squid作为http代理配置

时间:2018-12-03 19:44:59

标签: squid proxy-server

我试图将Squid用作http代理(使用85.10.219.144/29子网代理来自88.99.219.124的所有请求)。

$ cat /etc/squid3/squid.conf    
acl client src 88.99.219.124
acl proxy dst 85.10.219.144/29
http_access allow client proxy
http_access deny all
http_port 3129

$ tail -f /var/log/squid3/access.log
1543865940.128      0 88.99.219.124 TCP_DENIED/403 3486 CONNECT google.com:443 - HIER_NONE/- text/html
1543865940.138      0 88.99.219.124 TCP_DENIED/403 3486 CONNECT google.com:443 - HIER_NONE/- text/html
1543865940.147      0 88.99.219.124 TCP_DENIED/403 3486 CONNECT google.com:443 - HIER_NONE/- text/html
1543865940.156      0 88.99.219.124 TCP_DENIED/403 3486 CONNECT google.com:443 - HIER_NONE/- text/html

我的配置有什么问题?

1 个答案:

答案 0 :(得分:0)

乌贼配置:

$ cat /etc/squid3/squid.conf
acl client src 88.99.219.124
http_access allow client
http_access deny all
http_port 3129
debug_options ALL,1

要允许您的服务器使用85.10.219.144/29子网,请在子网中将IP地址添加到网络接口。

使用subnet calculator查找子网范围内的最小和最大ip。

网络接口:

$ cat /etc/network/interfaces
...

auto vmbr0
iface vmbr0 inet static
        address  x.x.x.x
        netmask  x.x.x.x
        gateway  x.x.x.x
        bridge-ports __network_interface_name__
        bridge-stp off
        bridge-fd 0

auto vmbr0:0
iface vmbr0:0 inet static
        address 85.10.219.145
        netmask 255.255.255.248
auto vmbr0:1
iface vmbr0:1 inet static
        address 85.10.219.146
        netmask 255.255.255.248
auto vmbr0:2
iface vmbr0:2 inet static
        address 85.10.219.147
        netmask 255.255.255.248
auto vmbr0:3
iface vmbr0:3 inet static
        address 85.10.219.148
        netmask 255.255.255.248
auto vmbr0:4
iface vmbr0:4 inet static
        address 85.10.219.149
        netmask 255.255.255.248
auto vmbr0:5
iface vmbr0:5 inet static
        address 85.10.219.150
        netmask 255.255.255.248

现在,当我们尝试使用代理时,它就起作用了!

$ curl -x http://85.10.219.150:3129 -L http://google.com

在日志文件中:

$ cat /var/log/squid/access.log
1544717769.941     58 _your_ip_ TCP_MISS/200 13234 GET http://www.google.com/ - HIER_DIRECT/2a00:1450:4001:809::2004 text/html