在云服务器上（ubuntu）在使用Squid搭建代理服务器访问网页

前言

本人小白，学校的校园网访问不了github等网站，所以打算用云服务器作为代理服务器去访问这些网站。

服务器环境：Ubuntu 22.04.4 LTS

使用Squid搭建代理

安装squid：

sudo apt install squid

修改squid的配置文件：
squid的配置文件路径 /etc/squid/squid.conf，文件很长很长
建议先备份一下:

cd /etc/squid/
cp squid.conf squid.conf.bak

这里直接给出我网上找到的配置文件：参考

#
# Recommended minimum configuration:
#
 
# Example rule allowing access from your local networks.
# Adapt to list your (internal) IP networks from where browsing
# should be allowed
# 配置localnet的局域网段下面是localnet 能映射的网段
acl localnet src 10.0.0.0/8     # RFC1918 possible internal network
acl localnet src 172.16.0.0/12  # RFC1918 possible internal network
# 本人本机是192.168.50.24，然后代理访问时想不被局域网拦截，从而需要用户密码认证，所以我注释了这里
# acl localnet src 192.168.0.0/16       # RFC1918 possible internal network
acl localnet src fc00::/7       # RFC 4193 local private network range
acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged) machines
 
acl SSL_ports port 443
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl CONNECT method CONNECT
 
#
# Recommended minimum Access Permission configuration:
#
# Deny requests to certain unsafe ports
http_access deny !Safe_ports
 
# Deny CONNECT to other than secure SSL ports
http_access deny CONNECT !SSL_ports
 
# Only allow cachemgr access from localhost
http_access allow localhost manager
http_access deny manager
 
# We strongly recommend the following be uncommented to protect innocent
# web applications running on the proxy server who think the only
# one who can access services on "localhost" is a local user
#http_access deny to_localhost
 
#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
#
 
# Example rule allowing access from your local networks.
# Adapt localnet in the ACL section to list your (internal) IP networks
# from where browsing should be allowed
# allow是允许局域网代理访问（localnet映射的网址在上面 acl localnet那一堆默认的）
http_access allow localnet
http_access allow localhost
 
# 这三行是个人配置的代理访问用户和密码
# 这里有可能是/usr/lib64/squid/basic_ncsa_auth
auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/passwd
acl auth_user proxy_auth REQUIRED
http_access allow auth_user
 
# And finally deny all other access to this proxy
http_access deny all
 
# Squid normally listens to port 3128
http_port 3128
 
# Uncomment and adjust the following to add a disk cache directory.
#cache_dir ufs /var/spool/squid 100 16 256
 
# Leave coredumps in the first cache dir
coredump_dir /var/spool/squid
 
#
# Add any of your own refresh_pattern entries above these.
#
refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern -i (/cgi-bin/|\?) 0     0%      0
refresh_pattern .               0       20%     4320

/etc/squid/passwd 是用户密码存储文件，密码是经过加密的
可使用如下命令来生成用户密码

htpasswd -c /etc/squid/passwd 用户名

设置或者关闭防火墙，我直接给关闭了

sudo ufw disable

记得配置服务器的安全组，把要使用的端口打开

启动squid

service squid start
#重新加载配置文件
service squid reload
#查看启动状态
service squid status
#重启---时间小长
service squid restart

本地windows使用代理

打开控制面板，找到网络和internet，点击并找到internet选项

点击连接，局域网设置

填写对应的ip和端口
这样所有的访问都会通过代理服务器进行转发了
但是配置完之后打开github很慢而且图片和JS，CSS等都加载不出来。我也不清楚什么原因所以我放弃了这个想法。
参考文章：
squid代理服务配置用户和密码（解决配置失效问题）
Ubuntu 18.04 配置Squid网络代理