这个答案似乎不符合我的要求: Squid 配置-同一用户多个 IP
假设我有一个代理服务器,其中有 3 个 IPV4(202.6.7.8-9-10)和 20 个 IPV6(ipv6_1 -> ipv6_20)
我想要配置
允许 IP 203.166.233.16-17-18 连接到端口 3000 至 3010,以使用代理 ipv6_1 至 ipv6_10
允许 IP 203.166.233.20-21-22 连接到端口 4000 至 4010 以使用代理 ipv6_11 至 ipv6_20
username1/pwd1 连接到端口 1001-1002,使用 ipv4 202.6.7.9-10 传出
username2/pwd2 连接到端口 1201-1202,使用 ipv4 202.6.7.9-10 传出
我尝试了以下配置,但有两个问题:
允许 6 个 IP,但整个互联网都可以访问
允许ips可以交叉访问其他端口
dns_v4_first off
acl to_ipv6 dst ipv6
http_access deny !to_ipv6
http_access allow to_ipv6
#gourp 1 (ipv6)
acl group_1 src 203.166.233.16 203.166.233.17 203.166.233.18
http_port 202.6.7.8:3001
http_port 202.6.7.8:3002
http_port 202.6.7.8:3003
http_port 202.6.7.8:3004
http_port 202.6.7.8:3005
acl lip_3001 myport 3001
acl lip_3002 myport 3002
acl lip_3003 myport 3003
acl lip_3004 myport 3004
acl lip_3005 myport 3005
tcp_outgoing_address a001:aaa:bbb::31 lip_3001
tcp_outgoing_address a001:aaa:bbb::32 lip_3002
tcp_outgoing_address a001:aaa:bbb::33 lip_3003
tcp_outgoing_address a001:aaa:bbb::34 lip_3004
tcp_outgoing_address a001:aaa:bbb::35 lip_3005
http_access allow group_1
http_access deny !group_1
#gourp 2 (ipv6)
acl group_2 src 203.166.233.20 203.166.233.21 203.166.233.22
http_port 202.6.7.8:4001
http_port 202.6.7.8:4002
http_port 202.6.7.8:4003
http_port 202.6.7.8:4004
http_port 202.6.7.8:4005
acl lip_4001 myport 4001
acl lip_4002 myport 4002
acl lip_4003 myport 4003
acl lip_4004 myport 4004
acl lip_4005 myport 4005
tcp_outgoing_address a001:aaa:bbb::41 lip_4001
tcp_outgoing_address a001:aaa:bbb::42 lip_4002
tcp_outgoing_address a001:aaa:bbb::43 lip_4003
tcp_outgoing_address a001:aaa:bbb::44 lip_4004
tcp_outgoing_address a001:aaa:bbb::45 lip_4005
http_access allow group_2
http_access deny !group_2
#Enable IPV4 Proxies
dns_v4_first on
acl to_ipv4 dst ipv4
http_access allow to_ipv4
#group 3 (ipv4 user/pwd auth)
http_port 202.6.7.8:1001
http_port 202.6.7.8:1002
acl lip_1001 myport 1001
acl lip_1001 myport 1001
tcp_outgoing_address 202.6.7.9 lip_1001
tcp_outgoing_address 202.6.7.10 lip_1002