Shulou(Shulou.com)06/02 Report--

Description:

When a client requests a web page through a proxy, the designated proxy server will first check its own cache. If there is already a page in the cache that the client needs to access (red 1 2 3 4), the page content in the cache will be fed back to the client directly. If there is no page in the cache that the client needs to access (blue 1 2 3 4), the proxy server sends an access request to the Internet. When the returned web page is obtained, the web page data is saved in the cache and sent to the client. The characteristic of using traditional proxy is that the relevant program of the client must specify the address, port and other basic information of the proxy server. Let's build a traditional proxy server.

.

.

Compressed file package

Link: https://pan.baidu.com/s/1GmD1SCoYeWYFi9W1BG_Z-Q extraction code: kkcn

.

.

The topology diagram is as follows:

.

.

Experimental environment:

.

.

First, compile and install squid

.

1. Mount and extract the compressed package to the server and install the compilation environment

Mkdir / ooo/ # create mount directory mount.cifs / / 192.168.201.1/gx / ooo/ # mount package cd / ooo/tar zxvf squid-3.5.23.tar.gz-C / opt/ # unpack to / opt/yum install gcc gcc-c++ make-y # install and compile environment

.

.

2. Manual compilation and installation

. / configure-- prefix=/usr/local/squid\ # specify installation path-- sysconfdir=/etc\ # configuration file path-- enable-arp-acl\ # mack address-- enable-linux-netfilter\ # Kernel filtering-- enable-linux-tproxy\ # transparent mode-- enable-async-io=100\ # io optimization-- enable-err-language= "Simplify_Chinese"\ Incorrect display-enable-underscore\ # allows underscore keys-enable-poll\ # promote-enable-gnuregex # supports regular expression make & & make install

.

.

3. After installation, create linked files, users, and groups

Ln-s / usr/local/squid/sbin/* / usr/local/sbin/ # put commands into the system recognition path useradd-M-s / sbin/nologin squid # create a user chown-R squid.squid / usr/local/squid/var/ # change directory permissions

.

.

4. Modify squid configuration file, initialize cache directory, start service, and complete installation

Vim / etc/squid.conf# And finally deny all other access to this proxyhttp_access allow all# allows all http_access deny all# Squid normally listens to port 3128http_port 3128cache_effective_user squid # to add specified program user cache_effective_group squid # add specified account basic group squid-z # cache directory initialization squid # start service

.

.

5. Write a startup script

Cd / etc/init.dvim squid squid hammer bingram squid is running else echo config: 2345 90 25PID = "/ usr/local/squid/var/run/squid.pid" CONF= "/ etc/squid.conf" CMD= "/ usr/local/squid/sbin/squid" case "$1" in start) netstat-natp | grep squid & > / dev/null if [$?-eq 0] then echo "squid is running" else echo is starting squid... "$CMD fi" Stop) $CMD-k kill & > / dev/null rm-rf $PID & > / dev/null;; status) [- f $PID] & > / dev/null if [$?-eq 0] then netstat-natp | grep squid else echo "squid is not running" fi Restart) $0 stop & > / dev/null echo "closing squid..." $0 start & > / dev/null echo "starting squid...";; reload) $CMD-k reconfigure;; check) $CMD-k parse;; *) echo "usage: $0 {start | stop | status | reload | check | restart}";; esac

.

.

6. Add permissions, names, check syntax

Chmod + x squid # add execute permission chkconfig-- add squid # add name to make it easy to identify service squid check # check syntax

.

.

Second, set up traditional proxy server

.

1. Configuration of squid server

Vim / etc/squid.conf.http_port 3128cache_mem 64 MB # specifies the amount of memory used by the caching function to maintain frequently accessed WEB objects. The capacity is preferably a multiple of 4, in MB. It is recommended that 1/4reply_body_max_size 10 MB # with physical memory allows users to download the maximum file size in bytes. The default setting of 0 means that maximum_object_size 4096 KB # does not limit the maximum object size allowed to be saved to the cache space. In KB, files exceeding the size limit will not be cached but will be forwarded directly to the user.

.

.

2. Restart the service to clear the firewall

Service squid restart # restart service iptables-F # clear firewall setenforce 0 # turn off enhancements iptables-I INPUT-p tcp-- dport 3128-j ACCEPT # in the input chain, for tcp protocol, destination port 3128, allow forwarding

Traditional agent completion

.

.

Third, testing traditional agents

.

1. Open the test side web page

Systemctl stop firewalld.servicesetenforce 0 # disable firewall yum install httpd-y # install httpsystemctl start httpd # enable service

.

.

2. The Win7 network is set to NAT mode, and the browser is used to access 192.168.201.130

.

.

3. View the access log on the web side

Cd / etc/httpd/logs/vim access_log # View access log

You can see the ip address of the visiting client

.

.

4. Set up proxy access at this time

Open browser-> tools-- > intenet options

.

.

Connect-- > LAN Settings

.

.

Set ip address and port

.

.

At this time, use the browser to visit 192.168.201.130 to view the visit log.

As you can see, accessing ip is the ip address of the proxy server, and the traditional proxy server is tested successfully.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.