Squid搭建http代理服务器
一键脚本
支持Centos和Ubuntu
#!/bin/bash
# squid安装脚本
# 代理服务器账户
proxy_user='myproxy'
proxy_passwd='N2PYOnRDk5gKInqQ'
proxy_port=3100
init_sys(){
echo 'init system !'
if [ "${PM}" == 'yum' ]; then
# 关闭SELinux
setenforce 0
sed -i "s/^SELINUX=enforcing/SELINUX=disabled/g" /etc/sysconfig/selinux
sed -i "s/^SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
sed -i "s/^SELINUX=permissive/SELINUX=disabled/g" /etc/sysconfig/selinux
sed -i "s/^SELINUX=permissive/SELINUX=disabled/g" /etc/selinux/config
# 开启包转发
echo 1 > /proc/sys/net/ipv4/ip_forward
echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf
fi
if [ "${PM}" == 'apt' ]; then
# 开启包转发
echo 1 > /proc/sys/net/ipv4/ip_forward
echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf
fi
}
yum_squid(){
echo 'start install squid !'
yum install squid httpd-tools -y
# 修改配置
echo 'auth_param basic program /usr/lib64/squid/basic_ncsa_auth /etc/squid/passwords' >> /etc/squid/squid.conf
echo 'auth_param basic realm proxy' >> /etc/squid/squid.conf
echo 'acl authenticated proxy_auth REQUIRED' >> /etc/squid/squid.conf
echo 'http_access allow authenticated' >> /etc/squid/squid.conf # 允许所有认证通过的客户端
sed -i "s/http_port 3128/http_port ${proxy_port}/g" /etc/squid/squid.conf
sed -i "s/http_access deny all/#http_access deny all/g" /etc/squid/squid.conf
# 高匿设置
echo 'request_header_access Via deny all' >> /etc/squid/squid.conf
echo 'request_header_access X-Forwarded-For deny all' >> /etc/squid/squid.conf
# 生成密钥
htpasswd -bc /etc/squid/passwords ${proxy_user} ${proxy_passwd}
chmod o+r /etc/squid/passwords
systemctl enable squid
systemctl restart squid
}
apt_squid(){
echo 'start install squid !'
apt-get update -y && apt-get install squid apache2-utils -y
# 修改配置
echo 'auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/passwords' >> /etc/squid/squid.conf
echo 'auth_param basic realm proxy' >> /etc/squid/squid.conf
echo 'acl authenticated proxy_auth REQUIRED' >> /etc/squid/squid.conf
echo 'http_access allow authenticated' >> /etc/squid/squid.conf # 允许所有认证通过的客户端
sed -i "s/http_port 3128/http_port ${proxy_port}/g" /etc/squid/squid.conf
sed -i "s/http_access deny all/#http_access deny all/g" /etc/squid/squid.conf
# 高匿设置
echo 'request_header_access Via deny all' >> /etc/squid/squid.conf
echo 'request_header_access X-Forwarded-For deny all' >> /etc/squid/squid.conf
# 生成密钥
htpasswd -bc /etc/squid/passwords ${proxy_user} ${proxy_passwd}
chmod o+r /etc/squid/passwords
service squid enable
service squid restart
}
# 系统判断
if [ -e "/usr/bin/yum" ]; then
PM=yum
init_sys
yum_squid
fi
if [ -e "/usr/bin/apt-get" ]; then
PM=apt
init_sys
apt_squid
fi
参考:https://github.com/osof/awesome-proxy/blob/master/script-sh/squid.sh
Centos 7 搭建
这里使用了centos7自带的squid代理软件
yum install squid httpd-tools -y
# 用户名密码认证
htpasswd -bc /etc/squid/passwords [用户名] [密码]
chmod o+r /etc/squid/passwords
# ----------------------------------------------------------
vim /etc/squid/squid.conf
#配置用户名密码,后面会生成passwords文件
auth_param basic program /usr/lib64/squid/basic_ncsa_auth /etc/squid/passwords
auth_param basic realm proxy
acl authenticated proxy_auth REQUIRED #添加IP白名单(通过认证的都接受)
http_access allow authenticated
# http_access deny all # 这一句注释掉
# 高匿设置 https://www.cnblogs.com/vijayfly/p/5800038.html
request_header_access Via deny all
request_header_access X-Forwarded-For deny all
#这里是端口号,可以按需修改,同时监听ipv6和ipv4的端口
http_port 0.0.0.0:3128
# ----------------------------------------------------------
检查squid配置是否正确(如果有错误,会显示错误内容,按相应的改就行。)
squid -z parse
# 修改最大文件打开数
ulimit -n # 查看当前值
1024
ulimit -n 20480 # 快速生效,重启会还原
echo "ulimit -n 20480" >> /etc/rc.local # 写入配置文件
开启squid服务
systemctl start squid
systemctl status squid
systemctl stop firewalld 或者放行端口
squid的日志文件:/var/log/squid/access.log
参考资料:
https://blog.csdn.net/qingfengxulai/article/details/80853870
https://blog.csdn.net/a519395243/article/details/82463637
https://blog.csdn.net/Qwertyuiop2016/article/details/90183014
Squid用于CDN加速网站
没有深入研究,参考以下网站:
**注意:**目前有两种版本,squid2.7以下的是c语言写的,目前大厂用的还是这个版本;yum源最新的是squid3.5,从2.7以上是c++重构的,稳定性有待验证。
squid代理与缓存实践(一):https://www.cnblogs.com/chensiqiqi/p/9162967.html
Squid缓存服务器(缓存机制、代理模式、ACL访问控制、squid用户认证功能等):https://blog.51cto.com/13721050/2177880
利用 squid 反向代理提高网站性能:https://www.ibm.com/developerworks/cn/linux/l-cn-squid/index.html
配置squid代理服务器加快网站访问速度:https://www.linuxidc.com/Linux/2017-05/143460.htm
squid搭建CDN加速网络缓存服务器:https://blog.csdn.net/weixin_43314056/article/details/84781489
squid缓存php动态文件:http://blog.haohtml.com/archives/10591
Squid中文权威指南(各种参数配置):http://www.netpc.com.cn/doc/squid/chap07.html
检测代理
#!/usr/bin/env python3
# -*-coding:utf-8-*-
# @Autuor : LeoLan mail:842632422@qq.com
# @Version: Python 3
#
import os
from urllib import request
# 代理服务器账户
proxy_host = '114.115.166.201'
proxy_user = 'myproxy'
proxy_passwd = 'N2PYOnRDk5gKInqQ'
proxy_port = 3100
def test_porxy():
# 访问网址
url = 'http://members.3322.org/dyndns/getip'
# 这是代理IP
proxy = {'http': f'http://{proxy_user}:{proxy_passwd}@{proxy_host}:{proxy_port}'}
# 创建ProxyHandler
proxy_support = request.ProxyHandler(proxy)
# 创建Opener
opener = request.build_opener(proxy_support)
# 添加User Angent
opener.addheaders = [('User-Agent',
'Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36')]
# 安装OPener
request.install_opener(opener)
# 使用自己安装好的Opener
response = request.urlopen(url, timeout=5)
# 读取相应信息并解码
html = response.read().decode("utf-8")
# 打印信息
print("代理IP为:", html)
# 打印本机IP
print('本机外网IP为:', os.popen('curl http://members.3322.org/dyndns/getip').read())
if __name__ == '__main__':
test_porxy()
4G代理
Docker竟然还能这么玩?商业级4G代理搭建实战!:https://mp.weixin.qq.com/s/YHLko6nw3AcPEaU_H15esQ
评论区