Shulou(Shulou.com)06/02 Report--

Overview of caching how Web agents work

Cache web objects to reduce duplicate requests

Basic types of proxy traditional proxy: for Internet, you need to specify a server transparent proxy: the client does not need to specify the address and port of the proxy server But through the default route, Firewall policy redirects Web access to proxy server to deal with the benefits of using proxy server to improve Web access speed hide the real IP address of client traditional proxy experimental environment squid server IP address: 192.168.80.179web server IP address: 192.168.80.151client test machine IP address: 192.168.80.135 install squid service on squid server [root@squid] # mkdir / Abc [root@squid ~] # mount.cifs / / 192.168.80.2/LNMP-C7 / abc/ Mount [root@squid ~] # cd / abc/ [root@squid abc] # tar zxvf squid-3.4.6.tar.gz-C / opt/ / extract [root@squid abc] # yum install gcc gcc-c++ make-y / / install the environment component [root@squid abc] # cd / opt/squid-3 .4.6 [root@squid squid-3.4.6] #. / configure\-- prefix=/usr/local/squid\ / specify the installation path-- sysconfdir=/etc\ / / configuration file directory-- enable-arp-acl\ / / support acl access control list-- enable -linux-netfilter\ / / support network filtering-- enable-linux-tproxy\ / / support transparency-- enable-async-io=100\ / / IO optimization-- enable-err-language= "Simplify_Chinese"\ / / error display simplified Chinese-- enable-underscore\-- enable-poll \-- enable-gnuregex / / support regular expression [root@squid squid-3.4.6] # make & & make install / / compile and install [root@squid squid-3.4.6] # ln-s / usr/local/squid/sbin/* / usr/local/sbin/ copy commands make it easy for the system to recognize [root@squid squid-3.4.6] # useradd- M-s / sbin/nologin squid/ / create system user [root@squid squid-3.4.6] # chown-R squid.squid / usr/local/squid/var/ modify the squid service configuration file for all files in the directory to belong to the master group permission Configuration optimization startup mode [root@squid squid-3.4.6] # vim / etc/squid.conf / / enter and modify squid configuration file # And finally deny all other access to this proxyhttp_access allow all / / add this # http_access deny all / / comment Allow terminal access to # Squid normally listens to port 3128http_port 3128cache_effective_user squid / / specified user squidcache_effective_group squid / / specified group [root@squid squid-3.4.6] # squid- k parse / / check configuration file syntax [root@squid squid-3.4.6] # squid- z / / initialize cache directory [root@squid squid -3.4.6] # squid / / enable the service [root@squid squid-3.4.6] # netstat-ntap | grep 3128 / / View squid port [root@squid squid-3.4.6] # cd / etc/init.d/ [root@squid init.d] # vim squid / / Edit the script file for service to start squid service #! / bin/bash#chkconfig: 2345 90 25PID = "/ usr/local/squid/var/run/squid.pid" / / PID file process number file path CONF= "/ etc/squid.conf" / / main configuration file path CMD= "/ usr/local/squid/sbin/squid" / / service startup command path case "$1" instart) Netstat-ntap | grep squid & > / dev/null if [$?-eq 0] then echo "squid is running" else echo "starting squid...." $CMD fi ; stop) $CMD-k kill & > / dev/null / / close the squid service rm-rf $PID & > / dev/null / / delete the PID file Status) [- f $PID] & > / dev/null if [$?-eq 0] then netstat-ntap | grep squid else echo "squid is not running" Fi ; restart) $0 stop & > / dev/null echo "shutting down squid..." $0 start & > / dev/null echo "starting squid...";; reload) $CMD-k reconfigure / / reload configuration file Check) $CMD-k parse / / check syntax; *) echo "usage: $0 {start | stop | reload | status | check | restart}" Esac [root@squid init.d] # chmod + x squid / / give executive permission [root@squid init.d] # chkconfig-- add squid / / add to service management [root@squid init.d] # chkconfig-- level 35 squid on / / Settings Boot Settings Legacy Agent configuration [root@squid init.d] # vim / etc/squid.conf / / modify Main configuration file # Squid normally listens to port 3128http_port 3128cache_mem 64 MB / / memory size reply_body_max_size 10 MB / / maximum file size allowed to download maximum_object_size 4096 KB / / maximum object size allowed to save cache space [root@squid init.d] # service squid restart [root@squid init.d] # iptables-L / / View table contents [root@squid init.d] # iptables-F / / clear the table cache [root@squid init.d] # setenforce 0 [root@squid init.d] # iptables-I INPUT-p tcp-- dport 3128-j ACCEPT / / allow port 3128 [root@squid init.d] # service squid reload / / repeat Install the apache service on the web server [root@web ~] # systemctl stop firewalld.service / / close the firewall [root@web ~] # setenforce 0 [root@web ~] # yum install httpd-y / / install the apache service [root@web ~] # systemctl start httpd.service / / access the web web page using client

View the access log file in the web server log file [root@web ~] # cd / etc/httpd/logs/ View the log file [root@web logs] # vim access_log / / this is the modified client browser proxy setting accessed by the 135address

Once again, go back to the web server log file to view the access log file [root@web] # cd / etc/httpd/logs/ View the log file [root@web logs] # vim access_log / / at this time it is a transparent proxy experimental environment for proxy server access. Quid server IP address: ens33:192.168.80.184 Ens36:192.168.10.1 (host mode only) web server IP address: 192.168.80.151clientIP address: 192.168.10.10 (host mode only) add a network card to the squid server And configure the IP address

[root@squid ~] # cd / etc/sysconfig/network-scripts/ [root@squid network-scripts] # cp-p ifcfg-ens33 ifcfg-ens36 [root@squid network-scripts] # vim ifcfg-ens36 / / modify ens36IP information delete uuid modify 33 to set static IPADDR=192.168.10.1NETMASK=255.255.255.0 [root@squid] to 36BOOTPROTO=static / / Network-scripts] # service network restart / / restart the network service [root@squid network-scripts] # vim / etc/sysctl.conf / / enable route forwarding net.ipv4.ip_forward= 1 [root @ squid network-scripts] # sysctl-p / / load the specified static route on the web server [root@web ~] # route add-net 192.168.10.0 and 24 gw 192 .168.80.184 # # add static route set transparent proxy root@squid network-scripts on squid server] # vim / etc/squid.conf / / set configuration file http_port 192.168.10.1 http_port 3128 transparent / / set transparent proxy cache_effective_user squidcache_effective_group squid [root@squid network-scripts] # service squid stop / / turn it on Squid service [root@squid network-scripts] # service squid start [root@squid network-scripts] # iptables-F / / clear the table cache [root@squid network-scripts] # iptables-t nat-F [root@squid network-scripts] # iptables-t nat-I PREROUTING-I ens36-s 192.168.10.0 nat 24-p tcp-- dport 80-j REDIRECT-- to 3128 / / define rule entry ens36 Redirect port 80 to 3128 [root@squid network-scripts] # iptables-t nat-I PREROUTING-I ens36-s 192.168.10.0 REDIRECT 24-p tcp-- dport 443-j REDIRECT-- to 3128 / / https443 port [root@squid network-scripts] # iptables-I INPUT-p tcp-- dport 3128-j ACCEPT / / allow port 3128 to access client client test

[root@web ~] # cd / var/log/httpd/ [root@web httpd] # vim access_log # # View the access log information, and the access address is changed to 184to access the web service

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.