centos7配置squid代理服务器
程序员文章站
2022-05-10 19:07:02
...
- 服务器列表:
角色 内网ip 外网ip squid服务器 192.168.8.81 192.168.8.252 web1服务器 192.168.8.83 - web2服务器 192.168.8.84 -
- squid服务器配置:
a. 内网配置:
cat /etc/sysconfig/network-scripts/ifcfg-eth0
b. 外网配置:
cat /etc/sysconfig/network-scripts/ifcfg-eth1
c. 安装:
yum -y install squid
d. 修改配置文件:
vim /etc/squid/squid.conf
e. 配置文件原代码:acl manager proto cache_object acl localnet src 127.0.0.1/32 ::1 acl localnet src 192.168.8.0/24 acl localnet src fc00::/7 # RFC 4193 local private network range acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localnet http_access allow localhost http_access allow all visible_hostname lee.com cache_mem 2048 MB maximum_object_size 4096 KB cache_dir ufs /var/spool/squid 800 16 256 error_directory /usr/share/squid/errors/zh-cn cache_log /var/log/squid/cache_log cache_mgr aaa@qq.com163.com http_port 80 accel vhost http_port 3128 cache_peer 192.168.8.83 parent 80 0 no-query originserver round-robin name=server1 cache_peer 192.168.8.84 parent 80 0 no-query originserver round-robin name=server2 refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern . 0 20% 4320
f. 配置防火墙规则(开启3128端口):
iptables -I INPUT -p tcp --dport 3128 -j ACCEPT
g. 关闭apache:
systemctl stop httpd - web1服务器配置:
a. 内网配置:
cat /etc/sysconfig/network-scripts/ifcfg-eth0
b. 关闭防火墙:
systemctl stop firewalld - web2服务器配置(参照web1):
- 浏览器访问(192.168.8.252):
a. 页面一:
b. 页面二:
本文转自 Lee_吉 博客,原文链接: http://blog.51cto.com/12173069/2061841 如需转载请自行联系原作者