Shulou(Shulou.com)06/01 Report--

This article mainly introduces "how to configure RHEL5 Squid transparent proxy server". In daily operation, I believe many people have doubts about how to configure RHEL5 Squid transparent proxy server. The editor consulted all kinds of materials and sorted out simple and easy-to-use operation methods. I hope it will be helpful for you to answer the doubts about "how to configure RHEL5 Squid transparent proxy server". Next, please follow the editor to study!

I. Environment and operating platform

Xp-- (eth2) AS5 (eth0)-Internet

192.168.1.0/24 10.0.0.0/8

Linux AS5 + squid-2.6 (RPM)

II. Installation

Install the squid-2.6 rpm package that comes with AS5

III. Configuration

Route add default gw 10.100.100.254 / / 10.100.100.254 connects to the Internet Router address and adds a default gateway.

1. Squid master file: / etc/squid/squid.conf

A, http_port 3128 transparent / / enable transparent mode

B 、 cache_dir ufs / var/spool/squid 1000 16 256

C 、 cache_mem 96M

D 、 visible_hostname localhost

E 、 http_access allow all

The above is the basic configuration

2. Iptales configuration

#! / bin/bash

# ip.sh

Echo'1' > / proc/sys/net/ipv4/ip_forward / / enable ip forward

IPT=/sbin/iptables

# # Clear ip rules#

$IPT-F-t filter

$IPT-X-t filter

$IPT-Z-t filter

$IPT-F-t nat

$IPT-Z-t nat

$IPT-X-t nat

# # Default policy#

$IPT-P FORWARD DROP

$IPT-P INPUT DROP

$IPT-P OUTPUT DROP

# # User rules##

$IPT-t filter-An INPUT-s 127.0.0.1-j ACCEPT

$IPT-t filter-An INPUT-s 10.10.10.254-p tcp-- dport 22-j ACCEPT

$IPT-t filter-An OUTPUT-d 10.10.10.254-p tcp-- sport 22-j ACCEPT

$IPT-t filter-An INPUT-s 192.168.1.0 take 24-p icmp--icmp-type 8-j ACCEPT

$IPT-t filter-An OUTPUT-d 192.168.1.0 take 24-p icmp--icmp-type 0-j ACCEPT

$IPT-t filter-An INPUT-s 192.168.1.0 take 24-j ACCEPT

$IPT-t filter-An INPUT-I eth0-j ACCEPT

$IPT-t filter-An OUTPUT-d 192.168.1.0 take 24-j ACCEPT

$IPT-t filter-An OUTPUT-o eth0-j ACCEPT

$IPT-t filter-A FORWARD-s 192.168.1.0 take 24-I eth2-o eth0-j ACCEPT

$IPT-t filter-A FORWARD-I eth0-o eth2-j ACCEPT

$IPT-A FORWARD-m state-- state ESTABLISHED,RELATED-j ACCEPT

$IPT-t nat-A POSTROUTING-s 192.168.1.0 take 24-o eth0-j SNAT-- to-source 10.10.10.249

$IPT-t nat-A PREROUTING-s 192.168.1.0 take 24-I eth2-p tcp-- dport 80-j REDIRECT-- to-ports 3128

4. Start squid

1. # squid-k parse / / detect squid syntax

2. # squid-z / / initialize squid and establish cache

3 、 # / etc/init.d/squid start

4. # ps-ef | grep squid

V. client configuration

The gateway and DNS are configured on XP, but there is no need to configure the proxy. Internet,ok can be connected through IE.

At this point, the study on "how to configure the RHEL5 Squid transparent proxy server" is over. I hope to be able to solve your doubts. The collocation of theory and practice can better help you learn, go and try it! If you want to continue to learn more related knowledge, please continue to follow the website, the editor will continue to work hard to bring you more practical articles!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.