- 论坛徽章:
- 0
|
想通过squid做反向代理访问内部的web服务器
环境: ubuntu 7.04 ,squid2.6 stable5 eth0:218.70.34.236 eth1:202.202.240.155
看了很多文档总是不能反向代理成功,
squid能正常启动
----
2007/07/06 11:40:45| Starting Squid Cache version 2.6.STABLE5 for amd64-debian-linux-gnu...
2007/07/06 11:40:45| Process ID 6411
2007/07/06 11:40:45| With 1024 file descriptors available
2007/07/06 11:40:45| Using epoll for the IO loop
2007/07/06 11:40:45| Performing DNS Tests...
2007/07/06 11:40:45| Successful DNS name lookup tests...
2007/07/06 11:40:45| DNS Socket created at 0.0.0.0, port 32771, FD 5
2007/07/06 11:40:45| Adding nameserver 61.128.128.68 from /etc/resolv.conf
2007/07/06 11:40:45| User-Agent logging is disabled.
2007/07/06 11:40:45| Referer logging is disabled.
2007/07/06 11:40:45| Unlinkd pipe opened on FD 10
2007/07/06 11:40:45| Swap maxSize 4194304 KB, estimated 322638 objects
2007/07/06 11:40:45| Target number of buckets: 16131
2007/07/06 11:40:45| Using 16384 Store buckets
2007/07/06 11:40:45| Max Mem size: 1048576 KB
2007/07/06 11:40:45| Max Swap size: 4194304 KB
2007/07/06 11:40:45| Local cache digest enabled; rebuild/rewrite every 3600/3600 sec
2007/07/06 11:40:45| Rebuilding storage in /home/squid/cache (DIRTY)
2007/07/06 11:40:45| Using Least Load store dir selection
2007/07/06 11:40:45| Set Current Directory to /home/squid/cache
2007/07/06 11:40:45| Loaded Icons.
2007/07/06 11:40:45| Accepting accelerated HTTP connections at 218.70.34.236, port 80, FD 12.
2007/07/06 11:40:45| HTCP Disabled.
2007/07/06 11:40:45| WCCP Disabled.
2007/07/06 11:40:45| Configuring Parent 202.202.240.6/80/0
2007/07/06 11:40:45| Ready to serve requests.
2007/07/06 11:40:45| Done reading /home/squid/cache swaplog (0 entries)
2007/07/06 11:40:45| Finished rebuilding storage from disk.
2007/07/06 11:40:45| 0 Entries scanned
2007/07/06 11:40:45| 0 Invalid entries.
2007/07/06 11:40:45| 0 With invalid flags.
2007/07/06 11:40:45| 0 Objects loaded.
2007/07/06 11:40:45| 0 Objects expired.
2007/07/06 11:40:45| 0 Objects cancelled.
2007/07/06 11:40:45| 0 Duplicate URLs purged.
2007/07/06 11:40:45| 0 Swapfile clashes avoided.
2007/07/06 11:40:45| Took 0.3 seconds ( 0.0 objects/sec).
2007/07/06 11:40:45| Beginning Validation Procedure
2007/07/06 11:40:45| Completed Validation Procedure
2007/07/06 11:40:45| Validated 0 Entries
2007/07/06 11:40:45| store_swap_size = 0k
2007/07/06 11:40:46| storeLateRelease: released 0 objects
----
通过浏览器访问
提示access denied
用squidclient http://www.cquc.edu.cn
提示 client: ERROR: Cannot connect to localhost:3128: Connection refused
access.log
-------------
1183622267.439 0 218.70.34.236 TCP_DENIED/403 1430 GET http://www.cquc.edu.cn/ - NONE/- text/html
1183622267.669 0 218.70.34.236 TCP_DENIED/403 1452 GET http://www.cquc.edu.cn/favicon.ico - NONE/- text/html
1183622300.067 0 218.70.34.236 TCP_DENIED/403 1430 GET http://www.cquc.edu.cn/ - NONE/- text/html
1183622301.099 0 218.70.34.236 TCP_DENIED/403 1430 GET http://www.cquc.edu.cn/ - NONE/- text/html
----------
squid.conf
-------------
# NETWORK OPTIONS
# -----------------------------------------------------------------------------
http_port 218.70.34.236:80 vhost vport
cache_peer 202.202.240.6 parent 80 0 no-query originserver
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
collapsed_forwarding on
# OPTIONS WHICH AFFECT THE CACHE SIZE
# -----------------------------------------------------------------------------
cache_mem 1024 MB
cache_swap_low 90
cache_swap_high 95
maximum_object_size 4096 KB
minimum_object_size 0 KB
maximum_object_size_in_memory 80 KB
ipcache_size 1024
ipcache_low 90
ipcache_high 95
cache_replacement_policy lru
memory_replacement_policy lru
# LOGFILE PATHNAMES AND CACHE DIRECTORIES
# -----------------------------------------------------------------------------
#cache_dir ufs /Data/apps/squid/var/cache 1024 56 256
cache_dir ufs /home/squid/cache 4096 56 256
access_log /home/squid/access.log squid
cache_log /home/squid/cache.log
emulate_httpd_log on
cache_store_log /home/squid/store.log none
# pid_filename /Data/apps/squid/var/logs/squid.pid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
quick_abort_min 0 KB
quick_abort_max 0 KB
# TIMEOUTS
# -----------------------------------------------------------------------------
forward_timeout 20 seconds
connect_timeout 15 seconds
# peer_connect_timeout 30 seconds
read_timeout 3 minutes
request_timeout 1 minutes
persistent_request_timeout 15 seconds
client_lifetime 15 minutes
half_closed_clients off
# ADMINISTRATIVE PARAMETERS
# -----------------------------------------------------------------------------
cache_mgr master@cquc.edu.cn
cache_effective_user squid
cache_effective_group squid
# httpd_suppress_version_string off
visible_hostname proxyServer
logfile_rotate 0
tcp_recv_bufsize 65535 bytes
# DELAY POOL PARAMETERS (all require DELAY_POOLS compilation option)
# -----------------------------------------------------------------------------
coredump_dir /home/squid/cache
client_persistent_connections on
server_persistent_connections on
vary_ignore_expire on
strip_query_terms on
# ACCESS CONTROLS
#---------------------------------------------------
acl OverConnLimit maxconn 20
http_access deny OverConnLimit
acl acceleratedHost dstdomain .cquc.edu.cn
acl acceleratedProtocol protocol HTTP
acl acceleratedPort port 80
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl Srvdm dstdomain .www.cquc.edu.cn
acl SSL_ports port 443 563
acl Safe_ports port 80 81 # http
acl CONNECT method CONNECT
http_access allow acceleratedProtocol acceleratedPort acceleratedHost
http_access allow manager localhost
always_direct allow Srvdm
never_direct allow !Srvdm
http_access deny !Safe_ports
http_access deny CONNECT all
http_access allow Srvdm
http_access deny all
http_reply_access allow all
icp_access deny all
icp_port 0
--------
第一次配置squid,搞得我头都大了,不知道那里有问题,希望各位给看看 |
|
免费注册
发表于 2007-07-06 11:49
发表于 2007-07-09 06:52