Squid proxy server-ACL access control, sarg log, reverse proxy 01/18 Update SLTechnology News&Howtos

Squid proxy server-ACL access control, sarg log, reverse proxy

2025-01-18 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >

Shulou(Shulou.com)06/02 Report--

Experimental environment squid server ens 33: www.example.com ens 36: www.example.com (host-only mode) web server 192.168.13.151client www.example.com (host-only mode) one, ACL access control 1, modify configuration file on squid server [root@squid~]#vim/etc/squid. conf ##Modify configuration file #should be allowedacl hostlocal src www.example.com ##Control hostlocal10.10 #Deny requests to certain unsafe portshttp_access deny hostlocal ##Deny access [root@squid~]#service squid reload ##Restart squid service 2 and access web pages on the test machine

Second, sarg log 1, install sarg [root@squid~]#mount. cifs www.example.com/mnt/##mount Password for root@//192.168.100.3/LNMP-C7:[root@squid~]#cd/mnt/[root@squid mnt]#tar zxvf sarg-2.3.7.tar.gz-C/opt/ ##Unzip [root@squid mnt]#cd/opt/sarg-2.3.7/[root@squid sarg-2.3.7]#yum install gd gd-devel-y ##Install gd library [root@squid sarg-2.3.7]#./ configure--prefix =/usr/local/sarg\##install path>--sysconfdir =/etc/sarg\ ##config file>--enable-extraprotection ##turn on security [root@squid sarg-2.3.7]#make && make install ##compile install 2, Modify sarg configuration file [root@squid sarg-2.3.7]#vim/etc/sarg/sarg. conf ##Modify sarg configuration file ##Open the following module modifications access_log/usr/local/squid/var/logs/access.log ##Specify access log file title "Squid User Access Reports"##Web page title output_dir/var/www/html/squid-reports ##Reports output directory user_ip no ##Display exclude_hosts/usr/local/sarg/noport using user name ##List of sites not counted in sorting topuser_sort_field connect reverse ##top Number of connections in sorting, access bytes, descending order, ascending order is normaloverwrite_report no ##whether the log of the same name overrides mail_utility mailq. postfix ##send mail report command charset UTF-8 ##using character set weekdays 0 - 6 ##top ranking time period hours 0 - 23 ##top ranking time period www_document_root/var/www/html ##Web root [root@squid~]#sarg ##Generate Report SARG: Recorded in documents: 91, reading: 100.00%SARG: The successful generation report is at/var/www/html/squid-reports/2019 Dec 11 - 2019 Dec 12 [root@squid sarg-2.3.7]#cd/var/www/html/squid-reports/##Switch to html directory [root@squid squid-reports]#ls 2019 Dec 11 - 2019 Dec 12 images index. html [root@squid squid-reports]#yum install httpd-y ##install httpd service [root@squid squid-reports]#systemctl start httpd. service ##start service [root@squid squid-reports]#systemctl stop firewalld. service ##Close firewall [root@squid squid-reports]#setenforce03, use test machine to access web page to view access records

##Periodically scheduled task execution generates daily reports crontabsarg-l/usr/local/squid/var/logs/access.log-o/var/www/html/squid-reports/-z-d $(date-d "1 day ago"+ % d/% m/% Y)-$(date + % d/% m/% Y)

Three, squid reverse proxy squid server ens 33: www.example.com ens36: www.example.com (host mode only) web1 server 192.168.13.151web2 server 192.168.13.185client www.example.com (host mode only) 1, edit a web page content on web1 server [root@web~]#cd/var/www/html/[root@web html]#vim index.html ##Edit web page content this is test web! 2. Visit the web page on the tester

3, Edit a web page content on web2 server [root@web2~]#systemctl stop firewalld.service ##turn off firewall [root@web2~]#setenforce 0 [root@web2~]#yum install httpd-y ##install httpd service [root@web2~]#cd/var/www/html/ ##create web content [root@web2 html]#vim index. htmlthis is test2 web! [root@web2 html]#systemctl start httpd. service 4, Configure reverse proxy on squid service [root@localhost squid]#vim/etc/squid. conf #Squid normally listens to port 3128http_port 192.168.13.13 184:80 accel vhost vport ##Monitor native 80 port cache_peer www.example.com parent 80 0 no-query originserver round-robin max_conn = 30 weight = 1 name = web1 ##Node server1 maximum access 30 weight = 1 alias web1cache_peer www.example.com parent 80 0 no-query originserver round-robin max_conn = 30 weight = 1 name = web1cache_peer_domain web1 www.example.com ##Access yun.com match web1, web2 node [root@localhost squid]#service squid restart ##Restart squid service 5 configure domain name resolution under admin user of test machine and set proxy

Thanks for reading!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.