環(huán)境：CentOS 6.5

在吉縣等地區(qū)，都構(gòu)建了全面的區(qū)域性戰(zhàn)略布局，加強(qiáng)發(fā)展的系統(tǒng)性、市場前瞻性、產(chǎn)品創(chuàng)新能力，以專注、極致的服務(wù)理念，為客戶提供成都網(wǎng)站設(shè)計(jì)、網(wǎng)站建設(shè) 網(wǎng)站設(shè)計(jì)制作按需規(guī)劃網(wǎng)站,公司網(wǎng)站建設(shè),企業(yè)網(wǎng)站建設(shè),品牌網(wǎng)站設(shè)計(jì),全網(wǎng)營銷推廣,外貿(mào)網(wǎng)站制作,吉縣網(wǎng)站建設(shè)費(fèi)用合理。

代理主機(jī)ip：192.168.3.224，10.0.0.10

內(nèi)網(wǎng)主機(jī)ip：10.0.0.11

安裝前準(zhǔn)備

1、關(guān)閉selinux

[root@php-proxy ~]# setenforce 0
[root@php-proxy ~]# getenforce
permissive
[root@php-proxy ~]# vim /etc/selinux/config
SELINUX=disabled

2、關(guān)閉防火墻filter表，設(shè)置防火墻端口轉(zhuǎn)發(fā)規(guī)則

[root@php-proxy ~]# iptables -t filter -F
[root@php-proxy ~]# iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

[root@php-proxy ~]# service iptables save

3、修改主機(jī)路由模式

[root@php-proxy ~]# vim /etc/sysctl.conf
net.ipv4.ip_forward = 1

編譯安裝squid

1、安裝squid

http://www.squid-cache.org/Versions/v3/3.2/squid-3.2.3.tar.gz

[root@php-proxy ~]# tar xf squid-3.2.3.tar.gz
[root@php-proxy ~]# cd squid-3.2.3

[root@php-proxy ~]# ./configure --prefix=/usr/local/squid --enable-dlmalloc --enable-gnuregex --disable-carp --enable-async-io=100 --with-aufs-threads=32 --with-pthreads --enable-storeio="ufs,aufs" --enable-removal-policies="heap,lru" --enable-icmp --enable-htcp --enable-delay-pools --enable-useragent-log --enable-referer-log --disable-wccp --disable-wccpv2 --enable-kill-parent-hack --enable-arp-acl --disable-snmp --enable-default-err-language=Simplify_Chinese --enable-err-languages="Simplify_Chinese English" --disable-poll --disable-select --enable-epoll --enable-auth --enable-auth-basic="DB,NCSA,PAM,RADIUS,SASL" --with-aio --disable-ident-lookups --enable-truncate --enable-stacktraces --with-maxfd=65535 --disable-ipv6 --enable-ipf-transparent --enable-linux-netfilter

2、配置squid

[root@php-proxy ~]# mkdir -p /data/squid/{cache,coredump,logs}

[root@php-proxy ~]# /usr/sbin/groupadd squid
[root@php-proxy ~]# /usr/sbin/useradd squid -g squid -s /sbin/nologin

[root@php-proxy ~]# chmod -R 777 /data/squid/{cache,coredump,logs}
[root@php-proxy ~]# chown -R squid.squid /data/squid/{cache,coredump,logs}

3、配置文件內(nèi)容

[root@php-proxy ~]# vim /usr/local/squid/etc/squid.conf
http_port 10.0.0.10:1080
                                           
cache_effective_user squid
cache_effective_group squid
                                           
cache_mem 2048 MB
cache_swap_low 90
cache_swap_high 95
                                           
ipcache_size 1024
ipcache_low 90
ipcache_high 95
                                           
cache_replacement_policy lru
memory_replacement_policy lru
                                           
cache_dir aufs /data/squid/cache 20480 16 256
coredump_dir /data/squid/coredump
                                           
memory_pools_limit 1024 MB
max_open_disk_fds 0
minimum_object_size 0 KB
maximum_object_size 32768 KB
maximum_object_size_in_memory 2048 KB
                                           
access_log /dev/null
cache_access_log none
                                           
cache_log /dev/null
cache_store_log none
                                           
cache_swap_log /data/squid/logs/swap.log
                                           
logfile_rotate 1
pid_filename /usr/local/squid/var/logs/squid.pid
                                           
cache_mgr lovezym5@126.com
strip_query_terms off
visible_hostname ProxySrv
error_directory /usr/local/squid/share/errors/zh-cn
                                           
request_header_max_size 64 KB
request_body_max_size 0 KB
                                           
negative_ttl 5 minutes
read_timeout 1 minutes
client_lifetime 10 minutes
connect_timeout 1 minute
peer_connect_timeout 30 seconds
request_timeout 2 minutes
persistent_request_timeout 1 minute
                                           
client_persistent_connections off
server_persistent_connections on
tcp_recv_bufsize 65535 bytes
half_closed_clients off
httpd_suppress_version_string off
ie_refresh off
allow_underscore on
                                           
refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern -i (/cgi-bin/|\?) 0     0%      0
refresh_pattern .               0       20%     4320
                                           
dns_nameservers DNS服務(wù)器IP
                                           
acl OverConnLimit maxconn 300
http_access deny OverConnLimit
                                           
acl our_network src 192.168.0.0/16
http_access allow our_network
                                           
acl SSL_ports port 443
acl CONNECT method CONNECT
http_access deny CONNECT !SSL_ports
                                           
request_header_access Via deny all
request_header_access X-Forwarded-For deny all

#檢查配置是否正確
[root@php-proxy ~]# /usr/local/squid/sbin/squid -k parse

#初始化cache緩存目錄
[root@php-proxy ~]# /usr/local/squid/sbin/squid -z

4、配置啟動(dòng)腳本

[root@php-proxy ~]# vim /etc/init.d/squid
#!/bin/sh
#
#squid - this script start and stop the squid daemon
#
# chkconfig: - 90 25
# description: squid is a pagecache reverse proxy.
# processname: squid
# pidfile: /usr/local/squid/var/logs/squid.pid
# config: /usr/local/squid/etc/squid.conf
#
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
              
BINFILE="/usr/local/squid/sbin/squid"
CFGFILE="/usr/local/squid/etc/squid.conf"
PIDFILE="/usr/local/squid/var/logs/squid.pid"
LOCKFILE="/var/lock/squid.lock"
CACHEPATH="/data/squid/cache"
OUTFILE="/data/squid/logs/squid.out"
              
SQUID_PIDFILE_TIMEOUT=${SQUID_PIDFILE_TIMEOUT:-20}
SQUID_SHUTDOWN_TIMEOUT=${SQUID_SHUTDOWN_TIMEOUT:-100}
              
[[ -f $BINFILE ]] && SQUID="${BINFILE}"
              
CACHE_SWAP=`sed -e 's/#.*//g' ${CFGFILE} | grep cache_dir | awk '{print $3}'`
[ -z "$CACHE_SWAP" ] && CACHE_SWAP="${CACHEPATH}"
              
RETVAL=0
              
start() {
    if [[ ! -f ${CFGFILE} ]]; then
        echo "The configuration file: ${CFGFILE} has no found!" 1>&2
        exit 6
    fi
                 
    SQUID_OPTS="-s -f ${CFGFILE}"
                 
    [[ -z "$SQUID" ]] && echo "Insufficient privilege" 1>&2 && exit 4
                 
    for adir in $CACHE_SWAP
    do
        if [[ ! -d $adir/00 ]]; then
            echo -n "init_cache_dir $adir"
            $SQUID -z -F -D >> ${OUTFILE} 2>&1
        fi
    done
                 
    echo -n "Starting squid..."
    $SQUID $SQUID_OPTS >> ${OUTFILE} 2>&1
                 
    RETVAL=$?
                 
    if [[ $RETVAL -eq 0 ]]; then
        timeout=0;
                     
        while :
        do
            [[ ! -f ${PIDFILE} ]] || break
            [[ $timeout -ge $SQUID_PIDFILE_TIMEOUT ]] && RETVAL=1 && break
                         
            sleep 1 && echo -n "."
            timeout=$((timeout+1))
        done
    fi
                 
    echo ""
    [[ $RETVAL -eq 0 ]] && touch ${LOCKFILE}
    [[ $RETVAL -eq 0 ]] && echo "start squid is ok!"
    [[ $RETVAL -ne 0 ]] && echo "start squid is failed!"
                 
    return $RETVAL
}
              
stop() {
    SQUID_SHUTDOWN_TIMEOUT=${SQUID_SHUTDOWN_TIMEOUT:-100}
    echo -n "Stopping squid..."
    $SQUID -k check >> ${OUTFILE} 2>&1
                 
    RETVAL=$?
                 
    if [[ $RETVAL -eq 0 ]]; then
        $SQUID -k shutdown &
        rm -f ${LOCKFILE}
                     
        timeout=0
                     
        while :
        do
            [[ -f ${PIDFILE} ]] || break
            [[ $timeout -ge $SQUID_SHUTDOWN_TIMEOUT ]] && echo "" && return 1
                         
            sleep 2 && echo -n "."
            timeout=$((timeout+2))
        done
                     
        echo ""
        echo "Stop squid is ok!"
    else
        echo ""
        echo "Stop squid is failed!"
        [[ ! -e ${LOCKFILE} ]] && RETVAL=0
    fi
                 
    return $RETVAL
}
              
restart() {
    stop
    sleep 1
    start
}
              
case "$1" in
start)
    start
    ;;
                 
stop)
    stop
    ;;
                 
reload)
    SQUID_OPTS=${SQUID_OPTS:-"-D"}
    $SQUID -k reconfigure -f ${CFGFILE}
    ;;
                 
restart)
    restart
    ;;
                 
condrestart)
    [[ -e ${LOCKFILE} ]] && restart || :
    ;;
                 
*)
    echo $"Usage: $0 {start|stop|reload|restart|condrestart}"
    exit 2
esac
              
exit $?

[root@php-proxy ~]# chmod +x /etc/init.d/squid  #添加執(zhí)行權(quán)限
[root@php-proxy ~]# service squid start         #啟動(dòng)服務(wù)

3、配置主機(jī)ip地址

代理主機(jī)內(nèi)網(wǎng)ip

[root@php-proxy ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0:0
DEVICE=eth0:0
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=none
IPADDR=10.0.0.10
NETMASK=255.0.0.0

內(nèi)網(wǎng)主機(jī)ip地址

[root@php ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
HWADDR=52:54:00:B1:B4:99
TYPE=Ethernet
UUID=4dd9081e-2cf6-4f81-bde4-561d3877267e
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=static
IPADDR=10.0.0.11
NETMASK=255.0.0.0
GATEWAY=10.0.0.10
DNS1=8.8.8.8
DNS2=8.8.4.4

內(nèi)網(wǎng)主機(jī)測試可行：

[root@php ~]# curl -I www.qq.com
HTTP/1.1 200 OK
Server: squid/3.4.3
Date: Wed, 13 Jul 2016 06:01:36 GMT
Content-Type: text/html; charset=GB2312
Connection: keep-alive
Vary: Accept-Encoding
Vary: Accept-Encoding
Expires: Wed, 13 Jul 2016 06:02:36 GMT
Cache-Control: max-age=60
Vary: Accept-Encoding
Access-Control-Allow-Origin: http://bz.qq.com
X-Cache: HIT from nanjing.qq.com

另外有需要云服務(wù)器可以了解下創(chuàng)新互聯(lián)scvps.cn，海內(nèi)外云服務(wù)器15元起步，三天無理由+7*72小時(shí)售后在線，公司持有idc許可證，提供“云服務(wù)器、裸金屬服務(wù)器、高防服務(wù)器、香港服務(wù)器、美國服務(wù)器、虛擬主機(jī)、免備案服務(wù)器”等云主機(jī)租用服務(wù)以及企業(yè)上云的綜合解決方案，具有“安全穩(wěn)定、簡單易用、服務(wù)可用性高、性價(jià)比高”等特點(diǎn)與優(yōu)勢，專為企業(yè)上云打造定制，能夠滿足用戶豐富、多元化的應(yīng)用場景需求。

網(wǎng)站欄目：配置squid，實(shí)現(xiàn)正向代理-創(chuàng)新互聯(lián)
網(wǎng)站地址：http://jinyejixie.com/article44/dhcdee.html

成都網(wǎng)站建設(shè)公司_創(chuàng)新互聯(lián)，為您提供網(wǎng)站建設(shè)、企業(yè)建站、網(wǎng)頁設(shè)計(jì)公司、域名注冊、品牌網(wǎng)站建設(shè)、虛擬主機(jī)

廣告

聲明：本網(wǎng)站發(fā)布的內(nèi)容（圖片、視頻和文字）以用戶投稿、用戶轉(zhuǎn)載內(nèi)容為主，如果涉及侵權(quán)請盡快告知，我們將會在第一時(shí)間刪除。文章觀點(diǎn)不代表本網(wǎng)站立場，如需處理請聯(lián)系客服。電話：028-86922220；郵箱：631063699@qq.com。內(nèi)容未經(jīng)允許不得轉(zhuǎn)載，或轉(zhuǎn)載時(shí)需注明來源： 創(chuàng)新互聯(lián)