background
First, there are two servers AB, wherein A presence or absence of the external network, B outside the network. A configuration (network IP172.19.58.202 \ system CentOS7.4), B configuration (network IP172.19.58.201 \ system CentOS7.4). A server is now unable to access the Internet, you need to use a proxy way to get there is by B A visit outside the network outside the network.
The total operation can be divided into two parts: one, two proxy configuration A, the agent is installed on the server B.
A proxy configuration
This step is relatively simple, straightforward configuration environment variable. It can be disposed in the / etc / profile, here employed /etc/profile.d folder configuration environment variable.
#cd到/etc/profile.d/目录下
#新建proxy.sh,命名无所谓
[root@ali2 /] cd /etc/profile.d/
[root@ali2 profile.d] vi proxy.shproxy.sh contents inside:
#IP为要连接的代理服务器B,端口是要代理的端口,如下的意思该服务器要通过172.19.58.201服务器的端口10991的代理来访问外网
export http_proxy=http://172.19.58.201:10991
#如果要设置https代理,应该添加如下配置,暂未尝试过
#export https_proxy=http://172.19.58.201:10991
#设置不代理的IP或者网址,如下配置,这些请求不会被代理,不支持模糊匹配
export no_proxy="127.0.0.1, localhost, 172.19.58.202,172.19.58.201"Then source / etc / priofile, then use the command echo $ http_proxy, if you can print out the instructions related to the successful operation of the proxy information.
[root@ali2 profile.d] echo $http_proxy
http://172.19.58.201:10991Agent is installed on the server B
Method 1: Use squid
#安装squid,这里采用yum的安装方式
[root@ali1 ~] yum install -y squid
#cd到配置文件目录下
[root@ali1 ~] cd /etc/squid/
#备份原始配置文件
[root@ali1 ~] cp squid.conf squid.conf_bak
#修改配置文件
[root@ali1 squid]# vi squid.confsquid.conf configuration file is modified as follows
#将http_access deny all注释修改为http_access allow all
#http_access deny all
http_access allow all
# 修改端口为代理的端口
http_port 10991start up
#检查语法是否错误
[root@ali1 squid] squid -k parse
#初始化缓存空间
[root@ali1 squid] squid -z
[root@ali1 squid] 2018/12/05 13:58:56 kid1| Set Current Directory to /var/spool/squid
2018/12/05 13:58:56 kid1| Creating missing swap directories
2018/12/13:58:56 kid1| No cache_dir stores are configured.
#启动squid
[root@ali1 squid] service squid start
Redirecting to /bin/systemctl start squid.service
#检查端口是否开启成功
[root@ali1 squid]# netstat -an | grep 10991
tcp6 0 0 :::10991 :::* LISTEN
Test, using wget baidu.com or curl www.baidu.com within the test network server can access the Internet
[root@ali2 ~] wget baidu.com
--2018-12-05 14:07:48-- http://baidu.com/
Connecting to 172.19.58.201:10991... connected.
Proxy request sent, awaiting response... 200 OK
Length: 81 [text/html]
Saving to: ‘index.html.1’
100%[=================================================================================================================================>] 81 --.-K/s in 0s
2018-12-05 14:07:48 (20.7 MB/s) - ‘index.html.1’ saved [81/81]
Second way: using nginx
Yet written
Summary of steps
A server
cd /etc/profile.d/
vi proxy.sh
#####################
export http_proxy=http://172.19.58.201:10991
export no_proxy="127.0.0.1, localhost, 172.19.58.202,172.19.58.201"
#####################
source /etc/profileServer B (squid Method)
yum install -y squid
cd /etc/squid/
cp squid.conf squid.conf_bak
vi squid.conf
#########################################
#将http_access deny all注释修改为http_access allow all
#http_access deny all
http_access allow all
# 修改端口为代理的端口
http_port 10991
#############################################
service squid start
结束:开始测试
