日本免费全黄少妇一区二区三区-高清无码一区二区三区四区-欧美中文字幕日韩在线观看-国产福利诱惑在线网站-国产中文字幕一区在线-亚洲欧美精品日韩一区-久久国产精品国产精品国产-国产精久久久久久一区二区三区-欧美亚洲国产精品久久久久

  1. 首頁 > 云知道 > >

FreeBSD 6.2Release+Squid-2.6架設(shè)上網(wǎng)二級(jí)代理服務(wù)器

云知道

二級(jí)上網(wǎng)代理服務(wù)器,用的很少,不過有時(shí)你想控制局域網(wǎng)中一小部分的機(jī)器的上網(wǎng),就用的上 。前兩天架設(shè)了一臺(tái)二級(jí)代理,寫個(gè)筆記 。
如下圖,一級(jí)和二級(jí)代理服務(wù)器都使用FreeBSD6.2Release Squid2.6,一級(jí)代理直接和外網(wǎng)線路連接,用戶通過設(shè)置相應(yīng)的網(wǎng)段IP和代理服務(wù)器(IE上設(shè)置)進(jìn)行上網(wǎng) 。一級(jí)代理服務(wù)器后面的交換上的用戶直接設(shè)置21段的IP再加上在IE上設(shè)置192.168.21.254及端口3128進(jìn)行上網(wǎng);二級(jí)代理后面的用戶就要設(shè)置11段的IP加上192.168.11.254及端口3128進(jìn)行上網(wǎng) 。
============================================
一、一級(jí)代理服務(wù)器的架設(shè)
說明:
操作系統(tǒng):FreeBSD6.2Release
代理軟件:Squid2.6STABLE16
外網(wǎng)卡:em0 -> 218.90.159.xxx (默認(rèn)網(wǎng)關(guān)為上一級(jí)ISP提供)
內(nèi)網(wǎng)卡:em1 -> 192.168.21.254
1、FreeBSD的安裝及優(yōu)化
(2)配置rc.conf
hostname="one.www.com"
defaultrouter="218.90.159.xxx"
ifconfig_em0=inet 218.90.159.xxx netmask 255.255.255.xxx//外網(wǎng)IP
ifconfig_em1=inet 192.168.21.254 netmask 255.255.255.0″ //內(nèi)網(wǎng)IP
sendmail_enable=NONE
inetd_enable=YES
Linux_enable=YES
sshd_enable=YES
usbd_enable=YES
(3)配置內(nèi)核:
newproxy# cd /usr/src/sys/i386/conf
newproxy# cp GENERIC funpower
newproxy# ee funpower
修改內(nèi)核配置文件,將不需要的選項(xiàng)(如網(wǎng)卡)之類的前面打#,然后按esc并按a保存退出,再執(zhí)行:
【FreeBSD 6.2Release Squid-2.6架設(shè)上網(wǎng)二級(jí)代理服務(wù)器】newproxy# /usr/sbin/config funpower
newproxy# cd ../compile/funpower
newproxy# make cleandepend
newproxy# make depend
newproxy# make
newproxy# make install
2、squid的安裝
(1)安裝perl
newproxy# cd /usr/ports/lang/perl5
newproxy# make install
(2)下載并安裝squid
從http://www.squid-cache.org/Versions/v2/2.6/下載squid-2.6.STABLE16.tar.gz并通過FTP放置服務(wù)器目錄中/home/funpower,然后開始解壓安裝:
newproxy# cd /home/funpower
newproxy# tar zxvf squid-2.6.STABLE16.tar.gz
newproxy# cd squid-2.6.STABLE16
newproxy# ./configure –prefix=/usr/local/squid
newproxy# make
newproxy# make install
(3)配置squid.conf
newproxy# cd /usr/local/squid/etc
newproxy# ee squid.conf
內(nèi)容如下:
acl web src 192.168.21.0/24
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow web
http_access deny all
icp_access allow all
http_port 3128
hIErarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin ?
cache deny QUERY
cache_mem 64 MB
cache_dir ufs /usr/local/squid/cache 7000 16 256
access_log /dev/null
cache_log /dev/null
cache_store_log none
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
cache_mgr webmaster@www.com
cache_effective_user squid
cache_effective_group squid

推薦閱讀