昨天配了台简单的linux机器,利用iptables实现双网卡内网访问外网,今天简单的研究了下squid,在网上找了许多资料,实现了squid透明代理
squid.conf多用默认配置,还有很多配置需要学习
[root@localhost ~]# more /usr/local/bin/firewall.sh
#
modprobe ip_tables
modprobe iptable_filter
modprobe iptable_nat
modprobe ip_conntrack
modprobe ip_conntrack_ftp
modprobe ip_nat_ftp
#
echo 1 > /proc/sys/net/ipv4/ip_forward
#
iptables -t nat -A POSTROUTING -s 192.168.168.0/24 -o eth1 -j SNAT --to 外部ip
iptables -t nat -A PREROUTING -i eth0 -p tcp -s 192.168.168.0/24 --dport 80 -j REDIRECT --to-port 3128
[root@localhost ~]# more /etc/squid/squid.conf
acl our_networks src 192.168.168.0/24
http_access allow our_networks
http_port 3128 transparent
cache_mem 128 MB
cache_dir ufs /var/spool/squid 1000 64 1024
cache_swap_low 90
cache_swap_high 95
access_log /var/log/squid/access.log squid
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
mime_table /etc/squid/mime.conf
pid_filename /var/run/squid.pid
cache_effective_user squid
cache_effective_group squid
icp_port 3130
