设置Squid3服务器

tag-icon tag-icon proxy http squid
设置Squid3服务器

我目前已使用以下脚本squid3-3.4.8安装Debian

#!/bin/bash

# add Debian Wheezy backports repository
cat <<EOF> /etc/apt/sources.list.d/wheezy-backports.list
deb http://ftp.de.debian.org/debian wheezy-backports main
deb-src http://ftp.de.debian.org/debian wheezy-backports main
EOF

# update repository list
apt-get update

# install required dev packages
apt-get install -y wget openssl devscripts build-essential libssl-dev

# install debian squid3 source code
apt-get source -y squid3

# install all required dependeny packages
apt-get build-dep -y squid3

# enable SSL support
wget -q http://dl.panticz.de/squid/squid3-3.4.8_enable_ssl.diff -O - | patch -p2 squid3-3.4.8/debian/rules

# build packages
cd squid3-3.4.8
debuild -us -uc

apt-get install logrotate
dpkg -i *.deb
apt-get install -f

修改后/etc/squid3/squid.conf

#acl manager proto cache_object
#acl localhost src 127.0.0.1/32 ::1
#acl to_localhost dst 127.0.0.1/8 0.0.0.0/32 ::1
visible_hostname SRSQUID3
acl SSL_ports port 443
acl Safe_ports port 80
acl Safe_ports port 21
acl Safe_ports port 443
acl Safe_ports port 70
acl Safe_ports port 210
acl Safe_ports port 1025-65535
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777
acl CONNECT method CONNECT
http_access allow all
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access deny all
http_port 3128 accel defaultsite=cona-proxy vhost
#cache_peer 192.168.122.11 parent 80 0 no-query originserver login=PAS name=webserver
cache_dir ufs /var/spool/squid3 100 16 256
coredump_dir /var/spool/squid3
refresh_pattern ^ftp:   1440    20% 10080
refresh_pattern ^gopher:    1440    0%  1440
refresh_pattern -i (/cgi-bin/|\?)   0   0%  0
refresh_pattern (Release|Packages(.gz)*)$   0   20% 2880
refresh_pattern .   0   20% 4320
always_direct allow all
acl server_users dstdomain cona-proxy
http_access allow server_users
#cache_peer_access webserver allow server_users
#cache_peer_access webserver deny all

acl myhosts src 10.10.0.0/255.255.0.0
http_access allow myhosts

在域中的计算机指向此代理,打开 http 页面显示:

It works!
This is default web page for this server.
The web server software is running but no content has been added, yet.

这是 apache 的信息。cat /var/log/squid3/access.log显示无法访问 squid,只写入 apache 的日志。https 页面显示:this page cannot be displayed,但首先我希望至少 http 可以工作。任何帮助都值得感激。

答案1

是的,那是指向80端口,也就是apache。浏览器中的3128端口解决了这个问题。

答案2

确保客户端指向 squid(端口 3128)而不是 apache(可能是端口 80)

相关内容