1、安装quid和squid-helpers
]# vi /etc/yum.repos.d/squid.repo
[squid]
name=Squid repo for CentOS Linux - $basearch
#IL mirror
baseurl=http://www1.ngtech.co.il/repo/centos/$releasever/$basearch/
failovermethod=priority
enabled=1
gpgcheck=0
]# yum install squid squid-helpers
2、配置squid
#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR
CLIENTS
# =======================
# 禁止缓存任何内容,纯代理
cache deny all
# 禁用access_log
access_log none
# 禁用cache_store log
cache_store_log none
# 禁用cache log
cache_log /dev/null
# 使用basic_nsca_auth认证
auth_param basic program /usr/lib64/squid/basic_ncsa_auth
/etc/squid/passwd
auth_param basic children 5
auth_param basic credentialsttl 2 hours
auth_param basic realm Do you have rights to access?
auth_param basic casesensitive off
acl ncsa_users proxy_auth REQUIRED
http_access allow localnet
http_access allow localhost
http_access allow ncsa_users
以上配置部分要在http_access deny all语句之前。
这里使用了nsca认证,密码长度不能超过8位。
如果需要更复杂的认证,可以使用HTTP Digest方法,见参考文档10。
# 这部分可以放在配置文件末尾,避免被网站检测到你在使用proxy
# =======================
via off
forwarded_for off
request_header_access Allow allow all
request_header_access Authorization allow
all
request_header_access WWW-Authenticate allow
all
request_header_access Proxy-Authorization allow
all
request_header_access Proxy-Authenticate allow
all
request_header_access Cache-Control allow
all
request_header_access Content-Encoding allow
all
request_header_access Content-Length allow
all
request_header_access Content-Type allow
all
request_header_access Date allow all
request_header_access Expires allow
all
request_header_access Host allow all
request_header_access If-Modified-Since allow
all
request_header_access Last-Modified allow
all
request_header_access Location allow
all
request_header_access Pragma allow all
request_header_access Accept allow all
request_header_access Accept-Charset allow
all
request_header_access Accept-Encoding allow
all
request_header_access Accept-Language allow
all
request_header_access Content-Language allow
all
request_header_access Mime-Version allow
all
request_header_access Retry-After allow
all
request_header_access Title allow all
request_header_access Connection allow
all
request_header_access Proxy-Connection allow
all
request_header_access User-Agent allow
all
request_header_access Cookie allow all
request_header_access All deny all
# =======================
参考文档:
1.https://www.digitalocean.com/community/tutorials/how-to-install-squid-proxy-on-centos-6
2.http://wiki.squid-cache.org/SquidFaq/BinaryPackages
3.http://wiki.squid-cache.org/SquidFaq/SquidLogs
4.http://wiki.squid-cache.org/Features/Authentication
5.http://idroot.net/tutorials/install-configure-squid-3-centos/
6.http://www.cyberciti.biz/tips/linux-unix-squid-proxy-server-authentication.html
7.http://serverfault.com/questions/358754/how-to-make-squid-work-like-proxy-only-without-caching-anything
8.http://blog.faq-book.com/?p=5334
9.http://www.squid-cache.org/mail-archive/squid-users/200603/0418.html
10.https://blog.mafr.de/2013/06/16/setting-up-a-web-proxy-with-squid/
11.http://www.techrepublic.com/article/run-configure/
