Centos6.5 Squid3.1.10代理服务器(用户认证,加密,高匿)及使用指南
Centos6.5 Squid3.1.10代理服务器(用户认证,加密,高匿)及使用指南
1,安装
Yum -y install squid http-devel
2,用apache的htpasswd 创建用户
htpasswd -c /etc/squid/user.pass test
3,使用openssl加密
Cd /root/
openssl req -new > wdzjsquid.csr
openssl rsa -in privkey.pem -out wdzjsquid.key
openssl x509 -in wdzjsquid.csr -out wdzjsquid.crt -req -signkey wdzjsquid.key -days 3650
4,修改配置文件 Vi /etc/squid/squid.conf
#最前面加入蓝色字体
auth_param basic program /usr/lib64/squid/ncsa_auth /etc/squid/user.pass
auth_param basic children 5
auth_param basic realm Welcome to test
auth_param basic credentialsttl 2 hours
acl lookwest proxy_auth REQUIRED
dns_nameservers 8.8.8.8
http_access allow lookwest
#下面两行就是高匿配置
via off
forwarded_for delete
#http_access deny all #注释这个加入下面一句话
http_access allow all
#http_port 198.11.172.35:3128 #注释这个加入下面一句话
https_port 443 cert=/root/wdzjsquid.crt key=/root/wdzjsquid.key
5,启动
Service squid start
6,linux 客户端安装stunnel
Linux版下载地址:https://www.stunnel.org/downloads/stunnel-5.10.tar.gz
apt-get install libssl-dev ubuntu
Yum -y install libssl-dev centos
Tar zxvf stunnel-5.10.tar.gz
./configure --prefix=/usr/local/stunnel
Make && make install
cd /usr/local/stunnel/etc/stunnel
Vi stunnel.conf
[https]
accept = 127.0.0.1:8088
connect = 198.11.172.35:443
启动
/usr/locsal/stunnel/bin/stunnel /usr/local/stunnel/etc/stunnel/stunnel.conf
修改浏览器代理
http 127.0.0.1 8088
https 127.0.0.1 8088
等等