欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页

centos7配置squid代理服务器

程序员文章站 2022-05-10 19:07:02
...
  1. 服务器列表:
    角色                内网ip                外网ip
    squid服务器   192.168.8.81     192.168.8.252
    web1服务器   192.168.8.83     -
    web2服务器   192.168.8.84     -
  2. squid服务器配置:
    a. 内网配置:
    cat /etc/sysconfig/network-scripts/ifcfg-eth0
    centos7配置squid代理服务器
    b. 外网配置:
    cat /etc/sysconfig/network-scripts/ifcfg-eth1
    centos7配置squid代理服务器
    c. 安装:
    yum -y install squid
    d. 修改配置文件:
    vim /etc/squid/squid.conf
    centos7配置squid代理服务器
    e. 配置文件原代码:
    acl manager proto cache_object
    acl localnet src 127.0.0.1/32 ::1
    acl localnet src 192.168.8.0/24
    acl localnet src fc00::/7       # RFC 4193 local private network range
    acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged) machines
    acl SSL_ports port 443
    acl Safe_ports port 80      # http
    acl Safe_ports port 21      # ftp
    acl Safe_ports port 443     # https
    acl Safe_ports port 70      # gopher
    acl Safe_ports port 210     # wais
    acl Safe_ports port 1025-65535  # unregistered ports
    acl Safe_ports port 280     # http-mgmt
    acl Safe_ports port 488     # gss-http
    acl Safe_ports port 591     # filemaker
    acl Safe_ports port 777     # multiling http
    acl CONNECT method CONNECT
    http_access allow manager localhost
    http_access deny manager
    http_access deny !Safe_ports
    http_access deny CONNECT !SSL_ports
    http_access allow localnet
    http_access allow localhost
    http_access allow all
    visible_hostname lee.com
    cache_mem 2048 MB 
    maximum_object_size 4096 KB
    cache_dir ufs /var/spool/squid 800 16 256
    error_directory /usr/share/squid/errors/zh-cn
    cache_log /var/log/squid/cache_log
    cache_mgr aaa@qq.com163.com
    http_port 80 accel vhost
    http_port 3128
    cache_peer 192.168.8.83 parent 80 0 no-query originserver round-robin name=server1
    cache_peer 192.168.8.84 parent 80 0 no-query originserver round-robin name=server2
    refresh_pattern ^ftp:       1440    20% 10080
    refresh_pattern ^gopher:    1440    0%  1440
    refresh_pattern -i (/cgi-bin/|\?) 0 0%  0
    refresh_pattern .       0   20% 4320

    f. 配置防火墙规则(开启3128端口):
    iptables -I INPUT -p tcp --dport 3128 -j ACCEPT
    g. 关闭apache:
    systemctl stop httpd

  3. web1服务器配置:
    a. 内网配置:
    cat /etc/sysconfig/network-scripts/ifcfg-eth0
    centos7配置squid代理服务器
    b. 关闭防火墙:
    systemctl stop firewalld
  4. web2服务器配置(参照web1):
  5. 浏览器访问(192.168.8.252):
    a. 页面一:
    centos7配置squid代理服务器
    b. 页面二:
    centos7配置squid代理服务器
本文转自 Lee_吉  博客,原文链接:    http://blog.51cto.com/12173069/2061841    如需转载请自行联系原作者