1. Use Squid to deploy the proxy cache service
yum install squid
1. Forward proxy
Standard forward proxy: vim /etc/squid/squid.conf
http_port 10000 #The original port 3128 is changed to 10000,
semanage port -a -t squid_port_t -p tcp 10000
semanage port -l | grep squid_port_t
ACL access control: vim /etc/squid/squid.conf
acl client src 192.168.10.20 #Only allow clients with IP 192.168.10.20 to use the proxy service provided by the squid service program on the server, and prohibit all other host proxy requests
http_access allow client
http_access deny all
acl deny_keyword url_regex -i linux #Prohibit all clients from accessing websites that contain linux keywords in the URL
http_access deny deny_keyword
acl deny_url url regex http://www.abc.com #Forbid all clients to access a specific website
http_access deny deny_url
acl badfile urlpath_regex -i \.rar$ \.avi$ # prohibit downloading files ending in .rar and .avi
http_access deny badfile
Transparent forward proxy
Reverse proxy: Generally, the reverse proxy function is forbidden on websites, and CDN can be used to avoid this behavior.
vim /etc/squid/squid.conf
http_port bridge network card IP address: 80 vhost
cache_peer Website origin server IP address parent 80 0 originserver