正向代理-分离内外网环境，提高线上环境安全性

架构图：

 

 

目标：

1：回收机房外网资源
2：分离内外网环境，提高线上环境安全性

适用场景（同时满足以下条件）：

1：服务器需要主动访问外部网站
2：非大流量，如访问音频视频等
3：http/https
4：非爬虫类业务等

接入方法：

1：更新白名单，并reload
2：业务方测试通过，并上线

测试方法：

curl 命令行：

命令：curl -x 'xxx:3128' 'http://url'
返回值：{"msg":"ok","code":0,"data":{"ipList":["183.232.x"],"keepalive":900}}

-x指定正向代理域名和端口
后接需访问url

 

代码示例

PHP

<?php

$timeout=30;
$referer_url='';
$cookiefile='';
$headers=array();
$user_agent = 'Mozilla/5.0 (Windows; U; Windows NT 5.2; zh-CN; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13';

$url = 'http://url';

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
if( $referer_url != '' ) {
    curl_setopt($ch, CURLOPT_REFERER, $referer_url);
}
curl_setopt($ch, CURLOPT_USERAGENT, $user_agent);
if (!empty($cookiefile)) {
    curl_setopt($ch, CURLOPT_COOKIEFILE, $cookiefile);
}
if (!empty($headers)) {
    curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
}
#curl_setopt($ch, CURLOPT_HTTPPROXYTUNNEL, TRUE);
curl_setopt($ch, CURLOPT_PROXY, 'xxx');  #正向代理域名
curl_setopt($ch, CURLOPT_PROXYPORT, '3128');              #正向代理端口   
$result = curl_exec($ch);
$errno  = curl_errno($ch);
curl_close($ch);
print_r($result);

 

golang

func main() {
    for _, myUrl := range os.Args[1:] {
        proxyUrl, _ := url.Parse("http://xxx:3128")   //正向代理配置
        myClient := &http.Client{Transport: &http.Transport{Proxy: http.ProxyURL(proxyUrl)}}
        resp, err := myClient.Get(myUrl)
        if err != nil {
            fmt.Fprintf(os.Stderr, "fetch: %v\n", err)
        }
        io.Copy(os.Stdout, resp.Body)
        resp.Body.Close()
    }   
}

 

lua

hc:request {
        uri = url,   --url
        method = "GET",
        timeout = 1000,
        headers = {},
        proxy = "http://xxx:3128"    --正向代理配置
}

 

java

URL url = new URL("https://url");   //url
Proxy proxy = new Proxy(Proxy.Type.DIRECT.HTTP, new InetSocketAddress("xxx", 3128));   //正向代理配置
HttpURLConnection conn = (HttpURLConnection) url.openConnection(proxy);

 

python

import urllib2

proxy = urllib2.ProxyHandler({'http': 'xxx:3128'})   #正向代理配置
opener = urllib2.build_opener(proxy)
urllib2.install_opener(opener)
response = urllib2.urlopen('http://url')   #url