squid常规代理实现内网的共享上网
来源:互联网 发布:淘宝毛衣外套 编辑:程序博客网 时间:2024/04/30 18:17
一、Squid的简单介绍
通过squid代理服务器实现内网用户共享上网,配置squid的缓存和基本的访问控制加速和限制web服务的访问。
1、 客户端向代理服务器squid提出访问internet的请求
2、代理服务器接受请求后,首先与访问控制列表中的访问规则相对照,如果满足规则,那就在缓存中查找是否存在需要的信息,若缓存中有所需要的信息,则直接返还给客户端,如果不存在,代理服务器就会代替客户端向互联网发出访问请求。
3、互联网上的主机会将代理服务器请求的信息回馈给代理服务器,同时,代理服务器会将获得的数据存在自己的缓存中,然后再将互联网回应的信息传给客户端。
4、其他客户端向代理服务器squid提出访问internet的相同请求时,代理服务器首先与访问控制列表中的访问规则相对照,如果满足规则,则将缓存中的数据传给客户端
简单的用个逻辑图介绍一下
(1)如果缓存中有客户端请求的数据则走1234路线;
(2)如果缓存中没有请求的数据则走125634路线。
三、Squid的编译安装
[root@server softs]# tar xf squid-3.1.14.tar.gz -C /usr/src/
[root@server softs]# cd /usr/src/squid-3.1.14/
squid相关目录和文件
[root@server squid-3.1.14]# cp /usr/local/squid/etc/squid.conf.d
ocumented /usr/local/squid/etc/squid.conf
cp: overwrite `/usr/local/squid/etc/squid.conf'? y
[root@server squid-3.1.14]# ln -s /usr/local/squid/sbin/squid /sbin/squid
[root@server squid-3.1.14]# ln -s /usr/local/squid/etc/squid.conf /etc/squid.conf
[root@server etc]# chmod -R o+w /usr/local/squid/var/logs/
[root@server etc]# chmod -R o+w /usr/local/squid/var/cache/
[root@server etc]# squid -z
2014/02/10 16:11:01| Creating Swap Directories
2014/02/10 16:11:01| /usr/local/squid/var/cache exists
2014/02/10 16:11:01| Making directories in /usr/local/squid/var/cache/00
2014/02/10 16:11:01| Making directories in /usr/local/squid/var/cache/01
2014/02/10 16:11:01| Making directories in /usr/local/squid/var/cache/02
2014/02/10 16:11:01| Making directories in /usr/local/squid/var/cache/03
2014/02/10 16:11:01| Making directories in /usr/local/squid/var/cache/04
2014/02/10 16:11:02| Making directories in /usr/local/squid/var/cache/05
2014/02/10 16:11:02| Making directories in /usr/local/squid/var/cache/06
2014/02/10 16:11:02| Making directories in /usr/local/squid/var/cache/07
2014/02/10 16:11:02| Making directories in /usr/local/squid/var/cache/08
2014/02/10 16:11:02| Making directories in /usr/local/squid/var/cache/09
2014/02/10 16:11:02| Making directories in /usr/local/squid/var/cache/0A
2014/02/10 16:11:02| Making directories in /usr/local/squid/var/cache/0B
2014/02/10 16:11:02| Making directories in /usr/local/squid/var/cache/0C
2014/02/10 16:11:02| Making directories in /usr/local/squid/var/cache/0D
2014/02/10 16:11:02| Making directories in /usr/local/squid/var/cache/0E
2014/02/10 16:11:02| Making directories in /usr/local/squid/var/cache/0F
[root@server etc]#
[root@server etc]# squid -k parse
2014/02/10 16:12:05| Processing Configuration File: /usr/local/squid/etc/squid.conf (depth 0)
2014/02/10 16:12:05| Processing: acl mynet src 192.168.0.0/24
2014/02/10 16:12:05| Processing: http_access allow mynet
2014/02/10 16:12:05| Processing: http_port 3128
2014/02/10 16:12:05| Processing: cache_mem 256 MB
2014/02/10 16:12:05| Processing: acl manager proto cache_object
2014/02/10 16:12:05| Processing: acl localhost src 127.0.0.1/32 ::1
2014/02/10 16:12:05| Processing: acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
2014/02/10 16:12:05| Processing: acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
2014/02/10 16:12:05| Processing: acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
2014/02/10 16:12:05| Processing: acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
2014/02/10 16:12:05| Processing: acl localnet src fc00::/7 # RFC 4193 local private network range
2014/02/10 16:12:05| aclIpParseIpData: IPv6 has not been enabled.
2014/02/10 16:12:05| Processing: acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines
2014/02/10 16:12:05| aclIpParseIpData: IPv6 has not been enabled.
2014/02/10 16:12:05| Processing: acl SSL_ports port 443
2014/02/10 16:12:05| Processing: acl Safe_ports port 80 # http
2014/02/10 16:12:05| Processing: acl Safe_ports port 21 # ftp
2014/02/10 16:12:05| Processing: acl Safe_ports port 443 # https
2014/02/10 16:12:05| Processing: acl Safe_ports port 70 # gopher
2014/02/10 16:12:05| Processing: acl Safe_ports port 210 # wais
2014/02/10 16:12:05| Processing: acl Safe_ports port 1025-65535 # unregistered ports
2014/02/10 16:12:05| Processing: acl Safe_ports port 280 # http-mgmt
2014/02/10 16:12:05| Processing: acl Safe_ports port 488 # gss-http
2014/02/10 16:12:05| Processing: acl Safe_ports port 591 # filemaker
2014/02/10 16:12:05| Processing: acl Safe_ports port 777 # multiling http
2014/02/10 16:12:05| Processing: acl CONNECT method CONNECT
2014/02/10 16:12:05| Processing: http_access allow manager localhost
2014/02/10 16:12:05| Processing: http_access deny manager
2014/02/10 16:12:05| Processing: http_access deny !Safe_ports
2014/02/10 16:12:05| Processing: http_access deny CONNECT !SSL_ports
2014/02/10 16:12:05| Processing: http_access allow localnet
2014/02/10 16:12:05| Processing: http_access allow localhost
2014/02/10 16:12:05| Processing: http_access deny all
2014/02/10 16:12:05| Processing: http_port 3128
2014/02/10 16:12:05| Processing: hierarchy_stoplist cgi-bin ?
2014/02/10 16:12:05| Processing: cache_dir ufs /usr/local/squid/var/cache 512 16 256
2014/02/10 16:12:05| Processing: minimum_object_size 0 KB
2014/02/10 16:12:05| Processing: maximum_object_size 4096 KB
2014/02/10 16:12:05| Processing: coredump_dir /usr/local/squid/var/cache
2014/02/10 16:12:05| Processing: refresh_pattern ^ftp: 1440 20% 10080
2014/02/10 16:12:05| Processing: refresh_pattern ^gopher: 1440 0% 1440
2014/02/10 16:12:05| Processing: refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
2014/02/10 16:12:05| Processing: refresh_pattern . 0 20% 4320
2014/02/10 16:12:05| Initializing https proxy context
[root@server etc]#
[root@server etc]# squid -s
[root@server etc]# netstat -ntlp | grep squid
tcp 0 0 0.0.0.0:3128 0.0.0.0:* LISTEN 17584/(squid)
[root@server etc]# squid -k shutdown
[root@server etc]# squid -k reconfigure
[root@server etc]# squid -s
[root@server etc]# netstat -tnlp | grep squid
tcp 0 0 192.168.1.110:3128 0.0.0.0:* LISTEN 17584/(squid)
客户端的设置
客户端需要配置内网的地址
客户端不需要配置dns和网关
可断浏览器需要配置代理服务器的网关和端口
浏览器访问baidu
查看一下日志
- squid常规代理实现内网的共享上网
- 用Squid实现代理上网及计费
- 用Squid实现代理上网及计费
- 用Squid实现代理上网及计费
- squid(正向代理,共享上网)安装维护简单过程
- Linux 上网代理 Squid 的使用
- squid--代理上网
- squid 代理上网
- 通过iptables实现端口转发和内网共享上网
- iptables+NAT+squid 透明代理上网实现方案
- iptables+NAT+squid 透明代理上网实现方案
- 利用squid实现反向代理(同时具备内网代理)
- squid内网代理简易装载
- 用squid做代理上网
- squid实现反向代理的原理
- squid实现反向代理的原理
- Squid 反向代理的实现原理
- 内网服务器通过代理上网
- 直面"另类服务"方式,思考你的创业模式
- 判断链表是否有环的思路,以及验证其正确性
- 商界必读九本营销书
- Gridbaglayout的使用方法jframe--登录完整版(三)
- IPC之信号量
- squid常规代理实现内网的共享上网
- UVa 591 一盒砖
- servelet 2.4 +eclipse3.6+struts2.3.16:Can not find the tag library descriptor for "/struts- tags"
- gridbaglayout不显示是因为panel没有添加具体的button/label
- 职业发展上的一些心得
- Ubuntu下使用crontab
- jquery prop
- 教程:深入理解Flash的沙箱 – Application Domains
- 关于Android Studio和Intellij