SQUID Legacy Proxy

The characteristic of " 1 "
traditional proxy is that the client must specify the address, port and other information of the proxy server to access network information through related programs (for example: IE browser, QQ chat software).
" 2 "
When configuring SQUID to implement a traditional proxy service, you need to pay attention to adding the http_access_allow all access policy to allow any client to use the proxy service. In addition, in order to limit the downloaded file size, you also need to set the reply_body_max_size item, and other items can be kept by default.
(1) Modify the squid.conf configuration file.
vim /etc/squid.conf
httpport 3128
replybodymaxsize 10 MB //The maximum file size allowed to download (10MB)

httpaccess allow all // Add an allow policy to the firewall before httpaccessdeny all .
iptables -I INPUT -p tcp --dport 3128 -j ACCEPT
service iptables save
(2) Reloading the SQUID service
After modifying the squid.conf configuration file, it needs to be reloaded to take effect. Execute "service squid reload" or "squid -k reconfigure" to reload the service configuration.
service squid reload
client proxy configuration:
In IE browser, select "Tools" > "internet Options" >, the "Internet Options" dialog box pops up, click the "LAN Settings" button in the "Local Area Network (LAN) Settings" option group in the "Connection" tab , the Local Area Network (LAN) Settings dialog box pops up.
Click to select "Automatically detect settings" in the automatic configuration item, click to select "Use a proxy server for LAN (these settings are not used for dial-up or VPN connections)" in the proxy server item, and then enter the IP address and port number of the specified proxy server. .
To use the proxy server (such as elinks web browser, wget download tool) in the command line interface of the LINUX client, the address, port and other information of the proxy server must be specified through environment variables.
vim /etc/profile
HTTPPROXY= http://172.16.16.22:3128 //Specify the proxy for using the HTTP protocol
HTTPSPROXY= http://172.16.16.22:3128 //Specify the proxy for using the HTTPS protocol
FTPPROXY= http://172.16 .16.22:3128 //Specify proxy for using FTP protocol
NOPROXY=192.168.1.,192.168.4. //Do not use proxy for two LAN segments
export HTTPPROXY HTTPSPROXY FTPPROXY NOPROXY
save and exit to terminal and enter:
source /etc/profile
Proxy service verification method:
(1) View the newly added records of the squid access log.
tail /usr/local/squid/var/logs/access.log
(2) View new records of WEB access log.
tail /var/log/httpd/accesslog
When the same WEB page is accessed from the client again, new records will be added to the Squid access log, but the records in the WEB access log will not change (unless the page is changed or a forced refresh is performed, etc. operate). This means that when the client repeatedly visits the same static page, it is actually served by the proxy server through the cache.