1.1 演示環境
cat /etc/redhat-release
CentOS Linux release 7.4.1708 (Core)
# server端ip及需求
安裝squid;可以上外網;{內網+外網ip}
# client 端ip及需求
內網ip和server端內網ip在同一網端
1.2 安裝squid
yum install squid -y
1.3 正向代理配置{server}
# 確認版本
rpm -qa |grep squid
squid-migration-script-3.5.20-12.el7.x86_64
squid-3.5.20-12.el7.x86_64
# 確認ip_forward轉發開啟
echo 1 > /proc/sys/net/ipv4/ip_forward
ip_forward需要設定為1
sysctl -a |grep -w ip_forward
net.ipv4.ip_forward = 1
# 修改配置文件
修改前
grep -n 'http_access deny all' /etc/squid/squid.conf
56:http_access deny all
修改后
grep -n http /etc/squid/squid.conf |grep -w all
56:http_access allow all
# 啟動
systemctl start squid
# 添加防火牆規則
firewall-cmd --zone=public --add-port=3128/tcp --permanent
firewall-cmd --reload
1.4 客戶端配置
1.4.1 https測試
export https_proxy=http://服務端內網ip:3128
curl -I https://www.baidu.com
#返回結果
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Tue, 24 Oct 2017 14:59:44 GMT
Content-Type: text/html
Content-Length: 277
Connection: keep-alive
Last-Modified: Mon, 13 Jun 2016 02:50:26 GMT
ETag: "575e1f72-115"
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Accept-Ranges: bytes
1.4.2 http測試
export http_proxy=http://服務端內網ip:3128
curl -I http://www.baidu.com
#返回結果
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Tue, 24 Oct 2017 14:59:44 GMT
Content-Type: text/html
Content-Length: 277
Connection: keep-alive
Last-Modified: Mon, 13 Jun 2016 02:50:26 GMT
ETag: "575e1f72-115"
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Accept-Ranges: bytes
1.4.3 全局配置
# cp /etc/skel/.bash_profile /etc/skel/.bash_profile.bk
# vim /etc/skel/.bash_profile
export http_proxy=http://服務端內網ip:3128
export https_proxy=http://服務端內網ip:3128
# source /etc/skel/.bash_profile
# env |grep http
http_proxy=http://服務端內網ip:3128
https_proxy=http://服務端內網ip:3128