Shulou(Shulou.com)06/03 Report--

One, ACL access control 1 Modify the configuration file on the squid server [root@squid ~] # vim / etc/squid.conf # # modify the configuration file # should be allowedacl hostlocal src 192.168.10.10 Deny requests to certain unsafe portshttp_access deny hostlocal 32 # Control hostlocal10.10 # Deny requests to certain unsafe portshttp_access deny hostlocal # # deny access to [root@squid ~] # service squid reload # # commonly used ACL list type for restarting squid service: src source address dst → destination address port → directory Address dstdomain → destination domain time → access time maxconn → maximum concurrent connection url_regex → destination URL address Urlpath_regex → entire destination URL path 2 Sarg Log 1 Install sargon [root @ squid ~] # mount.cifs / / 192.168.100.100/LNMP-C7 / mnt/ # # Mount Password for root@//192.168.100.3/LNMP-C7: [root@squid ~] # cd / mnt/ [root@squid mnt] # tar zxvf sarg-2.3.7.tar.gz-C / opt/ # # decompress [root@squid mnt] # cd / opt/sarg-2.3.7/ [root@squid sarg-2.3.7] # yum install gd gd-devel-y # # install the gd library [root@squid sarg-2.3.7] #. / configure-- prefix=/usr/local/sarg\ # # installation path >-- sysconfdir=/etc/sarg\ # configuration file >-- enable-extraprotection # # enable security protection [root@squid sarg-2.3.7] # make & & make install # # compile and install 2 Modify sarg configuration file [root@squid sarg-2.3.7] # vim / etc/sarg/sarg.conf # # modify sarg configuration file # # turn on access_log / usr/local/squid/var/logs/access.log # # specify access log file title "Squid User Access Reports" # # Page title output_dir / var/www/html/squid-reports # # report output directory user_ip no # # using user name to display exclude_hosts / usr/local/sarg/noreport # # the number of connections in the sorting of the site list file topuser_sort_field connect reverse # # top Access bytes, sort in descending order Ascending order is normaloverwrite_report no # # whether the log of the same name overrides mail_utility mailq.postfix # # send email report Command charset UTF-8 # # use the character set weekdays 0-6 # # top ranking time period hours 0-23 # # top ranking time period www_document_root / var/www/html # # Web page root directory [root@squid ~] # sarg # # generate report SARG: recorded in file: 91 Reading: 100.00%SARG: successful generation report in / var/www/html/squid-reports/2019Dec11-2019Dec12 [root@squid sarg-2.3.7] # cd / var/www/html/squid-reports/ # # switch to html directory [root@squid squid-reports] # ls2019Dec11-2019Dec12 images index.html [root@squid squid-reports] # yum install httpd-y # # install httpd service [root@squid squid-reports] # systemctl start httpd.service # # enable service [root@squid squid-reports] # systemctl stop firewalld.service # # disable firewall [root@squid squid-reports] # setenforce 03 Use the test machine to visit the web page to view the visit record

Periodically scheduled task execution generates daily reports crontabsarg-1 / usr/local/squid/var/logs/access.log-o / var/www/html/squid-reports/-z-d $(date-d "1 day ago" +% d/%m/%Y)-$(date +% d/%m/%Y) 3, squid reverse agent 1 Edit a web page content on the web1 server [root@web ~] # cd / var/www/html/ [root@web html] # vim index.html # # Edit the web page content this is web012 Edit a web page content on the web2 server [root@web2 ~] # systemctl stop firewalld.service # # turn off the firewall [root@web2 ~] # setenforce 0 [root@web2 ~] # yum install httpd-y # # install the httpd service [root@web2] # cd / var/www/html/ # # create web content [root@web2 html] # vim index.htmlthis is web02 [root@web2 html] # systemctl start httpd.service 3 Configure reverse proxy [root@localhost squid] # vim / etc/squid.conf# Squid normally listens to port 3128http_port 192.168.13.184 accel vhost vport # # on squid service to monitor native port 80 cache_peer 192.168.13.151 parent 800 no-query originserver round-robin max_conn=30 weight=1 name=web1## node server 1 maximum access 30, weight 1 Alias web1cache_peer 192.168.13.185 parent 800 no-query originserver round-robin max_conn=30 weight=1 name=web1cache_peer_domain web1 web2 www.yun.com # # access yun.com match web1,web2 node [root@localhost squid] # service squid restart # # restart squid service 4, configure the resolution domain address under the admin user of the test machine, and set up the proxy

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.