zoukankan      html  css  js  c++  java
  • CentOS 7.6 安装 Squid

    yum install -y dos2unix openssl  httpd  squid  vim
    
    # 前期关闭防火墙, 不想关闭防火墙自行配置 Squid 端口
    systemctl stop firewalld.service
    
    touch /etc/squid/passwd
    chmod -R 777 /etc/squid/passwd
    
    # youname  是认证用户, 回车输入输入 账户 密码, 不超过 8 位
    [root@localhost ~]# htpasswd -c /etc/squid/passwd youname  
    New password: 
    Re-type new password: 
    Adding password for user youname
    
    
    /usr/lib64/squid/basic_ncsa_auth /etc/squid/passwd   # 检查认证用户
    youname passwd                           # 用户 及密码 出现 OK 则成功
    

    编辑配置文件

    vim /etc/squid/squid.conf
    
    #
    # Recommended minimum configuration:
    #
    
    # Example rule allowing access from your local networks.
    # Adapt to list your (internal) IP networks from where browsing
    # should be allowed
    acl localnet src 10.0.0.0/8	# RFC1918 possible internal network
    acl localnet src 172.16.0.0/12	# RFC1918 possible internal network
    acl localnet src 192.168.0.0/16	# RFC1918 possible internal network
    acl localnet src fc00::/7       # RFC 4193 local private network range
    acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged) machines
    
    acl SSL_ports port 443
    acl Safe_ports port 80		# http
    acl Safe_ports port 21		# ftp
    acl Safe_ports port 443		# https
    acl Safe_ports port 70		# gopher
    acl Safe_ports port 210		# wais
    acl Safe_ports port 1025-65535	# unregistered ports
    acl Safe_ports port 280		# http-mgmt
    acl Safe_ports port 488		# gss-http
    acl Safe_ports port 591		# filemaker
    acl Safe_ports port 777		# multiling http
    acl CONNECT method CONNECT
    
    #
    # Recommended minimum Access Permission configuration:
    #
    # Deny requests to certain unsafe ports
    http_access deny !Safe_ports
    
    # Deny CONNECT to other than secure SSL ports
    http_access deny CONNECT !SSL_ports
    
    # Only allow cachemgr access from localhost
    http_access allow localhost manager
    http_access deny manager
    
    # We strongly recommend the following be uncommented to protect innocent
    # web applications running on the proxy server who think the only
    # one who can access services on "localhost" is a local user
    #http_access deny to_localhost
    
    #
    # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
    #
    
    # Example rule allowing access from your local networks.
    # Adapt localnet in the ACL section to list your (internal) IP networks
    # from where browsing should be allowed
    http_access allow localnet
    http_access allow localhost
    # 添加认证
    auth_param basic program /usr/lib64/squid/basic_ncsa_auth /etc/squid/passwd
    auth_param basic children 5
    auth_param basic realm Welcome to pycredit's proxy-only web server
    acl squid_user proxy_auth REQUIRED
    acl Safe_ports port 80
    http_access deny !Safe_ports
    http_access allow squid_user
    
    
    
    # And finally deny all other access to this proxy
    http_access deny all
    
    # Squid normally listens to port 3128  配置端口
    http_port 3328
    
    # Uncomment and adjust the following to add a disk cache directory.
    cache_dir ufs /var/spool/squid 100 16 256
    cache_mem 0 MB
    
    # Leave coredumps in the first cache dir
    coredump_dir /var/spool/squid
    
    #
    # Add any of your own refresh_pattern entries above these.
    #
    refresh_pattern ^ftp:		1440	20%	10080
    refresh_pattern ^gopher:	1440	0%	1440
    refresh_pattern -i (/cgi-bin/|\?) 0	0%	0
    refresh_pattern .		0	20%	4320
    # 添加 hostname
    visible_hostname proxy.daoiqi.com
    
    

    使用

    squid -z  					     # 第一次安装需要初始化
    systemctl start  squid         # 启动 squid 
    systemctl status squid         # 查看 squid 运行状态
    systemctl stop   squid         # 停止 squid
    systemctl restart  squid        # 重启 squid
    squid -k parse               # 检查配置文件是否有误
    netstat -lnapt | grep squid      # 查看端口号
    
    # 运行squid,将日志记录到标准错误。这样,你能轻易的定位任何错误或问题,并且确认squid是否成功启动。
    # -N 选项来保持squid在前台运行,
    # -d1 选项在标准错误里显示1级别的调试信息。
    squid -N -d1                  
    
    
    adsl-stop      # 拨号
    adsl-start     # 拨号
    pppoe-start     # 启动拨号
    pppoe-status    # 查看状态
    pppoe-status|grep inet |awk {'print $2'}    # 获取 IP
    curl -x <IP>:<PORT> www.baidu.com           # 测试
    
  • 相关阅读:
    网速测速结果,单位换算
    js实现多个列表分别倒计时功能
    微信小程序使用wxs在页面中调用js函数,颜色值格式转换 rgb和十六进制的转换
    css样式列表宽度自适应布局
    投资轮次说明
    Ajax与JSON共同使用的小实例
    js结构
    关于vue的小实例
    label与input之间的对应
    购物demo
  • 原文地址:https://www.cnblogs.com/zl158218/p/12849975.html
Copyright © 2011-2022 走看看