代理有3种:
标准的传统代理(不考虑了)
透明代理(适用于局域网接入互联网网关,给内部用户做缓存)
反向代理(适用于在互联网的WEB站点做缓存)
一、透明代理
前提 透明代理服务器为192.168.5.205
局域网测试机 192.168.5.160
1.安装
[root@localhost ~]# rpm -ivh squid-3.1.10-1.el6_1.1.x86_64.rpm
2.配置
[root@localhost ~]# vim /etc/squid/squid.conf
http_access allow all(允许所有访问,3.0版本以后默认acl允许所有访问)
http_port 192.168.5.205:3128 transparent
3.设置iptables的重定向
[root@localhost ~]# iptables -t nat -I PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-ports 3128
启动squid
service squid start
4.测试机测试
[root@localhost ~]# tail /var/log/squid/access.log ( 在192.168.5.205日志)
1410687360.499 168 192.168.5.160 TCP_MISS/200 1567 GET http://eiv.baidu.com/hmt/icon/21.gif - DIRECT/61.135.186.152 p_w_picpath/gif
1410687360.562 53 192.168.5.160 TCP_MISS/200 115689 GET http://passport.bdimg.com/passApi/js/login_tangram_23d9c100.js - DIRECT/124.193.227.49 text/javascript
二、反向代理
前提 反向代理服务器为192.168.5.205
web站点为192.168.5.203
1.配置
[root@localhost ~]# vim /etc/squid/squid.conf
允许所有访问(acl删除,3.0以后本版默认acl all src 0.0.0.0/0.0.0.0)
http_access allow all
http_port 80 vhost (监听80端口 vhost选项)
cache_peer 192.168.5.203 parent 80 0 originserver
(orginserver描述,名称自定义)
2.启动
service squid start
3.访问测试
[root@localhost ~]# tail /var/log/squid/access.log (192.168.5.205的日志)
1410684774.460 1 192.168.8.139 TCP_MISS/401 786 GET http://192.168.5.205/nagios - FIRST_UP_PARENT/192.168.5.203 text/html
1410684776.443 1 192.168.8.139 TCP_MISS/401 786 GET http://192.168.5.205/nagios - FIRST_UP_PARENT/192.168.5.203 text/html
(表示192.168.8.139访问http://192.168.5.205时 ,192.168.5.205访问了192.168.5.203 )
[root@Nagios-Server ~]# tail /usr/local/apache2/logs/access_log (192.168.5.203日志)
192.168.5.205 - - [15/Sep/2014:01:21:52 +0800] "GET / HTTP/1.1" 200 44
192.168.5.205 - - [15/Sep/2014:01:21:52 +0800] "GET / HTTP/1.1" 200 44
192.168.5.205 - - [15/Sep/2014:01:21:52 +0800] "GET / HTTP/1.1" 200 44
(表示192.168.5.205访问了 web站点)