Shulou(Shulou.com)06/02 Report--

Installation and deployment of squid proxy server for Linux

1. Case topology diagram

System centos6.5 software sarg-2.3.7.tar.gz squid-3.4.6.tar.gz

2. Case requirements

(1) if you need to configure the network in the figure above, you need to configure a default gateway for the internal linux and no default gateway for the external linux. Route forwarding is enabled on the squid server.

(2) install squid on the squid server, make relevant configuration, start the squid service, and check the port.

(3) to build a traditional proxy server, which requires that the internal linux server can use the traditional proxy to access the external web server. The maximum number of files allowed to be downloaded by the internal client is no more than 10MB. The file with the maximum cache is 4MB. The internal client verifies the file download.

Vim / etc/squid.conf

Verify:

Notice the firewall iptables, configured to: service iptables stop. If there is no configuration, the error is as follows:

Download verification: 200.0.0.10 Universe a 200.0.0.10 Universe b

(4) modify the main configuration file of squid to build a transparent proxy server, combined with the redirection strategy of iptables. Verify whether the internal client can use a transparent proxy to access the external web server.

Reload service, squid-k reconfigure

Verify:

The client shuts down the traditional agent.

(5) modify the main configuration file of squid, set up ACL access control, require the internal client of 192.168.1.0 network segment to use proxy server only from 9:00 to 17:00 from Monday to Friday, do not allow Internet access at other times, and prohibit downloading .mp3, .avi, .rmvb video files. Create a blacklist for certain destination addresses, such as

61.135.167.36

125.39.127.25

Modify the time of the squid server, and the client verifies whether it can access the Internet.

The client verifies that the mp3 video file can be downloaded.

Reload the service squid-k reconfigure

Verify:

Create .mp3 file on web

The .mp3 file cannot be downloaded.

(6) install the Squid log analysis software sarg on the squid server, make the relevant configuration, and visit the log analysis website on the client side.

Install sarg to create the installation directory mkdri / usr/local/s

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.