본문 바로가기
리눅스

[리눅스] Proxy 서버 구축(squid)

변군이글루 2017. 5. 26. 15:40
반응형

Proxy 서버 구축(squid)

1. 설치

yum install squid

설정 파일 구성
/etc/squid/squid.conf
/var/log/squid/cache.log
/var/log/squid/access.log

2. 설정 파일(squid.conf)

vi /etc/squid/squid.conf
### Access Control List
acl localnet src 10.0.0.0/8     # RFC1918 possible internal network
acl localnet src 172.16.0.0/12  # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network

acl SSL_ports port 443
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl CONNECT method CONNECT

### Deny requests to certain unsafe ports
http_access deny !Safe_ports

### Deny CONNECT to other than secure SSL ports
http_access deny CONNECT !SSL_ports

### Only allow cachemgr access from localhost
http_access allow localhost manager
http_access deny manager

### Example rule allowing access from your local networks.
### Adapt localnet in the ACL section to list your (internal) IP networks
### from where browsing should be allowed
http_access allow localnet
http_access allow localhost

### And finally deny all other access to this proxy
http_access deny all

### Squid normally listens to port 3128
http_port 3128

### Uncomment and adjust the following to add a disk cache directory.
#cache_dir ufs /var/spool/squid 100 16 256

cache_log /var/log/squid/cache.log

cache_access_log /var/log/squid/access.log

cache_store_log /var/log/squid/store.log

### Leave coredumps in the first cache dir
coredump_dir /var/spool/squid

### Add any of your own refresh_pattern entries above these.
refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern -i (/cgi-bin/|\?) 0     0%      0
refresh_pattern .               0       20%     4320

3. 데몬 기동

systemctl squid start
systemctl squid stop
squid -z

 

728x90
반응형
저작자표시

'리눅스' 카테고리의 다른 글

CentOS 7에서 ISO 이미지를 생성하기(mkisofs)  (0) 2017.07.12
[리눅스] tcpdump 명령어  (0) 2017.06.09
리눅스에서 HTTP Proxy Server 설정하기  (0) 2017.05.26
[Ansible] 계정 생성 및 삭제  (0) 2017.04.25
[Ansible ] 일반 계정 생성  (0) 2017.04.25

'리눅스' Related Articles

티스토리툴바