본문 바로가기

리눅스

우분투에서 Squid 및 Webmin을 설치하는 방법

반응형

우분투에서 Squid 및 Webmin을 설치하는 방법

테스트 환경

$ lsb_release -d
Description:	Ubuntu 22.04.2 LTS

Squid 설치

sudo apt-get update
sudo apt-get install -y squid
vim /etc/squid/squid.conf
$ cat /etc/squid/squid.conf | egrep -v '^$|^#'
acl localnet src 0.0.0.1-0.255.255.255	# RFC 1122 "this" network (LAN)
acl localnet src 10.0.0.0/8		# RFC 1918 local private network (LAN)
acl localnet src 100.64.0.0/10		# RFC 6598 shared address space (CGN)
acl localnet src 169.254.0.0/16 	# RFC 3927 link-local (directly plugged) machines
acl localnet src 172.16.0.0/12		# RFC 1918 local private network (LAN)
acl localnet src 192.168.0.0/16		# RFC 1918 local private network (LAN)
acl localnet src fc00::/7       	# RFC 4193 local private network range
acl localnet src fe80::/10      	# RFC 4291 link-local (directly plugged) machines
acl SSL_ports port 443
acl Safe_ports port 80		# http
acl Safe_ports port 21		# ftp
acl Safe_ports port 443		# https
acl Safe_ports port 70		# gopher
acl Safe_ports port 210		# wais
acl Safe_ports port 1025-65535	# unregistered ports
acl Safe_ports port 280		# http-mgmt
acl Safe_ports port 488		# gss-http
acl Safe_ports port 591		# filemaker
acl Safe_ports port 777		# multiling http
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
include /etc/squid/conf.d/*.conf
http_access allow localhost
http_access deny all
http_port 3128
coredump_dir /var/spool/squid
refresh_pattern ^ftp:		1440	20%	10080
refresh_pattern ^gopher:	1440	0%	1440
refresh_pattern -i (/cgi-bin/|\?) 0	0%	0
refresh_pattern \/(Packages|Sources)(|\.bz2|\.gz|\.xz)$ 0 0% 0 refresh-ims
refresh_pattern \/Release(|\.gpg)$ 0 0% 0 refresh-ims
refresh_pattern \/InRelease$ 0 0% 0 refresh-ims
refresh_pattern \/(Translation-.*)(|\.bz2|\.gz|\.xz)$ 0 0% 0 refresh-ims
refresh_pattern .		0	20%	4320

squid.conf 설정 파일

vim squid.conf

https://raw.githubusercontent.com/anti1346/linux_configure/main/ubuntu/jammy/squid/squid.conf

systemctl squid start

Webmin 설치

Webmin은 Squid를 관리하기 위한 웹 기반 인터페이스입니다. Webmin을 설치하기 위해 아래 명령을 실행합니다.

sudo vim /etc/apt/sources.list

편집기에서 sources.list 파일을 열고 다음 줄을 파일의 맨 아래에 추가합니다

deb http://download.webmin.com/download/repository sarge contrib

저장하고 에디터를 닫은 후 아래 명령을 실행하여 Webmin의 GPG 키를 추가합니다

wget http://www.webmin.com/jcameron-key.asc
sudo apt-key add jcameron-key.asc

패키지 목록을 업데이트하고 Webmin을 설치합니다

sudo apt-get update
sudo apt-get install -y webmin

Webmin 액세스

  • 계정 패스워드 정보
    • 계정 : root
    • 패스워드 : root 패스워드
https://your_server_ip:10000

 

webmin

728x90

 

Dashboard

webmin

Squid Proxy Server

webmin

squid 구성 파일 설정

webmin

acl localnet src 0.0.0.1-0.255.255.255 # RFC 1122 "this" network (LAN)
acl localnet src 10.0.0.0/8 # RFC 1918 local private network (LAN)
acl localnet src 100.64.0.0/10 # RFC 6598 shared address space (CGN)
acl localnet src 169.254.0.0/16 # RFC 3927 link-local (directly plugged) machines
acl localnet src 172.16.0.0/12 # RFC 1918 local private network (LAN)
acl localnet src 192.168.0.0/16 # RFC 1918 local private network (LAN)
acl localnet src fc00::/7 # RFC 4193 local private network range
acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines

acl allowed_clients src 192.168.0.14

acl SSL_ports port 443

acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http

acl allowed_sites dstdomain .naver.com

http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
http_access allow localhost

#http_access allow allowed_clients
#http_access allow allowed_sites
http_access allow allowed_clients allowed_sites

http_access deny all

include /etc/squid/conf.d/*.conf

http_port 3128

cache_dir ufs /var/spool/squid 100 16 256

access_log daemon:/var/log/squid/access.log squid
logfile_rotate 7

coredump_dir /var/spool/squid

refresh_pattern ^ftp:		1440	20%	10080
refresh_pattern ^gopher:	1440	0%	1440
refresh_pattern -i (/cgi-bin/|\?) 0	0%	0
refresh_pattern \/(Packages|Sources)(|\.bz2|\.gz|\.xz)$ 0 0% 0 refresh-ims
refresh_pattern \/Release(|\.gpg)$ 0 0% 0 refresh-ims
refresh_pattern \/InRelease$ 0 0% 0 refresh-ims
refresh_pattern \/(Translation-.*)(|\.bz2|\.gz|\.xz)$ 0 0% 0 refresh-ims
refresh_pattern .		0	20%	4320

cache_effective_user proxy
cache_effective_group proxy

 

squid 구성 파일 검사

  • /etc/squid/squid.conf
sudo squid -k parse

 

참고URL

- 리눅스에 프록시를 지정하는 방법 : https://scbyun.com/1648

 

728x90
반응형