my. cnf
Bind-address = 127.0.0.1


Set the startup script:

# Cp/opt/sfw/mysql/share/mysql. server/etc/init. d/mysql. server
# Ln/etc/init. d/mysql. server/etc/rc3.d/S79mysql
# Ln/etc/init. d/mysql. server/etc/rc0.d/K00mysql
# Ln/etc/init. d/mysql. server/etc/rc1.d/K00mysql
# Ln/etc/init. d/mysql. server/etc/rc2.d/K00mysql
# Ln/etc/init. d/mysql. server/etc/rcS. d/K00mysql
# Chown root: sys/etc/init. d/mysql. server/etc/rc3.d/S79mysql
# Chmod 0744/etc/init. d/mysql. server/etc/rc3.d/S79mysql


Set the ROOT password:
# Mysqladmin-u root password llzqq

3. install SQUID

# Pkgadd-d./-s/var/spool/pkg SFWsquid
# Pkgadd SFWsquid
# Cd/opt/sfw/squid/etc
# Cp squid. conf. default squid. conf
# Cp mime. conf. default mime. conf


4. configure SQUID. CONF

Http_port 192.168.0.1: 3128
Cache_mgr llzqq@nero.3322.org
Error_directory/opt/sfw/squid/share/errors/Simplify_Chinese
Dns_nameservers 202.99.160.68 202.99.168.8
Visible_hostname nero.3322.org
Httpd_accel_uses_host_header on
Httpd_accel_host virtual
Httpd_accel_port 80
Httpd_accel_with_proxy on
Cache_mem 20 MB
Maximum_object_size 4096 KB
Minimum_object_size 0 KB
Maximum_object_size_in_memory 30 KB
Minimum_object_size_in_memory 0 KB
Cache_swap_low 85
Cache_swap_high 90
Cache_dir ufs/opt/sfw/squid/var/cache
Cache_inclutive_user squid
Cache_paitive_group squid

# Http_access allow manager localhost
# Http_access allow localhost
# Http_access deny manager
# Http_access deny! Safe_ports
# Http_access deny CONNECT! SSL_ports
# Http_access deny all
Http_reply_access allow all
Icp_access allow all
Miss_access allow all
--------------------------------------------------------
# Chown-R squid: squid/opt/sfw/squid/var
#/Opt/sfw/squid/sbin/squid-z


5. SQUID startup script

# Vi/etc/rc3.d/S78squid
=====================================S78squid ======================= ====
#! /Sbin/sh
#
# Copyright (c) 2004 by llzqq, Inc
# Llzqq@126.com
# All rights reserved.
#
# Ident '@ (#) squid 1.1 04/05/24 smi'

Case '{GetProperty (Content)}' in
Start)
/Opt/sfw/squid/sbin/squid-s
;;
Stop)
/Opt/sfw/squid/sbin/squid-k shutdown
Pkill squid
;;
*)
Echo 'Usage: {GetProperty (Content)} {start | stop }'
Exit 1
;;
Esac
Exit 0
=====================================S78squid ======================= ====
# Chown root: sys/etc/rc3.d/S78squid
# Chmod 744/etc/rc3.d/S78squid
# Ln-s/etc/rc3.d/S78squid/etc/rc2.d/K78squid


II. install MYSQL_AUTH

# Gzip-d mysql_auth-0.6beta.tar.gz
# Tar vxf mysql_auth-0.6beta.tar
# Cd mysql_auth-0.6beta


The content to be modified in Makefile is as follows:

# Vi Makefile

CFLAGS =-I/opt/sfw/mysql/include-L/opt/sfw/mysql/lib/mysql
INSTALL =/usr/ucb/install
$ (INSTALL)-o root-g sys-m 700 mypasswd/usr/local/bin/mypasswd
$ (INSTALL)-o squid-g squid-MB 755 mysql_auth/usr/bin/mysql_auth
$ (INSTALL)-o squid-g squid-m 600 $ (CONF)/etc/mysql_auth.conf
$ (INSTALL)-o squid-g squid-m 600 $ (CONF)/etc/mysql_auth.conf.default


The content to be modified in src/define. h is as follows:

# Vi + 5 src/define. h
# Define CONFIG_FILE '/etc/mysql_auth.conf'
# Define DEF_MYSQLD_SOCKET '/tmp/mysql. sock'


The following content needs to be modified in src/mysql_auth.conf:

# Vi src/mysql_auth.conf
Mysqld_socket/tmp/mysql. sock
#/Usr/ccs/bin/make
#/Usr/ccs/bin/make install


Create a user database:
# Cd scripts
# Mysql-u root-p ****** <create_script

Test MYSQL_AUTH

1. add a test user
# Mypasswd llzqq 123456
Password record ADDED succesfully.

2. verify the created user
# Mysql_auth
Llzqq: 123456
0 K

3. delete an existing user and use this command.
# Mypasswd-d username

3. add the MYSQL_AUTH authentication section in SQUID. CONF.
# Vi/etc/squid. conf

Add the following code to the end of the "TAG: acl" section in SQUID. CONF.

Auth_param basic program/usr/bin/mysql_auth
Auth_param basic realm LLZQQ's CACHING SERVER
Auth_param basic children 5
Auth_param basic credentialsttl 2 hours
Acl password proxy_auth REQUIRED
Http_access allow password
Authenticate_ip_ttl 2 hours
Http_access deny all


IV. client settings

Fill in the IP address and port of the SQUID server in the proxy server settings of the browser:
IP address 192.168.0.1: 3218

Enter the IP address, port, user, and password of the SQUID server in the configuration of the flash get proxy server:
IP address 192.168.0.1: 3218
User: llzqq
Passwd: 123456

5. Notes

Install GCC before installation. otherwise, MYSQL_AUTH cannot be compiled. In addition, you must set the path in the LD_LIBRARY_PATH variable of the ROOT user before adding the User:/opt/sfw/mysql/lib/mysql.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.