squid正向代理
原理:一台不能上网的机器通过代理可以访问不能访问的网站
这里我拿我的真机来做代理,虚拟机通过代理访问网站
真机Operating System: Red Hat Enterprise Linux Server 7.2 (Maipo)
squid安装和配置更改
真机(可以上网)IP:172.25.254.56
[root@dream software]# yum install -y squid ###下载squid
[root@dream software]# vim /etc/squid/squid.conf
55 # And finally deny all other access to this proxy
56 http_access allow all ###允许所有人连接
57
58 # Squid normally listens to port 3128
59 http_port 3128
60
61 # Uncomment and adjust the following to add a disk cache directory.
62 cache_dir ufs /var/spool/squid 100 16 256 ###100M,/var/spool/squid中16个一级目录,256个2级目录
[root@dream squid]# systemctl start squid
[root@dream 00]# systemctl stop firewalld
如果防火墙未关:开启3128端口访问权限
在虚拟机中的浏览器:
IP:172.25.254.125
测试
浏览器的主机ping www.baidu.com 网络不通,但是浏览器能够上网
squid反向代理
这里我用2台虚拟机,一台IP:172.25.254.125 一台IP:172.25.254.225
IP:172.25.254.125
注意:这台虚拟机的httpd服务要关闭
[root@server ~]# yum install -y squid
[root@server ~]# vim /etc/squid/squid.conf ###可以/usr/share/doc/squid-3.3.8/squid.conf.documented查看帮助
55 # And finally deny all other access to this proxy
56 http_access allow all
57
58 # Squid normally listens to port 3128
59 http_port 80 vhost vport ###通过80端口访问,虚拟用户,虚拟端口
60 cache_peer 172.25.254.225 parent 80 0 no-query ###通过80访问172.25.254.156,0没有后备,no-query:告诉服务器没有后备
61
62 # Uncomment and adjust the following to add a disk cache directory.
63 cache_dir ufs /var/spool/squid 100 16 256
[root@server ~]# systemctl start squid
[root@server ~]# systemctl stop firewalld.service
IP:172.25.254.225
[root@mysql ~]# vim /var/www/html/index.html
<h1>172.25.254.156</h1>
[root@mysql ~]# systemctl start httpd
测试
http://172.25.254.125 ###会访问到172.25.254.225的http的默认发布文件
平衡轮询
IP:172.25.254.125
vim /etc/squid/squid.conf
55 # And finally deny all other access to this proxy
56 http_access allow all
57
58 # Squid normally listens to port 3128
59 http_port 80 vhost vport
60 cache_peer 172.25.254.225 parent 80 0 no-query originserver round-robin name=webserver1 ###originserver:指定name=webserver1,代表所以信息,以round-robin(轮询)方式工作
61 cache_peer 172.25.254.56 parent 80 0 no-query originserver round-robin name=webserver2
62 cache_peer_domain webserver1 webserver2 www.dream.com ###www.dream.com做轮询
63 # Uncomment and adjust the following to add a disk cache directory.
64 cache_dir ufs /var/spool/squid 100 16 256
systemctl restart squid.service
测试
在访问的浏览器的主机中/etc/hosts加入172.25.254.125 www.dream.com
浏览器输入www.dream.com刷新可发现显示的内容会变化