1.squid works agency
When a client wants to access 163 sites, the first request to the proxy server web page, the proxy server will first check their cache, if the cache there, then sent directly to the client, if the cache table does not exist, he would send a request to the inter Meanwhile, after obtaining return web pages to send data to the client is stored in the cache table for next time use
2. Depending on the implementation, Acting roughly divided into two types:
Traditional agent:
there must first be a proxy client, the browser may need to manually specify the IP address of the proxy server
transparent proxy:
it is the use of Linux gateway proxy services, and therefore only need to set the gateway, you do not need to specify a proxy server IP
3. Compile parameters to use
./configure --prefix=/usr/local/squid //指定squid服务安装的目录
--sysconfdir=/etc/ //单独将配置文件存放到其他目录
--enable-arp-acl //可以在规则中设置直接通过客户端mac进行管理,防止客户端使用IP欺骗
--enable-linux-netfilter //使用内核过滤
--enable-linux-tproxy //支持透明模式
--enable-async-io=100 //异步I/O,提升存储性能
--enable-err-language="Simplify_Chinese" //错误信息显示的语言
--enable-underscore --enable-poll //使用poll()模式,提升性能
--enable-undersource //允许URL中有下划线
--enable-gnuregex //使用GNU正则表达式
4. Start Configuration
Deployment environment
centos_1 | 192.168.81.137 squid server |
---|---|
centos7_2 | 192.168.81.137 squid server |
win_7 | 192.168.81.136 client |
Configuring source yum
wget -O /etc/yum.repos.d/centos.repo https://mirrors.aliyun.com/repo/Centos-7.repo
sed -i ‘s/$releasever/7/g’ /etc/yum.repos.d/centos.repo
yum clean all
2. Install development tools
yum -y install gcc-c++
3. Compile install squid
here we are using 3.4.6
tar xvf squid-3.4.6.tar.gz
4. compile and install squid
./configure --prefix=/usr/local/squid --sysconfdir=/etc --enable-arp-acl --enable-linux-netfilter --enable-async-io=100 --enable-linux-tproxy --enable-err-language="Simplify_Chinese" --enable-underscore --enable-poll --enable-gnuregex && make && make install
The optimal path
ln -s /usr/local/squid/sbin/* /usr/local/sbin/
useradd -M -s /sbin/nologin squid
chown -R squid.squid /usr/local/squid/var/
6. The modified configuration file, add the following columns
whether the detected profile normal 7.
Squid -k the parse
8. The start Squid
Squid
restart Squid
Squid -k reconfig
9. Configuration iptables
iptables -t nat -I PREROUTING -s 192.168.81.0/24 -p tcp --dport 80 -j REDIRECT --to-ports 3128
iptables -t nat -I PREROUTING -s 192.168.81.0/24 -p tcp --dport 443 -j REDIRECT --to-ports 3128
10. Deploy web page
yum -y install httpd
echo "squid代理服务器" > /var/www/html/index.html
11. The client specifies the proxy server address
right-click the Network -> Properties -> internet options -> Connections -> LAN Settings