Transparent proxy for Linux squid

I. Common ACL list types

ACL definition Instance

ACL LAN1 src 192.168.1.0/24

ACL PC1 src 192.168.1.66/32

ACL Blk_domain dstdomain. qq.com. kaixin001.com

ACL work_hours time MTWHF 08:30-17:30

ACL Max20_conn maxconn 20

ACL Blk_url url_regex-i ^rstp://^mms://

ACL blk_words urlpath_regex-i sex Adult

ACL realfile urlpath_regex-i \.rmvb$ \.rm$

ACL Settings access Control List

Http_access deny LAN1 Blk_url

Http_access deny LAN1 blk_words

Http_access deny PC1 Realfile

Http_access deny PC1 Max20_conn

Http_access Allow LAN1 work_hours

ACL Rule Matching Order

1. When no rules are set, access requests are rejected by all clients

2, there are rules, but the rule is not found, will take the last rule to perform the opposite operation.

More Wonderful content: http://www.bianceng.cnhttp://www.bianceng.cn/Servers/proxy/

II. Basic conditions for the realization of transparent agents

Premise:

1, the client's Web Access data to go through the firewall

2, agent services built in the gateway host

Configuration requirements:

1, Agent service program can support transparent agent

2. Configure Iptables to forward the client's Web request to the Squid proxy port.

Third, the configuration transparent proxy

1, modify the squid.conf configuration file

Http_port 192.168.10.1:3128 Transparent

2. Reload the configuration file

Squid-k Reconfig

3, add iptables rules, the internal HTTP request without changing the data message to redirect to 3128 Port

Iptables-t nat-i prerouting-i eth0-s 192.168.10.0/24-p tcp--dport 80-j REDIRECT--to 3128

This article comes from "phper-every day a little ~" blog, please be sure to keep this source http://janephp.blog.51cto.com/4439680/1304446