Squid installation example

Github-blog
CSDN-blog

windows version

Proxy Download

http://squid.diladele.com/

Installation configuration

1. Install without stopping next;
2. Remove the default from all the files at the end of default under squid/etc / and change them to conf files
3. Configure the squid.conf file according to the local needs (SQUID needs to be restarted and takes effect every time the configuration file is modified)

Sample profile

# Recommended minimum configuration:
#
# Example rule allowing access from your local networks.
# Adapt to list your (internal) IP networks from where browsing
# should be allowed

acl all src all
#acl localnet src 10.0.0.0/8    # RFC1918 possible internal network
#acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
#acl localnet src 192.168.0.0/16    # RFC1918 possible internal network
#acl localnet src fc00::/7       # RFC 4193 local private network range
#acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged) machines
acl localnet src XX.XX.XX.XX/XX #host IP

acl SSL_ports port 443
acl SSL_ports port 9418
acl Safe_ports port 80      # http
acl Safe_ports port 21      # ftp
acl Safe_ports port 443     # https
acl Safe_ports port 70      # gopher
acl Safe_ports port 210     # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280     # http-mgmt
acl Safe_ports port 488     # gss-http
acl Safe_ports port 591     # filemaker
acl Safe_ports port 777     # multiling http
acl Safe_ports port 53                  # dns
acl Safe_ports port 9418            # git port
acl CONNECT method CONNECT

#
# Recommended minimum Access Permission configuration:
#

# Only allow cachemgr access from localhost
#http_access allow localhost manager
#http_access deny manager

# Deny requests to certain unsafe ports
#http_access deny !Safe_ports

# Deny CONNECT to other than secure SSL ports
#http_access deny CONNECT !SSL_ports

# We strongly recommend the following be uncommented to protect innocent
# web applications running on the proxy server who think the only
# one who can access services on "localhost" is a local user
#http_access deny to_localhost

#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
#

# Example rule allowing access from your local networks.
# Adapt localnet in the ACL section to list your (internal) IP networks
# from where browsing should be allowed
http_access allow localnet
http_access allow localhost

# And finally deny all other access to this proxy
#http_access deny all
http_access allow all 

# Squid normally listens to port 808
http_port 808

# Uncomment the line below to enable disk caching - path format is /cygdrive/<full path to cache folder>, i.e.
cache_dir aufs C:\Squid\var\cache 3000 16 256

# Leave coredumps in the first cache dir
#coredump_dir /var/cache/squid

# Add any of your own refresh_pattern entries above these.
refresh_pattern ^ftp:       1440    20% 10080
refresh_pattern ^gopher:    1440    0%  1440
refresh_pattern -i (/cgi-bin/|\?) 0 0%  0
refresh_pattern .       0   20% 4320    

positive_dns_ttl 60 
dns_nameservers  XX.XX.XX.XX   #DNS server
tcp_recv_bufsize 65535 bytes 
cache_mem 100 MB 
max_filedescriptors 40960

linux version

Here is original text
 

Configure forward agent

Steps:
(1) Install squid, for example in ubuntu:

sudo apt-get update
sudo apt-get install squid

(2) Ensure that the hostname can be resolved, and ping the hostname for testing

(3) Set the configuration file / etc/squid/squid.conf to modify the following options

You can find the port number of the httpd? Port modification agent service
(4) Squid-z: initialization as shown in Figure

(5) service squid start: start the service

(6) Set client: open browser tool - internet Options - connection - LAN settings - set ip and port number of proxy server

Github-blog
CSDN-blog

Keywords: network github ftp DNS

Added by Cantaloupe on Thu, 26 Mar 2020 19:16:57 +0200