代理有3種:
標準的傳統代理(不考慮了)
透明代理(適用於局域網接入互聯網網關,給內部用戶做緩存)
反向代理(適用於在互聯網的WEB站點做緩存)
一、透明代理
前提 透明代理服務器爲192.168.5.205
局域網測試機 192.168.5.160
1.安裝
[root@localhost ~]# rpm -ivh squid-3.1.10-1.el6_1.1.x86_64.rpm
2.配置
[root@localhost ~]# vim /etc/squid/squid.conf
http_access allow all(允許所有訪問,3.0版本以後默認acl允許所有訪問)
http_port 192.168.5.205:3128 transparent
3.設置iptables的重定向
[root@localhost ~]# iptables -t nat -I PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-ports 3128
啓動squid
service squid start
4.測試機測試
[root@localhost ~]# tail /var/log/squid/access.log ( 在192.168.5.205日誌)
1410687360.499 168 192.168.5.160 TCP_MISS/200 1567 GET http://eiv.baidu.com/hmt/icon/21.gif - DIRECT/61.135.186.152 p_w_picpath/gif
1410687360.562 53 192.168.5.160 TCP_MISS/200 115689 GET http://passport.bdimg.com/passApi/js/login_tangram_23d9c100.js - DIRECT/124.193.227.49 text/javascript
二、反向代理
前提 反向代理服務器爲192.168.5.205
web站點爲192.168.5.203
1.配置
[root@localhost ~]# vim /etc/squid/squid.conf
允許所有訪問(acl刪除,3.0以後本版默認acl all src 0.0.0.0/0.0.0.0)
http_access allow all
http_port 80 vhost (監聽80端口 vhost選項)
cache_peer 192.168.5.203 parent 80 0 originserver
(orginserver描述,名稱自定義)
2.啓動
service squid start
3.訪問測試
[root@localhost ~]# tail /var/log/squid/access.log (192.168.5.205的日誌)
1410684774.460 1 192.168.8.139 TCP_MISS/401 786 GET http://192.168.5.205/nagios - FIRST_UP_PARENT/192.168.5.203 text/html
1410684776.443 1 192.168.8.139 TCP_MISS/401 786 GET http://192.168.5.205/nagios - FIRST_UP_PARENT/192.168.5.203 text/html
(表示192.168.8.139訪問http://192.168.5.205時 ,192.168.5.205訪問了192.168.5.203 )
[root@Nagios-Server ~]# tail /usr/local/apache2/logs/access_log (192.168.5.203日誌)
192.168.5.205 - - [15/Sep/2014:01:21:52 +0800] "GET / HTTP/1.1" 200 44
192.168.5.205 - - [15/Sep/2014:01:21:52 +0800] "GET / HTTP/1.1" 200 44
192.168.5.205 - - [15/Sep/2014:01:21:52 +0800] "GET / HTTP/1.1" 200 44
(表示192.168.5.205訪問了 web站點)