【笔记】Squid学习笔记

发表于 更新于 阅读次数:

前言

通过Squid实现Linux的HTTP代理服务器

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. It reduces bandwidth and improves response times by caching and reusing frequently-requested web pages. Squid has extensive access controls and makes a great server accelerator. It runs on most available operating systems, including Windows and is licensed under the GNU GPL.(官网

服务端

下载依赖

MacOS

1
brew install squid

Linux

Debian
1
apt install squid
CentOS
1
yum install squid

配置账户(可选)

下载依赖

  • 下载 apache httpd 使用 htpasswd 工具生成密码
Linux
Debian
1
apt install apache2

生成身份认证文件

/etc/squid/passwd:指定生成的身份认证文件

1
htpasswd -c /etc/squid/passwd <username>
1
2
3
New password: 
Re-type new password: 
Adding password for user <username>

备份默认配置文件(可选)

1
cp /etc/squid/squid.conf /etc/squid/squid.conf.default

修改配置文件

无身份校验

  • 只允许指定的IP地址访问

3128:定义服务端监听端口
<ip>:定义允许连接的客户端IP地址

1
2
3
4
5
acl localnet src <ip>/32
acl localnet src <ip>/32
http_access allow localnet

http_port 3128

有身份校验

  • 允许所有IP地址访问,但需要校验身份

/etc/squid/passwd:身份认证文件路径

1
2
3
4
5
6
7
8
9
auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/passwd
auth_param basic realm proxy
auth_param basic children 50
auth_param basic credentialsttl 2 hours
acl authenticated proxy_auth REQUIRED
http_access allow authenticated
http_access deny all

http_port 3128

重启服务

1
systemctl restart squid

客户端

无身份认证

<ip>:服务端IP地址
3128:服务端端口号

1
2
export https_proxy=http://<ip>:3128
export http_proxy=http://<ip>:3128

有身份认证

<username>:用户名
<password>:密码

1
2
export https_proxy=http://<username>@<password>:<ip>:3128
export http_proxy=http://<username>@<password>:<ip>:3128

完成

参考文献

草凡的博客
博客园——SSgeek