Підняти за пару хвилин простий проксі з парольним доступом, це не просто – це дуже просто.
- Оновлюємо пакети в системі, та встановлюємо Squid:
|
1 |
apt update; apt install squid |
- Додаємо конфіг squid.conf:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 |
http_port 3128 cache deny all hierarchy_stoplist cgi-bin ? access_log none cache_store_log none cache_log /dev/null refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern . 0 20% 4320 auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/passwd auth_param basic children 5 auth_param basic realm proxy-caching web server auth_param basic credentialsttl 2 hours auth_param basic casesensitive off acl auth proxy_auth REQUIRED acl manager proto cache_object acl localhost src 127.0.0.1/32 ::1 acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1 acl news src 1.1.1.1/32 2.2.2.2/32 3.3.3.3/32 acl SSL_ports port 443 acl SSL_ports port 5656 # SolusVM SSL acl Safe_ports port 5353 # SolusVM without SSL acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT http_access allow auth http_access allow manager localhost http_access allow news http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localhost http_access deny all forwarded_for off request_header_access Allow allow all request_header_access Authorization allow all request_header_access WWW-Authenticate allow all request_header_access Proxy-Authorization allow all request_header_access Proxy-Authenticate allow all request_header_access Cache-Control allow all request_header_access Content-Encoding allow all request_header_access Content-Length allow all request_header_access Content-Type allow all request_header_access Date allow all request_header_access Expires allow all request_header_access Host allow all request_header_access If-Modified-Since allow all request_header_access Last-Modified allow all request_header_access Location allow all request_header_access Pragma allow all request_header_access Accept allow all request_header_access Accept-Charset allow all request_header_access Accept-Encoding allow all request_header_access Accept-Language allow all request_header_access Content-Language allow all request_header_access Mime-Version allow all request_header_access Retry-After allow all request_header_access Title allow all request_header_access Connection allow all request_header_access Proxy-Connection allow all request_header_access User-Agent allow all request_header_access Cookie allow all request_header_access All deny all |
- Створюємо юзера для доступу роботи через проксі Squid:
|
1 |
htpasswd -c /etc/squid/passwd username |
- Активуємо автозапуск squid – після старту системи (в разі ребуту):
|
1 2 |
systemctl unmask squid systemctl enable squid |
- Запускаємо проксі, та перевіряємо роботу Squid proxy:
|
1 |
systemctl restart squid |
- Перевіряємо, та насолоджуємось роботою через проксі.
Click to rate this post!
[Total: 1 Average: 5]
