This session explains the common types of proxy serversLearn to build a traditional agent, transparent proxy serviceLearn to configure the access control policy for squid.First, squid service baseworking mechanism of the agent When a client requests a Web page through a proxy, the specified
1. Install squid-2.5Groupadd squidUseradd? G squidRpm? Ivh squid-2.5.STABLE3-3.3E.i386.rpmIi. Configure squid. conf:# Set the proxy port of SQUID (with the IP address added, Squid will not listen to external network interfaces)Htt
squid:squid/data/cache/# squid-z2013/06/12 16:25:14| Creating Swap Directories2013/06/12 16:25:14| /data/cache existsOK, after the initialization is complete, squid can be started:#/etc/init.d/squid StartStarting squid:.Test:1. Use IE to test, set proxy IP and port, open We
Squid Reverse proxy)Reverse Proxy also provides cache acceleration, but the service object is reversed.Traditional and transparent proxies mostly provide cache proxies for LAN users to access web sites on the Internet;Reverse Proxy, on the contrary, provides cache acceleration for internet users to access web sites in
Code highlighting produced by Actipro CodeHighlighter (freeware)http://www.CodeHighlighter.com/-->
Download the squid of windwosnt: HTTP://Squid. acmeconsulting. it/Download/Squid-2.6. Stable13-Bin.zip 1. Put squid-2.6. Stable13-Decompress bin.zip and copy the squid folder
(CentOS) iptables + squid transparent proxy + Firewall ultimate configuration-Linux Enterprise Application-Linux server application information, the following is a detailed description. Many people are constantly asking iptables + squid to do transparent proxy. I am afraid to give a unified answer here. If you have any
Many people are constantly asking iptables + squid to do transparent proxy. I am afraid to give a unified answer here. If you have any questions, I hope you will give me some comments. Related Resources: man.chinaunix.net, with iptables man in the lower left corner. many people keep asking
Iptables+ Squid is used as a transparent
Case:Web server: Domain name www.abc.com ip:192.168.21.129 Telecom Single line accessAccess users: Telecommunications broadband users, mobile broadband usersProblems: Telecommunications users open www.abc.com Normal, mobile users open www.abc.com very slow, or even openSolution: Place a CDN proxy server in the mobile computer room, through the intelligent DNS resolution, let the telecommunication user directly access the Web server, let the mobile use
Case:
Web server: domain name www.abc.com IP: 192.168.21.129 China Telecom single line access
Users: Telecom broadband users and mobile broadband users
Problem: telecom users can access www.abc.com normally. Mobile users can access www.abc.com very slowly or even not.
Solution: place a CDN proxy server in the mobile data center. through intelligent DNS resolution, telecom users can directly access the Web server and mobile users can access the CDN
The reverse proxy can be divided into two types in transmission:
1: Synchronous mode (apache-mod_proxy and squid)
2: asynchronous mode (Lighttpd and nginx)
In the nginx documentation, I mentioned the asynchronous transmission mode and mentioned that it can reduce the number of backend connections and pressure. Why?
Next, let's take a look at the differences between synchronous transmission of tradit
Squid proxy string processing Null Pointer Reference Vulnerability
Release date: 2010-09-03Updated on: 2010-09-07
Affected Systems:Squid Web Proxy Cache 3.2Squid Web Proxy Cache 3.1Squid Web Proxy Cache 3.0Unaffected system:Squid Web Pro
The Squid software required to install the proxyYum-y Install SquidSecond, the configuration file location/etc/squid/squid.conf#默认配置文件是可以代理所有私网地址的, add your own if you have additional addressesThird, turn on the cache functionCache_dir UFS/VAR/SPOOL/SQUID 100 16 256#默认改行是被注释掉的, if you need to turn on the cache, remove the comment.Four, open the authentication fun
to use squid after 2 hours, you must re-enter the account and password
Auth_param basic realm This is a Squid porxy-cachingThe auth_param basic realm option defines the domain content displayed when a user logs on, similar to the Apache membership authentication.
Acl auth_user proxy_auth REQUIREDHttp_accel allow auth_userDefine an ACL named auth_user. The ACL type is proxy_auth. Use an external program to
relatively safe and reliable method. Through the establishment of a dedicated WWW (FTP) agent to meet the user's main needs, through the erection of SOCKS5 agents to meet the needs of users.
Second, hardware and software selection
Hardware
Cache server can be a common PC server plus cache software (such as squid, Inktomi) composition, can also be a hardware and software system and a dedicated cache server. According to the actual situation of the
Case:Web server: Domain name www.abc.com ip:192.168.21.129 Telecom Single line accessAccess users: Telecom broadband users, mobile broadband usersProblems: Telecom users open www.abc.com Normal, mobile users open www.abc.com very slow, even can't openSolution: Put a CDN proxy server in the mobile room, through the intelligent DNS resolution, let the telecom users directly access the Web server, let mobile users access the CDN
1. Squid reverse proxy single background Web server
A, if the Web server and the reverse proxy server are two separate machines (the general reverse proxy should have two network cards are connected to the internal and external network respectively). Then, you should modify the following to set up the reverse
SSH is a good solution to this problem. You just need a VPS and you can configure it. Erection is still quite easy.
Install Webmin
Webmin is a free software that visually manages Linux systems. We installed it to facilitate the management of Squid proxy servers or Linux systems. Detailed installation address is as follows:
CentOS Installation Webmin Management system
Install
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.