LINUX
HOME > OS/WAS > LINUX
2018.09.11 / 18:09

[CentOS 5.6] squid ¸¦ ÀÌ¿ëÇÑ proxy ¼³Á¤ - ½ÇÀü v w f s

xClick
Ãßõ ¼ö 112

<  CentOS squid ÇÁ·Ï½Ã ¼³Á¤  >



***** [ »çÀü Áغñ ] *****


squid ¼­¹ö : ÀÎÅͳÝÀÌ µÇ´Â ¿ÜºÎ¸Á NIC (eth0), ÀÎÅͳÝÀÌ µÇÁö ¾Ê´Â ³»ºÎ¸Á NIC (eth1) Áغñ

Ŭ¶óÀ̾ðÆ® : ÀÎÅͳÝÀÌ µÇÁö ¾Ê´Â ³»ºÎ¸Á NIC (eth0) ¸¸ Áغñ


¾Ë¸Â°Ô ³×Æ®¿öÅ© ¼³Á¤À» Àâ¾ÆÁØ´Ù. ¿¹¸¦ µé¸é


- squid ¼­¹ö -


ip link show  (OS°¡ ÀνÄÇÏ°í ÀÖ´Â ³×Æ®¿öÅ© µð¹ÙÀ̽º¸¦ Ç¥½ÃÇØÁÖ´Â ¸í·É¾î)


cd /etc/sysconfig/network-scripts


vi ifcfg-eth0

DEVICE=eth0

TYPE=Ethernet

ONBOOT=yes

BOOTPROTO=none

IPADDR=192.168.100.100

NETMASK=255.255.255.0

GATEWAY=192.168.100.2

DNS1=168.126.63.1


vi ifcfg-eth1

DEVICE=eth1

TYPE=Ethernet

ONBOOT=yes

BOOTPROTO=none

IPADDR=172.16.0.100

NETMASK=255.255.255.0


service network restart


ifconfig


- Ŭ¶óÀ̾ðÆ® -


ip link show


cd /etc/sysconfig/network-scripts


vi ifcfg-eth0

DEVICE=eth0

TYPE=Ethernet

ONBOOT=yes

BOOTPROTO=none

IPADDR=172.16.0.10

NETMASK=255.255.255.0


service network restart


ifconfig


À§¿Í °°Àº ¿¹½Ã·Î ³×Æ®¿öÅ© ¼³Á¤À» ÇØÁá´Ù¸é

squid ¼­¹ö  -  ¿ÜºÎ¸Á(eth0) : 192.168.100.100  /  ³»ºÎ¸Á(eth1) : 172.16.0.100

Ŭ¶óÀ̾ðÆ®  -  ¿ÜºÎ¸Á       : ¾øÀ½             /  ³»ºÎ¸Á(eth0) : 172.16.0.10


¸¸ÀÏ Å¬¶óÀ̾ðÆ®¿¡¼­ ¿ÜºÎ¸ÁÀÌ µÇ´Â NIC °¡ ÀÖ´Ù¸é Å×½ºÆ®¸¦ À§ÇÏ¿© Àӽ÷Π¿ÜºÎ¸Á NIC ¸¦ ³»¸°´Ù.

¿¹) ifconfig eth0 down


ÀÌÁ¦ ¿ÜºÎ·Î ÀÎÅͳÝÀÌ µÇÁö ¾Ê´Â Ŭ¶óÀ̾ðÆ®¿¡¼­ squid ¼­¹ö¸¦ ÅëÇÏ¿© ÀÎÅͳÝÀÌ µÇ°Ô²û ¼³Á¤ Çغ¸°Ú´Ù.




***** [ squid ¼­¹ö ] *****


yum install -y squid


vi /etc/squid/squid.conf

#http_access allow manager localhost  (:34 ÁÖ¼®)

#http_access deny manager              (:35 ÁÖ¼®)

http_access allow all                      (Ãß°¡)

http_port 3128                              (:63 È®ÀÎ)


service squid start


netstat -nlpt | grep 3128


TCP_3128 Æ÷Æ® ¿ÀÇÂ




***** [ Ŭ¶óÀ̾ðÆ® ] *****


vi /etc/bashrc

export http_proxy=[squid¼­¹öIP]:3128

export https_proxy=[squid¼­¹öIP]:3128


source /etc/bashrc


Å×½ºÆ® : curl www.daum.net ¶Ç´Â wget www.daum.net ¶Ç´Â yum install -y °£´ÜÇÑÆÐÅ°Áö


(Âü°í1)

proxy ¼­¹ö¸¦ ÅëÇÏ°Ô ¼³Á¤À» Çصµ ping 8.8.8.8 µî ¿ÜºÎ·Î ÇÎÀº ¾ÈµÊ


(Âü°í2)

¸¸ÀÏ http_access allow all ÀÌ ¾Æ´Ï¶ó ƯÁ¤ ¾ÆÀÌÇÇ ¶Ç´Â ´ë¿ª¿¡ ´ëÇؼ­¸¸ Çã¿ëÀ» ÇÏ°í ½Í´Ù°í ÇÑ´Ù¸é

Çã¿ë ±×·ì ¼³Á¤À» ÇØÁà¾ßÇÔ ¾Æ·¡¿¡¼­´Â Çã¿ëÇÒ ±×·ì¸íÀ» members ÇßÀ½.


vi /etc/squid/squid.conf (´Ù Áö¿ì°í ¾Æ·¡·Î ´ëü)

http_port 3128

acl members src [Ŭ¶óÀ̾ðÆ®IP]/32

http_access allow members

http_access deny all

acl SSL_ports port 443

acl Safe_ports port 80          # http

acl Safe_ports port 21          # ftp

acl Safe_ports port 443         # https

acl Safe_ports port 70          # gopher

acl Safe_ports port 210         # wais

acl Safe_ports port 1025-65535  # unregistered ports

acl Safe_ports port 280         # http-mgmt

acl Safe_ports port 488         # gss-http

acl Safe_ports port 591         # filemaker

acl Safe_ports port 777         # multiling http

acl CONNECT method CONNECT

coredump_dir /var/spool/squid

refresh_pattern ^ftp:           1440    20%     10080

refresh_pattern ^gopher:        1440    0%      1440

refresh_pattern -i (/cgi-bin/|\?) 0     0%      0

refresh_pattern .               0       20%     4320






-----------------------------------------------------

Ãß°¡·Î ¿ìºÐÅõ ¿¡¼­ squid ¼­¹ö ¼³Á¤ ÇÏ´Â ¹æ¹ýµµ Ãß°¡ÇÔ

-----------------------------------------------------






<  Ubuntu 14.04 + squid3 ÇÁ·Ï½Ã ¼³Á¤  >




----- [ squid ¼­¹ö ] -----


(squid ÆÐÅ°Áö ¼³Ä¡½Ã apt-get µµ ¹«¹æÇÏÁö¸¸ aptitude »ç¿ë ±ÇÀ¯)

sudo aptitude install -y squid3


sudo vi /etc/squid3/squid.conf

#http_access allow localhost manager  (:1041 ÁÖ¼® ó¸®)

#http_access deny manager             (:1042 ÁÖ¼® ó¸®)

http_access allow all                    (Ãß°¡)

http_port 3128                             (:1461 È®ÀÎ)


sudo service squid3 restart


netstat -nlpt | grep 3128


TCP_3128 Æ÷Æ® ¿ÀÇÂ