目的
通过frp访问企业网络,然后在企业服务器上部署squid代理服务器。需要一台外部公网服务器,用于部署frp服务端。企业内部一台服务器做frp客户端和squid服务器。
部署
frp服务端部署
选择安装目录:cd /opt
sudo wget https://github.com/fatedier/frp/releases/download/v0.49.0/frp_0.49.0_linux_amd64.tar.gz
sudo tar -zxf frp_0.49.0_linux_amd64.tar.gz
sudo mv frp_0.49.0_linux_amd64 frp
sudo chmod -R 755 frp
配置frps:
[common]
bind_port = 7000
vhost_http_port = 80
vhost_https_port = 443
bind_udp_port = 7001
privilege_mode = true
privilege_token = your_token # 需设置token
dashboard_port = 7002
dashboard_user = your_user # 需设置用户
dashboard_pwd = your_user_pwd # 需设置密码
配置开机自启:
- 添加文件:
vi /etc/systemd/system/frps.service
[Unit] Description=frp server After=network.target [Service] Type=simple User={USER} #改成自己的用户 WorkingDirectory=/opt/frp ExecStart=/opt/frp/frps -c /opt/frp/frps.ini Restart=on-failure RestartSec=5s [Install] WantedBy=multi-user.target
- 设置开机自启
sudo systemctl enable frpc sudo systemctl start frpc
frp客户端部署
选择安装目录:cd /opt
sudo wget https://github.com/fatedier/frp/releases/download/v0.49.0/frp_0.49.0_linux_amd64.tar.gz
sudo tar -zxf frp_0.49.0_linux_amd64.tar.gz
sudo mv frp_0.49.0_linux_amd64 frp
sudo chmod -R 755 frp
配置frpc:
[common]
server_addr = your_server_ip
server_port = 7000
privilege_token = your_token
[squid_proxy] # 全局唯一
type = tcp
local_ip = 127.0.0.1
local_port = 3128
remote_port = 3128
privilege_mode = true
group = myproxy # 分组,可以启动多个代理做负载均衡
group_key = myproxy
配置开机自启:
- 添加文件:vi /etc/systemd/system/frpc.service
[Unit] Description=frp client After=network.target [Service] Type=simple User={USER} #改成自己的用户 WorkingDirectory=/opt/frp ExecStart=/opt/frp/frpc -c /opt/frp/frpc.ini Restart=on-failure RestartSec=5s [Install] WantedBy=multi-user.target
- 设置开机自启
sudo systemctl enable frpc sudo systemctl start frpc
安装配置squid
安装
sudo apt-get update
sudo apt-get install -y squid
sudo systemctl enable squid
sudo systemctl start squid
修改配置:
vi /etc/squid/squid.conf
http_port 3128
#http_access deny all
http_access allow all
重启:sudo systemctl restart squid
设置代理访问
http_proxy: http://your_server_ip:3128
https_proxy: https://your_server_ip:3128