溫馨提示×
您好,登錄后才能下訂單哦!
點擊 登錄注冊 即表示同意《億速云用戶服務條款》
您好,登錄后才能下訂單哦!
萬得數據部門需要海外相關數據,但由于GFW的緣故,中國大陸直接訪問海外網站會遇到諸多問題,因此需要在香港搭建一臺代理服務器,以此解決相關問題。
從squid的官方站點:http://www.squid-cache.org/
可以下載源代碼包,也可以下載RPM包。該文檔介紹源代碼安裝。
1. 將下載文件拷貝到
hkproxy:/usr/local/src# dir
-rw-r--r-- 1 root root 4828446 7月 1 22:14 squid-3.5.20.tar.gz
2. 解壓安裝包
hkproxy:/usr/local/src #tar zxvf squid-3.5.20.tar.gz
3. 進入到安裝包
hkproxy:/usr/local/src # cd squid-3.5.20/
hkproxy:/usr/local/src/squid-3.5.20 #
4. 創建安裝squid目錄
hkproxy:/usr/local # mkdir squid
5. 添加squid用戶
# useradd squid -g squid -s /bin/false
同時設置密碼
創建組:
#groupadd squid
6. ./configure安裝
hkproxy:/usr/local/src/squid-3.5.20 #./configure--prefix=/usr/local/squid/ --enable-ssl --enable-underscore --enable-icmp--enable-kill-parent-hack --enable-gnuregex--enable-default-err-language="Simplify_Chinese" --with-large-files--with-default-user=squid --disable-loadable-modules
注:--prefix=/usr/local/squid/:Squid的安裝目錄,缺省值為/usr/local/squid;
--enable-ssl:允許Squid終止SSL/TLS連接,僅對代理模式的加速請求有效;
--enable-underscores:允許主機名里包含下劃線,但仍須考慮DNS解析程序可能會禁止主機名里包含下劃線。
--enable-icmp:利用ICMP消息來確定回環時間(round-trip time),這類似于ping程序;
--enable-kill-parent-hack: 關掉squid的時候,要不要連同父進程一起關掉。
--enable-gnuregex:使用GNU正則表達式。
--enable-default-err-language=lang:錯誤消息采用的默認語言,英語是默認值。
--with-large-files: 支持大文件
--with-default-user=squid : 指定squid用戶
--disable-loadable-modules :禁用加載動態的相關模塊或預裝的模塊。在編譯GCC的時候會報錯,因此需要禁用該模塊。
更多模塊可以參考: ./configure –help
hkproxy:/usr/local/src/squid-3.5.20# ./configure --help | more
`configure'configures Squid Web Proxy 3.5.20 to adapt to many kinds of systems.
Usage: ./configure[OPTION]... [VAR=VALUE]...
To assignenvironment variables (e.g., CC, CFLAGS...), specify them as
VAR=VALUE. See below for descriptions of some of theuseful variables.
Defaultsfor the options are specified in brackets.
Configuration:
-h, --help display this help and exit
--help=short display options specific to thispackage
--help=recursive display the short help of all the includedpackages
-V, --version display version information and exit
-q, --quiet, --silent do not print `checking ...' messages
--cache-file=FILE cache test results in FILE [disabled]
-C, --config-cache alias for `--cache-file=config.cache'
-n, --no-create do not create output files
--srcdir=DIR find the sources in DIR [configure diror `..']
Installationdirectories:
--prefix=PREFIX install architecture-independent filesin PREFIX
[/usr/local/squid]
--exec-prefix=EPREFIX install architecture-dependent files inEPREFIX
[PREFIX]
Bydefault, `make install' will install all the files in
`/usr/local/squid/bin',`/usr/local/squid/lib' etc. You canspecify
aninstallation prefix other than `/usr/local/squid' using `--prefix',
forinstance `--prefix=$HOME'.
For bettercontrol, use the options below.
Finetuning of the installation directories:
--bindir=DIR user executables [EPREFIX/bin]
--sbindir=DIR system admin executables[EPREFIX/sbin]
--libexecdir=DIR program executables [EPREFIX/libexec]
--sysconfdir=DIR read-only single-machine data[PREFIX/etc]
--sharedstatedir=DIR modifiable architecture-independent data[PREFIX/com]
--localstatedir=DIR modifiable single-machine data[PREFIX/var]
--runstatedir=DIR modifiable per-process data[LOCALSTATEDIR/run]
--libdir=DIR object code libraries [EPREFIX/lib]
--includedir=DIR C header files [PREFIX/include]
--oldincludedir=DIR C header files for non-gcc [/usr/include]
--datarootdir=DIR read-only arch.-independent data root[PREFIX/share]
--datadir=DIR read-only architecture-independentdata [DATAROOTDIR]
--infodir=DIR info documentation[DATAROOTDIR/info]
--localedir=DIR locale-dependent data[DATAROOTDIR/locale]
--mandir=DIR man documentation [DATAROOTDIR/man]
--docdir=DIR documentation root[DATAROOTDIR/doc/squid]
--htmldir=DIR html documentation [DOCDIR]
--dvidir=DIR dvi documentation [DOCDIR]
--pdfdir=DIR pdf documentation [DOCDIR]
--psdir=DIR ps documentation [DOCDIR]
7. 如果configure安裝報錯,我遇到的是沒有安裝GCC編譯器,因此需要安裝該插件。
直接suse 的yast工具安裝。
8. Make 編譯
hkproxy:/usr/local/src/squid-3.5.20 # make #大約4分鐘
9. Make install 安裝
hkproxy:/usr/local/src/squid-3.5.20 # make install
10. 將安裝目錄的權限進行調整。
chown -R squid:squid /usr/local/squid/
11. 啟動
hkproxy:/usr/local/squid/sbin # ./squid
12. 查看默認偵聽端口是否啟動,默認是3128,我更改為3129了。
hkproxy:/usr/local/squid/sbin# netstat -an | grep "3129"
tcp 0 0 :::3129 :::* LISTEN
tcp 0 0 10.90.5.33:3129 10.200.1.12:2131 ESTABLISHED
Squid的配置文件squid.conf
#acllocalnet src 10.0.0.0/8 # RFC1918possible internal network
#acllocalnet src 172.16.0.0/12 # RFC1918 possible internal network
#acllocalnet src 192.168.0.0/16 #RFC1918 possible internal network
#acllocalnet src fc00::/7 # RFC 4193local private network range
#acllocalnet src fe80::/10 # RFC 4291link-local (directly plugged) machines
#acllocalnet src 222.66.202.206/32
#acllocalnet src 58.247.3.26/32
acllocalnet src 10.200.1.12/32
acllocalnet src 10.100.4.3/32
acllocalnet src 10.200.0.8/32
acllocalnet src 10.200.6.228/32
acllocalnet src 10.200.4.63/32
aclSSL_ports port 443
aclSafe_ports port 80 # http
aclSafe_ports port 21 # ftp
aclSafe_ports port 443 # https
aclSafe_ports port 70 # gopher
acl Safe_portsport 210 # wais
aclSafe_ports port 1025-65535 #unregistered ports
aclSafe_ports port 280 # http-mgmt
aclSafe_ports port 488 # gss-http
aclSafe_ports port 591 # filemaker
aclSafe_ports port 777 # multilinghttp
acl CONNECT method CONNECT
# Squidnormally listens to port 3128
http_port 3129
將squid.conf配置文件變更后,通過命令重新加載
hkproxy:/usr/local/squid/etc # /usr/local/squid/sbin/squid –k reconfigure
其它操作,請參考幫助:
hkproxy:/usr/local/squid/etc #/usr/local/squid/sbin/squid –k
hkproxy:/usr/local/squid/etc# /usr/local/squid/sbin/squid -k
/usr/local/squid/sbin/squid:option requires an argument -- 'k'
Usage:squid [-cdhvzCFNRVYX] [-n name] [-s | -l facility] [-f config-file] [-[au]port] [-k signal]
-a port Specify HTTP port number (default: 3128).
-d level Write debugging to stderr also.
-f file Use given config-file instead of
/usr/local/squid/etc/squid.conf
-h Print help message.
-k reconfigure|rotate|shutdown|restart|interrupt|kill|debug|check|parse
Parse configuration file, thensend signal to
running copy (except -k parse)and exit.
-n name Specify service name to use for service operations
default is: squid.
-s | -l facility
Enable logging to syslog.
-u port Specify ICP port number (default: 3130), disable with 0.
-v Print version.
-z Create missing swap directories and then exit.
-C Do not catch fatal signals.
-D OBSOLETE. Scheduled for removal.
-F Don't serve any requests until store is rebuilt.
-N No daemon mode.
-R Do not set REUSEADDR on port.
-S Double-check swap duringrebuild.
-X Force full debugging.
至此可以瀏覽google了。。。。
hkproxy:/usr/local/squid/var/logs #cat access.log | more
1468291506.630 183 10.100.4.3 TCP_TUNNEL/200 848 CONNECTwww.google.com:443 - HIER_DIRECT/216.58.203.4 -
1468291506.791 877 10.100.4.3 TCP_TUNNEL/200 1626 CONNECTad.afy11.net:443 - HIER_DIRECT/74.117.199.102 -
1468291506.798 20 10.100.4.3TCP_MISS/200 842 GEThttp://clients1.google.com/ocsp/MEkwRzBFMEMwQTAJBgUrDgMCGgUABBTy4Gr5hYodjXCbSRkjeqm1Gih%2BZAQUSt0GFhu89mi1dvWBtrtiGrpagS8CCBkrTynxASad- HIER_DIRECT/216.58.199.14 application/ocsp-response
1468291506.824 828 10.100.4.3 TCP_TUNNEL/200 43033 CONNECTfw.adsafeprotected.com:443 - HIER_DIRECT/52.196.221.84 -
1468291506.831 88010.100.4.3 TCP_TUNNEL/200 43033 CONNECT fw.adsafeprotected.com:443 -HIER_DIRECT/52.196.221.84 -
免責聲明:本站發布的內容(圖片、視頻和文字)以原創、轉載和分享為主,文章觀點不代表本網站立場,如果涉及侵權請聯系站長郵箱:is@yisu.com進行舉報,并提供相關證據,一經查實,將立刻刪除涉嫌侵權內容。
