Learning proxy server

Learning proxy server

The proxy server acts as an intermediary between the client and the server to hide some information of the client

There are two most common agents on linux, one is http agent, the other is socks agent

Network connection

Normal connection

The client sends an HTTP request to the server, and the server responds to the HTTP result

The IP address, operating system and browser information of the client will be obtained by the server.

http proxy

The client sends the HTTP request to the proxy server, the proxy server forwards the data to the server, the server responds to the HTTP result to the proxy server, and the proxy server returns the HTTP result to the client

At this time, the IP address, operating system and browser information obtained by the server are actually the information of the proxy server

socks proxy

Establish ssh connection between client and proxy server. The client sends the HTTP request through the ssh pipeline, the proxy server sends the data to the website server, the website server responds to the HTTP result, the proxy server returns the HTTP result through the ssh pipeline, and the client displays the result

Compared with http proxy, it has one more ssh pipeline establishment process. The advantages are the same as http proxy.

Demonstrate the process of establishing an agent

http proxy

Proxy server (ubuntu 20.04)

# Install squid agent software
sudo apt install squid

# Backup profile
sudo cp /etc/squid/squid.conf /etc/squid/squid.conf.default

# Edit profile
sudo vi /etc/squid/squid.conf
## Search http_access allow
## Open http_access allow localnet

# Restart squid app
sudo systemctl restart squid

# Make sure the squid application is started
sudo systemctl status squid


Use postman, click Settings - > proxy - > check add a custom proxy configuration, uncheck use the system proxy - > enter the address and port of squid (3128 by default) - > and then access the website in postman

View proxy connection requests

sudo vim /var/log/squid/access.log

Add more configurations (user name, password) to the proxy server

# Edit squid configuration
sudo vim /etc/squid/squid.conf

## Query acl and add the following statement before acl localnet src
## The first is to add basic program parameters to tell us the basic authentication to use next
auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/htpasswd
## Then add the parameters, the basic domain Squid proxy cache Web server, which just tells us to provide authentication for this authentication
auth_param basic realm Squid Proxy Caching Web Server
## Tell the acl of the agent that needs to be authenticated
acl authenticated proxy_auth REQUIRED
## Tell allowed IP addresses
acl authenticated_ips src

## Query http_access allow localnet, modify it to look like the following. This sentence indicates that the following two conditions must be observed before using the proxy server
http_access allow authenticated authenticated_ips

# When creating a PASSWORD file, remember to modify USERNAME and PASSWORD
sudo printf "USERNAME:$(openssl passwd -crypt PASSWORD)\n" | sudo tee -a /etc/squid/htpasswd

# Restart squid
sudo systemctl restart squid

Configure the username and password of the agent for postman

Open postman and fill in the user name and password in settings - > proxy - > proxy auth - > proxy auth

socks proxy

This is much simpler than http proxy. All the following operations are performed on the client. use

# Connect to server and listen on port 40932
ssh root@ -D 40932

# Check whether the listening port is started
netstat -natp | grep 40932

Use the proxy software, such as SwitchyOmega, to enter the local IP address (for example, localhost), port (40932), open the connection, and then use it

reference material

How to Create a Proxy // Squid (HTTP) and SOCKS

Keywords: Proxy

Added by reethu on Sun, 05 Dec 2021 15:08:57 +0200