Ubuntu 16.04:使用2个NIC配置Squid代理

时间:2016-10-12 06:25:11

标签: networking squid ubuntu-16.04

我正在尝试使用两个网卡设置Squid。我相信一切都已经设置但是没有用,有人能帮我一些帮助吗?

我的配置:

的/ etc /网络/接口

source /etc/network/interfaces.d / * 

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto enp4s0
iface enp4s0 inet static
  address 192.168.1.115
  netmask 255.255.255.0
  network 192.168.1.0
  broadcast 192.168.1.255
  gateway 192.168.1.1
  dns-nameserver 8.8.8.8 8.8.4.4

auto enx00ee22aa05d2
iface enx00ee22aa05d2 inet static
  address 192.168.21.1
  netmask 255.255.255.0

/etc/squid/squid.conf中 

acl localnet src 192.168.21.0/24    # RFC1918 possible internal network

acl SSL_ports port 443
acl Safe_ports port 80      # http
acl Safe_ports port 21      # ftp
acl Safe_ports port 443     # https
acl Safe_ports port 70      # gopher
acl Safe_ports port 210     # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280     # http-mgmt
acl Safe_ports port 488     # gss-http
acl Safe_ports port 591     # filemaker
acl Safe_ports port 777     # multiling http
acl CONNECT method CONNECT

# Deny requests to certain unsafe ports
http_access deny !Safe_ports

# Deny CONNECT to other than secure SSL ports
http_access deny CONNECT !SSL_ports

# Only allow cachemgr access from localhost
http_access allow localhost manager
http_access deny manager

# Example rule allowing access from your local networks.
# Adapt localnet in the ACL section to list your (internal) IP networks
# from where browsing should be allowed
#http_access allow localnet
http_access allow localhost

# And finally deny all other access to this proxy
http_access deny all

# Squid normally listens to port 3128
http_port 3128 transparent

#Default:
access_log /var/log/squid/access.log 

# Leave coredumps in the first cache dir
coredump_dir /var/spool/squid

#
# Add any of your own refresh_pattern entries above these.
#
refresh_pattern ^ftp:       1440    20% 10080
refresh_pattern ^gopher:    1440    0%  1440
refresh_pattern -i (/cgi-bin/|\?) 0 0%  0
refresh_pattern (Release|Packages(.gz)*)$      0       20%     2880
# example lin deb packages
#refresh_pattern (\.deb|\.udeb)$   129600 100% 129600
refresh_pattern .       0   20% 4320

/etc/sysctl.conf中 

net.ipv4.ip_forward=1
net.ipv6.conf.all.forwarding=1

/etc/iptables.up.rules 

*nat -A PREROUTING -i enx00ee22aa05d2 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.21.1:3128 -A PREROUTING -i enx00ee22aa05d2 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128 -A POSTROUTING -s 192.168.2.0/24 -o enp4s0 -j MASQUERADE COMMIT

的/etc/rc.local 

iptables -t nat -A POSTROUTING -s 192.168.21.0/24 –o enp4s0 -j MASQUERADE

重新启动squid服务器,连接到新网络并获取以下IP地址

IP address: 192.168.21.100
Subnet: 255.255.255.0
Router: 192.168.21.1

当您尝试'curl http://www.google.co.uk'时,您会得到以下内容

curl:(6)无法解析主持人:www.google.co.uk

任何人都能就此提出建议吗?

感谢您的帮助

1 个答案:

答案 0 :(得分:0)

您是否正在设置第二张网卡" enx00ee22aa05d2"成为其他人的主要网关控制?如果是,您需要将其设置为网关,如下所示:

t1 = df1.groupby(['category', 'manufacturer'])
t2=t1[c1].mean()
str1='_'.join(col)
df2[c1+'_'+str1+'_mean']=t2[df2[['category','manufacturer']].as_matrix()].values

鱿鱼的配置似乎完美无缺。

相关问题
最新问题