In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-04-02 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >
Share
Shulou(Shulou.com)06/02 Report--
Http Agent
Some local area network environments need to use agents to surf the Internet, the graphical interface is very good to set up the browser proxy, but the Linux pure command line interface needs to be manually configured.
You need to modify the / etc/profile file if you want global users to use the Shell that is applied to all
1 # vi / etc/profile
Add the following configuration to the file
1 http_proxy=proxy.abc.com:8080 2 https_proxy=$http_proxy
3 ftp_proxy=user:password@proxy.abc.com:8080 4 no_proxy=*.abc.com,10.*,192.168.*.*,*.local,localhost,127.0.0.1 5 export http_proxy https_proxy ftp_proxy no_proxy
Where:
Http_proxy:http protocol uses proxy server address
Https_proxy:https protocol uses secure proxy address
Ftp_proxy:ftp protocol uses proxy server address
User: the user name used by the agent
Password: the password of the user name used by the agent
Proxy.abc.com: proxy address, which can be IP or domain name
8080: Port used
No_proxy: host or IP that does not use proxies.
Save exit, log out and log back into the system will take effect.
This method is only suitable for configuring http proxy, and there are other configuration methods for using socket proxy to surf the Internet.
Common ways for linux programs to configure proxy servers:
[generic proxy server configuration]
For most Linux console programs, such as the apt-get and aptitude commands, git commands, and wget commands in Debian or Ubuntu, these programs use the http_proxy and ftp_proxy environment variables to obtain the configuration of the agent service.
The way to do this is to add something like this to your ~ / .bashrc:
Export http_proxy= http://username:password@proxyserver:port/export ftp_proxy= http://username:password@proxyserver:port/
If your proxy server requires a user name and password to access, you need to fill in the username and passwd sections above, otherwise, omit them.
For example, suppose your proxy server is 192.168.1.1, port is 8080, user name is easwy, and password is 123456, you should set these two environment variables like this:
Export http_proxy= http://easwy:123456@192.168.1.1:8080 export ftp_proxy= http://easwy:123456@192.168.1.1:8080
After this configuration, log out and log in again, or simply use the following command to source .bashrc:
Source / .bashrc
Now, the above programs can access the network through the proxy server.
[proxy server configuration for subversion]
To configure the proxy server for subversion, modify the $HOME/.subversion/servers file by adding the following in the [global] section of the file:
Http-proxy-host = 192.168.1.1http-proxy-port = 8080 http-proxy-username = easwyhttp-proxy-password = 123456
Svn can now use a proxy server to access the version library.
[proxy server configuration for yum]
If you want the yum in CentOS to update the program through the proxy server, you need to modify the file / etc/yum.conf by adding:
Proxy= http://easwy:123456@192.168.1.1:8080
Now you can update your software using yum.
The internal network machine accesses the external network and acts as an agent
Generally speaking, for security reasons, only one machine in the same local area network can access the external network, and the operation and maintenance staff have imposed overall restrictions, but in the later work, some software and commands need to be installed on the machine. so other machines need to access the external network to simplify the work, but can not disrupt the original operation and maintenance settings, so they need to do an agent on the machines that can access the external network.
The first step and the second step are to operate on the machine that can access the external network, and the third step is to operate on the machine that cannot access the external network.
1. Check the machine
During the operation, it is found that the machine accessing the external network itself cannot use yum installation software, so it is necessary to configure the yum installation source. If possible, this step can be ignored.
[html] view plain copy
[root@localhost test] # lsb_release-a
LSB Version:: core-4.0-amd64:core-4.0-ia32:core-4.0-noarch:graphics-4.0-amd64:graphics-4.0-ia32:graphics-4.0-noarch:printing-4.0-amd64:printing-4.0-ia32:printing-4.0-noarch
Distributor ID: RedHatEnterpriseServer
Description: Red Hat Enterprise Linux Server release 5.7 (Tikanga)
Release: 5.7
Codename: Tikanga
[root@localhost test] # cd / etc/yum.repos.d/
[root@localhost test] # wget http://mirrors.163.com/.help/CentOS5-Base-163.repo
The file obtained by the intermediate wget, you need to modify $releasever to 5
[html] view plain copy
# CentOS-Base.repo
#
# The mirror system uses the connecting IP address of the client and the
# update status of each mirror to pick mirrors that are updated to and
# geographically close to the client. You should use this for CentOS updates
# unless you are manually picking other mirrors.
#
# If the mirrorlist= does not work for you, as a fall back you can try the
# remarked out baseurl= line instead.
#
#
[base]
Name=CentOS-5-Base-163.com
Baseurl= http://mirrors.163.com/centos/5/os/$basearch/
# mirrorlist= http://mirrorlist.centos.org/?release=5&arch=$basearch&repo=os
Gpgcheck=1
Gpgkey= http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
# released updates
[updates]
Name=CentOS-5-Updates-163.com
Baseurl= http://mirrors.163.com/centos/5/updates/$basearch/
# mirrorlist= http://mirrorlist.centos.org/?release=5&arch=$basearch&repo=updates
Gpgcheck=1
Gpgkey= http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
# packages used/produced in the build but not released
[addons]
Name=CentOS-5-Addons-163.com
Baseurl= http://mirrors.163.com/centos/5/addons/$basearch/
# mirrorlist= http://mirrorlist.centos.org/?release=5&arch=$basearch&repo=addons
Gpgcheck=1
Gpgkey= http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
# additional packages that may be useful
[extras]
Name=CentOS-5-Extras-163.com
Baseurl= http://mirrors.163.com/centos/5/extras/$basearch/
# mirrorlist= http://mirrorlist.centos.org/?release=5&arch=$basearch&repo=extras
Gpgcheck=1
Gpgkey= http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
# additional packages that extend functionality of existing packages
[centosplus]
Name=CentOS-5-Plus-163.com
Baseurl= http://mirrors.163.com/centos/5/centosplus/$basearch/
# mirrorlist= http://mirrorlist.centos.org/?release=5&arch=$basearch&repo=centosplus
Gpgcheck=1
Enabled=0
Gpgkey= http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
# contrib-packages by Centos Users
[contrib]
Name=CentOS-5-Contrib-163.com
Baseurl= http://mirrors.163.com/centos/5/contrib/$basearch/
# mirrorlist= http://mirrorlist.centos.org/?release=5&arch=$basearch&repo=contrib
Gpgcheck=1
Enabled=0
Gpgkey= http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
Yum clean all clears the original cache
Yum list gets the yum list
If the list data appears as follows, the setting is successful.
[html] view plain copy
Sqlite-devel.i386 3.3.6-7 base
Sqlite-devel.x86_64 3.3.6-7 base
Squashfs-tools.x86_64 3.0-4 base
Squirrelmail.noarch 1.4.8-21.el5.centos base
Srptools.x86_64 0.0.4-10.el5 base
Sssd.x86_64 1.5.1-70.el5 base
Sssd-client.i386 1.5.1-70.el5 base
Sssd-client.x86_64 1.5.1-70.el5 base
Sssd-tools.x86_64 1.5.1-70.el5 base
2. Install squid
Introduction of squid and its simple configuration
The yum command is ready and can be installed directly online.
[html] view plain copy
Yum install squid
After the installation is completed, modify the contents of the squid.conf file under cd / etc/squid/. You can back up the file before you modify it:
[html] view plain copy
Cp squid.conf squid.conf_bak
Then find the http_access deny all in the file and modify it to http_access allow all to indicate that all users can access the agent
Also find http_port 3128 and modify it to http_port 192.168.3.171IP 3128 where the IP and port is the proxy IP and port of squid.
The IP is the IP address that can access the public network machine. If it is local, you do not need to modify the address. Start the squid agent below.
[html] view plain copy
[root@localhost squid] # squid-k parse
[root@localhost squid] #
[root@localhost squid] #
[root@localhost squid] # squid-z
14:43:01 on 2014-07-22 | Creating Swap Directories
[root@localhost squid] #
[root@localhost squid] #
[root@localhost squid] # service squid start
Starting squid: [OK]
[root@localhost squid] #
[root@localhost squid] #
[root@localhost squid] #
[root@localhost squid] # netstat-nltp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
Tcp 0 0 0.0.0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 01. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 15. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0
Tcp 0 0 0.0.0.0 squid 3128 0.0.0.0 squid * LISTEN 22862 /
Tcp 0 0 0.0.0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0
3. Configure machine agents that cannot access the public network
Set up proxy machines to access the external network on other intranet machines that need to access the external network
[html] view plain copy
Export http_proxy= http://192.168.3.171:3128
The effect of export is only limited to this login operation, which is not global. For more information, please refer to: linux environment variable export command
In this way, the intranet machines that can not access the external network can access the external network as agents to facilitate the installation of some software, commands and other operations.
4. Test
Execute "curl www.baidu.com" on the configured private network machine. If the following appears, the network access is successful:
[html] view plain copy
[cosw@platdevsxyd01 ~] $curl www.baidu.com
Baidu, you will know.
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.