Nhanganyaya kune squid: Nhanho-nhanho Setup

Squid logo uye Tux

Squid imwe yefaera rekunyorera iyo inogona kutsigira iptables. Squid is cached web proxy server, inozivikanwa kwazvo uye yemahara, uye iri muchinjika-chikuva. Kunyangwe ichigona kushandiswa kugadzirisa mashandiro eInternet kubatana, inogona zvakare kushandiswa kuchengetedza. Sezvo chirongwa chakatanga muma90s, squid yanga ichisimukira kwazvo uye ikozvino tinozvipa kwauri kuti iwe uzive kuishandisa.

Zvekuisa kwako, unogona kuwana iyo webhusaiti yepamutemo yeprojekti uye sarudza mapakeji emabhinari ehurongwa hwako hwekushandisa kana kugovera. Kana iwe uchida kuiisa kubva kune sosi kodhi package nekunyora, zvakare une sarudzo iyoyo. Iwo anowanikwa tarballs ndeaya tar.gz, tar.bz2, uye tar.xz. Kana iwe usingazive maitiro ekuisa, unogona kuenda kuchinyorwa chatinogadzirisa mune ino blog nezve maitiro ekuisa chero package kubva linux. ziso! Kana iwe uine Debian kana chinobva uye iwe waona kuti yakaiswa ne Sudo "apt-tora kuisa squid", inogona kukupa iwe kukanganisa, nekuti unofanirwa kutsiva "squid" ne "squid3" kuti itange kushanda. ..

Iye zvino tinoenda takananga kune chiito kutsanangura mimwe mienzaniso yekushandisa squid kuchengetedza zvishandiso zvedu. Ndisati ndada kutsanangura kuti squid yakavakirwa paACLs, ndiko kuti, muAccess Control Rondedzero kana rondedzero yekuwana yekuwana, ndokuti, inonyora zvakadzama mvumo yekudzora mune ino netiweki kuyerera nekuisa mafirita akafanana neayo eptables asi padanho rekushandisa.

Kazhinji, mushure mekuisirwa, faira yekumisikidza inosanganisirwa inogona kuwanikwa mu /etc/squid3/squid.conf uye izvi ndizvo zvatinofanirwa kugadzirisa nemupepeti senge nano kana gedit. Mariri tinogona kuburitsa yedu yekusefa mitemo, kunyangwe paine sarudzo cache_dir, cache_mem uye http_port, isu tinoshandisa yekupedzisira kune yedu yekuchengetedza mitemo. Imwezve tsananguro ndeyekuti iyi faira inotsanangudza default default inoshandiswa neiyo squid sevhisi, iyo nekumisikidza iri 3128 (ona mutsetse kana rairo "http_port 3128" uye bvisa iyo # kuimisa). Kana iwe uchida iwe unogona kuchinjira kune chimwe chiteshi chakaita se8080 ... Uye chimwe chinhu chinodiwa kugadzirisa zita remubati, tsvaga chirevo "TAG: Visible_hostname" uye iwe uchaona mutsara "visible_hostname" kwaunofanira kuisa yako hostname.

Kuti uzive zita rako remubato, unogona kutaipa mune inouraya:

hostname

Uye iro zita rinoonekwa iwe unoriwedzera iro kumutsara uyo haufanire kutungamirwa na # kuitira kuti urege kufuratirwa senge chirevo. Ndokunge, zvaitaridzika seizvi:

rinooneka_hostname hostname_which_you_appeared

Kana iwe ukaona iyo yekumisikidza faira, iwe uchaona kuti yakanyanya kutaurwa, kana iwe uchida kudarika mutemo wakagadzirwa, unogona kutanga mutsara ne # uye iwe unoishandura kuita komendi, nayo iyo squid inoisa hanya nayo, kuidzosera mukushandira, unobvisa iyo # uye ndizvozvo. Muchokwadi, kune akawanda akagadzirwa uye akataura mitemo yaunogona kushandisa nekubvisa # mairi. Saka haufanire kudzima uye kunyora zvakare mitemo. Zvakanaka, kuwedzera mutemo kana firita, inofanirwa kunge iine ACL uye rairo inoratidza zvekuita.

Nenzira, kana iwe uchibvisa # kuita mutemo, ita shuwa kuti hausi kusiya nzvimbo pakutanga kwetambo. Semuenzaniso:

Nzira isiriyo:

http_chiteshi 3128

Nzira chaiyo:

http_chiteshi 3128

Hauna kumbonzwa chero chinhu here? Zvakanaka usazvidya moyo, ne Muenzaniso iwe uchaona zvese zviri nani zvakanyanya. Fungidzira izvi:

acl ichivharira url_regex se facebook
http_access kuramba ichivharira

Zvinorehwa nemutemo uyu ndeyekuti acl rine zita rekuti "blocking" rinorambidza kupinda kweiyo URL ine "facebook" (saka kana isu tikayedza kupinda muFacebook inodarika chikanganiso mubrowser). Kana panzvimbo yekuti "kuramba" iwe uchishandisa "bvumidza", iwe waibvumidza kuwana pane kuirambidza. Iwe unogona zvakare kushandisa iyo! Kuti ubvise, semuenzaniso, ngatiti iwe unoda kubvumidza kupinda kune list1 asi kwete list2:

http_access allow lista1 !lista2

Mumwe muenzaniso unogona kunge uri kugadzira faira / etc / squid3 / ips inobvumidzwa uye mairi chengetedza runyorwa rweIPs rwatinoda kubvumidza kuwana. Semuenzaniso, ngatiti izvo zvemukati zvinobvumidzwa ips ndeizvi:

192.168.30.1

190.169.3.250

192.168.1.26

Uye isu tinogadzira iyo acl kubvumidza kuwana maIPs aya:

acl nuevaregla src "/etc/squid3/ipspermitidas"

Muenzaniso wakanakaFungidzira kuti komputa yako inoshandiswa nevana vari pasi pemakore gumi nemasere ekuberekwa uye iwe unoda kudzora kupinda kune mamwe masayiti ezvinyorwa zvevakuru. Chinhu chekutanga kugadzira faira rakanzi / etc / squid18 / list Nezviri mukati:

munhu akura

zvinonyadzisira

pabonde

poringa

Uye ikozvino mukati  squid.conf faira isu tinoisa unotevera mutemo:

acl denegados url_regex "/etc/squid3/lista"

http_access allow !denegados

Sezvauri kuona isu tashandisa tend izvo zviri muchibvumirano kutendera, asi kana iwe ukatarisa isu takawedzera! kuramba, saka, zvingave zvakaenzana nekuisa:

acl denegados url_regex "/etc/squid3/lista"

http_access deny denegados

Rondedzero dzinogona zvakare kugadzirwa, kwete chete emazita edomain kana IPs sezvatakaita, iwe unogona zvakare kuisa madomains uye semuenzaniso kudzora kupinda kumatunhu akadai se .xxx, .gov, nezvimwe. Ngatitarisei pamuenzaniso zvichibva pamutemo wapfuura. Isu tinogadzira faira / etc / squid3 / domains ine:

.edu

.es

.org

Uye ikozvino kutonga kwedu, kuramba mukana weiyo rondedzero yenzvimbo dzakarambidzwa dzatinogadzira, asi tichitendera kupinda kuma URL ane idzi nzvimbo:

acl denegados url_regex "/etc/squid3/lista" 
acl permitidos dstdomain "/etc/squid3/dominios"

http_access allow !denegados dominios

KUWANDA:

Ndine hurombo, pandakaona macomments ndakaziva izvozvo Ndanga ndichishaya chinhu chikuru. Ini ndangoisa mienzaniso yekuti inoshandiswa sei uye ndakanganwa kutaura izvozvo kutanga squid server:

sudo service squid3 start

Isati yamuka ne "/etc/init.d/squid start", asi ikozvino unofanira kushandisa uyu mumwe mutsara wandakakugadzirira. Sezvo iyo faira rekumisikidza isisiri mu /etc/squid/squid.conf, asi mu /etc/squid3/squid.conf. Ok, kana marongero ekusefa akagadzirwa, uye nekutanga, isu tinofanirwa zvakare kugadzirisa browser, semuenzaniso, kana ukashandisa Mozilla Firefox kana zvigadzirwa, unogona kuenda kumenu yekumisikidza (iwe unoziva, iwo matatu mabhawa), uyezve ku Zvaunoda, Zvemberi, uye muNetiweki tebhu, tinya paGadziriso muChikamu chekubatanidza. Ikoko, isu tinosarudza Manual proxy kumisikidza uye toisa IP yedu uye Port squid irikushandisa, mune ino kesi 3128. Sarudza zvakare "Shandisa imwechete proxy kune zvese" uye wobuda mukuchengetedza shanduko.

Ndapota, Usakanganwa kusiya zvaunotaura, kusahadzika kana chero chaunoda ... Kunyangwe iri dzidziso iri pamusoro peSquid, ndinovimba inokubatsira.

 


Izvo zviri muchinyorwa zvinoomerera pamisimboti yedu ye tsika dzekunyora. Kuti utaure chikanganiso tinya pano.

Makomendi gumi, siya zvako

Siya yako yekutaura

Your kero e havazobvumirwi ichibudiswa.

*

*

  1. Inotarisira data: AB Internet Networks 2008 SL
  2. Chinangwa cheiyo data: Kudzora SPAM, manejimendi manejimendi.
  3. Legitimation: Kubvuma kwako
  4. Kutaurirana kwedata
  5. Dhata yekuchengetedza: Dhatabhesi inobatwa neOccentus Networks (EU)
  6. Kodzero: Panguva ipi neipi iwe unogona kudzora, kupora uye kudzima ruzivo rwako

  1.   Nicolas akadaro

    ndatenda!, zvinobatsira.

  2.   Jimmy orano akadaro

    ZVINOTAURA zvakanyatso nyoroveswa kune imwe nyaya yakaoma, ndinoramba ndichiti "mushandisi level: yepakati", iwe unofanirwa kuziva dzimwe pfungwa nezve "network".

    NDINOZVININIPISA funga kuti sarudzo yekumisikidza bhurawuza redu kuti ishandise "proxy" inofanirwa kuwedzerwa, asi sezvo kupinda uku kuri "KUSANGANISWA kuScid" tichava tichiziva rinotevera? kuendesa (pakupedzisira, uye panjodzi yekunditsamwisa, RANGARIRA kusa "proxy" iwo emabhangi mapeji ewebhu uye / kana masangano emari aunoshandisa mumba mako kana kambani).

    1.    Isaac PE akadaro

      Mhoroi, ndatenda nekuda kwemashoko. Ehe, IPTABLES uye squid zvakakora kwazvo kuti vagadzire chinyorwa chinovatsanangurira zvakadzama uye iwe unofanirwa kuzvimisikidza pakuisa mienzaniso yemazuva ese ...

      Asi iwe urikurevesa, ndawedzera izvozvi kugadzirisa proxy, ini ndakanga ndazvironga uye ini ndakanganwa. Mhosva yangu.

      Kwazisai uye ndinokutendai !!

      1.    Jimmy orano akadaro

        Uffff "trunk" ndine urombo nekusaziva chikuru chinhu:
        TANGA BASA :-( pasina izvozvo «hakuna mainini vako» -ndiregererei nehurukuro yekutaura- KUSVIRA KUNOBUDIRIRA! 8-)

        {kuita kuti igadziriswe pabhoti rimwe nerimwe kuri kugadzirisa iyo "/ sbin / init":
        http: // www. ubuntu-es.org/node/ 13012 # .Vsr_SUJVIWw}

        {imwe nzira iri nyore kushandisa "kugadzirisa-rc.d":
        https: // parbaedlo. wordpress.com/201/3/03 / kuisa-kutanga-uye-kumira-kwemasevhisi-linux-kugadzirisa-rc-d /}

        Ini ndawedzera nzvimbo kune zvinongedzo, zvibvise uye uchafamba ;-)

        NDATENDA WAKO ZVIKURU NEKUFUNGA KWAKO.

  3.   Albert kuenderana nemamwe mazita akadaro

    LINUX NEWS: Kurwiswa kweLinux Mint: kuuraya vatambi uye kukanganisa hunhu hwevashandisi

    http://www.muylinux.com/2016/02/21/ataque-a-linux-mint

    1.    azpe akadaro

      Ini ndatoiburitsa, asi usapa spam mamwe mapeji pano ndapota

  4.   Albert kuenderana nemamwe mazita akadaro
  5.   hernan akadaro

    Mhoro Jimmy, unoita sei kuti squid isatsvage iwo iwo mapeji kwauri? Zvingave zvakanaka kana iwe ukataura nezve yakajeka sarudzo, iyo inodzivirira iyo tedium yekumisikidza proxy kukombuta imwe neimwe

    1.    Jimmy orano akadaro

      Mubvunzo wakanaka, ini ndaisa CAPTCHA mune yemahara software pamapeji ewebhu evatengi vangu:
      (http: // www. ks7000. net. ve / 2015/04/03 / un-captcha-nyore-uye-nyore-kushandisa /
      -Humily, HASI "spam" kana kuzvisimudzira, zvinosvika kune nyaya-)
      uye ndinofungidzira kuti kana ndichishandisa squid iyi mifanikiso ASI kudzoreredzwa nekuti ini ndinoisa zita rimwe chete pavari -ea, ndinogona zvakare kuburitsa mazita akasarudzika, ndakanga ndisina kumbofunga nezvazvo, kusvika zvino- uye nekuve nezita rimwe chete, squid inodzosa izvo iyo ine mu "cache."

      Zviripachena basa hombe re "proxy" nderekuchengetedza bandwidth ine mifananidzo - iyo inorema pane peji rewebhu- [i] mukufungidzira kuti mifananidzo iyi yakamira, haichinje nekufamba kwenguva, ichokwadi mune 99% yezviitiko [/ i].

      Asi muCAPTCHA, sezvo "pasina kumhanya", isu tinofanirwa kubvisa kwayakamboita kuchengetedza uye nguva dzose kudzorera mufananidzo mutsva.

      ASI PAMABHANGI, ini ndinonzwisisa chikuru muSpain ndi «Caixa» nekuti isu tichagadzira iyo MUENZANISO mutemo:

      acl caixa dstdomain .lacaixa.es

      kupi:
      acl -> raira kuti ugadzire mutemo (verenga chinyorwa chaVaIsaac, ndima dziri pamusoro).

      caixa -> zita rekutonga.

      dtsdomain -> "mhando" sarudzo kuratidza kuti tinoreva kune duraini, ZVINOKOSHA dot pakutanga ( http://ww w. shanduka. com / squid / squid24s1 / access_controls.php)

      domain (s) -> Ini ndinofungidzira kuti isu tinogona kuwedzera iwo madomeni atinoda, akapatsanurwa nenzvimbo; kutaura kwenzvimbo ndadziisa mune zvakaratidzwa zvewebhu zvinongedzo, bvisa uye uchafamba (mapeji muChirungu).

      Ndinovimba iyo zivo yakaratidzwa pano inobatsira kwauri, nekuda kweLinuxAdictos!

    2.    Jimmy orano akadaro

      ZVAKANAKA, kupindura mubvunzo weTRANSPARENCY muSquid ZVAKAITIKA ndinoomerera kuti iwe unofanirwa kuve neruzivo rwepakati uye nezvikonzero zvine musoro ndiri kuenda kupfupisa sezvinobvira chinyorwa chinotevera (muChirungu) icho chandinofunga chinotaura chaizvo nezvenyaya iyi:

      http: // ww w.deckle.co. uk / squid-vashandisi-gwara /transparent-caching-proxy.html

      Notes:
      -Ndakawedzera nzvimbo kune zvinongedzo kuti ndidzivise "pingback" ndega (ini handina kana chinhu chine chekuita neAddict Linux timu, saka ini handina mvumo yekuita chiito ichi).
      - IYI PAMUSORO PEZVAKAITIKA NDISINGAZIVA! (havana kundidzidzisa, ndinodaro).
      -Kubatsira imi varume Ini ndinozvibatsirawo, izvi zvinotonhorera muhuwandu! ?

      Zvakanaka, nezvakataurwa, ngatitangei kubhizinesi:

      NDINANGOKURUDZA kuna VaIsaac kuti vawedzere pakugadzirisa mabhurawuza edu neye proxy yakaiswa uye ivo nemutsa chaizvo vakaita (wow, murume uyu anowana kupi nguva yekuita zvinhu zvakawanda?).

      Pasi pechirongwa ichi, kushandiswa kwe squid NDOKUSARUDZA: wega mushandisi wenzvimbo yedu yenzvimbo network achange achitarisira kuita basa ravo, asi iwe unogona kubheja «sirivheri zvakaoma kupesana nepesetas» kuti kune imwe «bash script» iyo inogona kuiswa kuburikidza neSSH kumakomputa akasiyana siyana anomhanya GNU / Linux.

      ZVINOKOSHA: kuti server yedu yeSidid iri kushanda sekudzidzisa kwaIsaac mune ino posvo, kana isu takatomboyedza uye nekuisa "basa mutoro" pairi uye inoita mushe, tinogona kuenderera mberi.

      PASI PENYAYA YOKUDZIDZA:

      FIRST.- Yedu squid inofanirwa kunge iri nzira yekusarudzika "gedhi" mune yedu "eth0" kana "wlan0" - unorangarira ruzivo rwepakati? gadzira sevha yebasa rakadai.
      http: // en.wikipe dia.org/wiki/ Dynamic_Host_Configuration_Protocol).

      Tinofanira kuronga kumisikidza, kana zvikatadza, kuendesa zvese traffic kuma modem (edu) zvakananga kana squid - komputa painomhanya- inodarika pabasa rayo -uye shandisa modem (s)) nyora "bhiriji" kuitira kuti vanoenda kunze, izvi zvinoitwa nekugadzira "script" iyo inokonzereswa mune chakataurwa chiitiko uye inogadzirisa yedu DHCP server -iyo inofanira kuiswa pane imwe komputa pane yedu Squid-.

      ONA: komputa yedu ine squid ichagara ichitsamira kune yayo IP kero kubva kuDHCP ASI panguva imwechete ichave iine imwe "control" ine akadaro DHCP server. Kana iwe uchida kushanda neakagadziriswa IP kero, yesimba, unogona, asi kana iwe ukawedzera mamwe makomputa KANA KUTAURA vamwe uchafanirwa kugadzirisa zvakare uye harisi iro zano (verenga uchifara:
      ht tps: // pheno barbital. wordpress.com/2012/07/23/the-12-reasons-by-who-a-administrator-of-systems-lazy-is-a-good-administrator/)
      CHIMWE CHERECHEDZA (ona chechipiri poindi): edu modem (s) uye / kana ma-router zvishandiso anofanirwa kudzima basa reDHCP uye kuti ivo vanotongwa neyedu DCHP server (- iyo ini ndinokuvimbisa iwe kuti imwe yekupinda inobuda mune izvi kutiratidza makomo akati sevhisi-)

      SECOND.- Tinofanira kusefa traffic yakanangana ne server yedu yeSidid, izvi kana tine ma routers akati wandei akapararira anofukidza isina waya netiweki "wifi", ichiri nzvimbo yemuno nharaunda asi yepakati saizi. Chaizvoizvo yakafanana neiyi poindi yekutanga ASI kana tiine zvishandiso zvakasiyana KANA ZVIMWE subnets, tinofanirwa kuzvimisikidza futi, saka chenjera nevaya vedu vanoshanda "vachipwanya simbi" mumakambani makuru.

      THIRD.- Mune yedu GNU / Linux iyo inomisikidza squid isu tinofanirwa kuendesa zvakare madoko uye kugadzirisa iyo «firewall» (verenga yapfuura chinyorwa IPTables
      http://www.linuxadictos.com/introduccion-a-iptables-configura-un-firewall-en-linux.html )

      iptables -t nat -A KUTAURA -p TCP -port 80 -j REDIRECT -to-port 3128

      uye kune IPFW:

      / sbin / ipfw wedzera 3 fwd 127.0.0.1,3128 tcp kubva chero kune chero makumi masere

      Pasina mubvunzo kutaura, hatigone kumhanyisa Apache kana Ngix server pane chiteshi icho 80 -zvakanaka doko remapeji ewebhu- ZVINONYANYA SENSE ZVINONYANYA kusaisa mutoro pakombuta yedu ne squid -inotsamira pane diski nzvimbo ye «cache» -.

      FOURTH.- Tinofanirwa kumisikidza server yedu yeSidid uye tigoiudza kuti iri kushanda mune iyo modhi nekugadzirisa "/etc/squid/squid.conf" ine nano kana mupepeti waunofarira zvakanyanya:

      http_port 3128 pachena

      Isu tinofanirwa zvakare kugonesa kutakura kwepaketi mu "/etc/sysctl.conf":

      net.ipv4.ip_forward = 1
      net.ipv6.conf.all.forwarding = 1

      Iyi yekupedzisira tambo kana isu tine IPv6, zvakanaka kuigadzirisa kamwe chete mune ramangwana.

      Pakupedzisira wotangazve seSidid seyakakurudzirwa naVaIsaac pamusoro uye wotangazve sevhisi sevhisi:

      /etc/init.d/procps.sh kutangazve

      KUMWE KUTENDA KWEZVAKAITIKA (kana zvimwe zvisina maturo pachangu) ndiudze nenzira imwe chete iyi, kushoropodza kwako uye zvataurwa zvinogamuchirwa;
      MR. ISAKA NDIYO MUEREKEDZI uyo achava neshoko rekupedzisira mune iyi "kurwa."

  6.   Jimmy orano akadaro

    Mune ino pfupi vhidhiyo tinogona kuona maitiro ekugadzirisa Mozilla kuti ishandise proxy server, kunze kwekunge ichishandisa muchina chaiwo neReactOS, asi ipfupi uye ndinofunga IZVII ZVIRATIDZO zvaunoda kugadzirisa pano (chinongedzo chakaremara nenzvimbo, bvisa ivo uye utarise):

    ht tps: / / www. Youtube. com / tarisa? v = st47K5t7s-Q

  7.   Mudzidzisi akadaro

    Ndichangotanga kutevera chiteshi chako cheredhiyo, ndave nemazuva maviri .. uye zvakanaka kwazvo zvemukati ..
    Kwaziso kubva kuMexico .. (Ndiri mudzidzisi uye tsanga yangu yejecha kushandisa openource)

  8.   Aryan akadaro

    Ndinoda kuti mundibatsire ndinoda kupa rombo rakanaka kumushandisi kuti aone Facebook uye kuti vamwe vacho vanezvirambidzo zvakagadzirirwa kare uye maitiro ekugonesa vashandisi veInternet pane dzimwe nguva ndinoda kuti mundipe zano, ndatenda

  9.   Belkis akadaro

    Ari, izvo zvavakanditsanangurira nezvazvo ndezvekuti muchina waunoda haurambidzwe, unofanirwa kusiiwa kunze, asi kusvika ipapo ndine tsananguro, iniwo handina ruzivo

  10.   Victor akadaro

    Husiku hwakanaka, ndiregerere, pamwe mubvunzo wangu wakakosha asi hei, ndakaisa squid uye ndakagadzirisa pane centos 5.4, ndakaisa waini uye ultrasurf, izvo zvandiri kuda kuita kugovana internet kubva ku ultrasurf nesikidha, ini ndinoita zvimwe chete pane windows muchina XP neFreeProxy uye ultrasurf uye ini ndinogona kuigovana pasina dambudziko asi ini handizive kuzviita sei muLinux

  11.   Daniel Andrada akadaro

    Ini ndinobvunza iwe, ini ndine gadziriso senge yako, mune yangu kesi ndinodzoreredza chiteshi 80 kusvika 8080 uko squid inomhanya. Dambudziko nderekuti vamwe vashandisi vanosiya izvo zvigadziriso pamakomputa avo, ivo vanorega uye kuwana kuburikidza nechiteshi 80, kunyange zvisiri ese masevhisi. Izvi zvine iptables. Iwe une zano here kuti dambudziko ringave ripi?

  12.   gungwa akadaro

    Inonyanya kubatsira uye inotsanangurwa chaizvo. Ndatenda!

    Ndine mubvunzo, kana ndichida kugadzira acl, ndinozviitepi, ndokuti, mune mutsetse wei faira rekumisikidza? Uye ndinofanira kuisa ipapo mitsara miviri pazasi peiyo http_access rairo sezvaunoratidza mune yako posvo? Kana kupi?

    Thanks zvekare !! Kwaziwai!

bool (chokwadi)