CentOS 6/7 搭建HTTP代理(使用Squid)

配置 squid yum源
https://wiki.squid-cache.org/KnowledgeBase/CentOS

centos 6:

[squid]
name=Squid repo for CentOS Linux 6 - $basearch
#IL mirror
baseurl=http://www1.ngtech.co.il/repo/centos/6/$basearch
failovermethod=priority
enabled=1
gpgcheck=0

centos 7:

yum install http://ngtech.co.il/repo/centos/7/squid-repo-1-1.el7.centos.noarch.rpm -y
or
rpm -i http://ngtech.co.il/repo/centos/7/squid-repo-1-1.el7.centos.noarch.rpm
yum install squid

安装后,可以自定义http代理端口,设置来源IP白名单等

vi /etc/squid/squid.conf
 
# ------ 自定义http端口:
 
# Squid normally listens to port 3128
http_port 8088
 
# ------ 设置来源IP白名单,增加的这两行要在 http_access deny all 前面
 
acl client src 122.55.87.125
http_access allow client
# And finally deny all other access to this proxy
http_access deny all

默认squid的access日志里的时间为unix时间戳,不方便阅读,可以通过在 /etc/squid/squid.conf 增加一行logformat配置:

#此行加在配置文件末尾即可
#access log time human-readable
logformat squid %tl.%03tu %6tr %>a %Ss/%03>Hs %

修改完配置文件后,reload即可生效:

/etc/init.d/squid reload
 
#另外启动和重启命令
/etc/init.d/squid start
/etc/init.d/squid restart

如果想在防火墙级别就限定只允许白名单IP访问代理端口:

vi /etc/sysconfig/iptables
 
-A INPUT -s 122.55.87.125 -p tcp -m tcp --dport 8088 -j ACCEPT
service iptables restart

你可能感兴趣的:(CentOS 6/7 搭建HTTP代理(使用Squid))