install squid proxy server on ubuntu18.04
安装squid
sudo apt update
sudo apt install squid -y
配置squid proxy server
squid的陪着大致分为以下部分
- OPTIONS FOR SMP
- OPTIONS FOR AUTHENTICATION
- ACCESS CONTROLS
- NETWORK OPTIONS
- SSL OPTIONS
- OPTIONS RELATING TO EXTERNAL SSL_CRTD
- OPTIONS WHICH AFFECT THE NEIGHBOR SELECTION ALGORITHM
- MEMORY CACHE OPTIONS
- DISK CACHE OPTIONS
- LOGFILE OPTIONS
- OPTIONS FOR TROUBLESHOOTING
- OPTIONS FOR FTP GATEWAYING
- OPTIONS FOR EXTERNAL SUPPORT PROGRAMS
- OPTIONS FOR URL REWRITING
- OPTIONS FOR STORE ID
- OPTIONS FOR TUNING THE CACHE
- HTTP OPTIONS
- TIMEOUTS
- ADMINISTRATIVE PARAMETERS
- OPTIONS FOR THE CACHE REGISTRATION SERVICE
- HTTPD-ACCELERATOR OPTIONS
- DELAY POOL PARAMETERS
- CLIENT DELAY POOL PARAMETERS
- WCCPv1 AND WCCPv2 CONFIGURATION OPTIONS
- PERSISTENT CONNECTION HANDLING
- CACHE DIGEST OPTIONS
- SNMP OPTIONS
- ICP OPTIONS
- MULTICAST ICP OPTIONS
- INTERNAL ICON OPTIONS
- ERROR PAGE OPTIONS
- OPTIONS INFLUENCING REQUEST FORWARDING
- ADVANCED NETWORKING OPTIONS
- ICAP OPTIONS
- eCAP OPTIONS
- MESSAGE ADAPTATION OPTIONS
- DNS OPTIONS
- MISCELLANEOUS
具体各项参考Squid 3.5.19 configuration file设置你的配置文件
下面是我使用的配置文件
cat <<EOF >/etc/squid/squid.conf
#acl的语义参考http://www.squid-cache.org/Versions/v3/3.5/cfgman/acl.html
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
http_access allow all
http_access deny all
http_port 3128
https_port 5601 accel
coredump_dir /var/spool/squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880
refresh_pattern . 0 20% 4320
EOF
重启squid服务
sudo systemctl restart squid.service
测试代理
lsof -i :3128
curl -x http://10.194.235.13:3128 https://www.baidu.com
lsof -i :5601
curl -x https://10.194.235.13:5601 https://www.baidu.com
上面的配置无法启动https_port
参考
Proxy Servers - Squid | Server documentation | Ubuntu
Squid 3.5.19 configuration file