- 论坛徽章:
- 0
|
可以实现squid代理,但是不能够透明,也就是说上网客户端一定要设置代理服务器:192.168.11.2,端口:3128.去掉之后便不能代理,不知道问题出在什么地方.敬请点拨
Eth0: 172.18.15.252 对外网卡
Eth1:192.168.11.2 对内网卡
iptables 部分写在rc.local中:
Modprobe ip_tables
Modprobe iptable_nat
Modprobe ip_nat_ftp
Modprobe ip_conntrack
Modprobe ip_conntrack_ftp
Modprobe iptables_filter
Echo “1” >;/proc/sys/net/ipv4/ip_forward
/sbin/iptables –F –t nat
Iptables –t nat –A prerouting –i eth1 –p tcp –s 192.168.11.0/24 –deport 80 –j REDIRECT –to-port 3128
Iptables –t nat –A postrouting –s 192.168.11.2/24 –o eth0 –j SNAT –to 172.18.15.252
squid.conf内容:
http_port 3128
httpd_accel_port 80
httpd_accel_post virtural
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
cache_mem 90 MB
cache_dir ufs /var/spool/squid 2048 16 256
cache_access_log /var/log/squid/access.log
cache_log /var/squid/cache.log
cahe_store_log /var/squid/store.log
acl all src 0.0.0.0/0.0.0.0
http_access allow all
cache_swap_low 95
cache_swap_high 98
maximum_object_size 4096 KB
cache_effective_user squid
cache_effecitve_group squid
cache_mgr woxe@sohu.com
dns_nameservers 172.18.1.5 |
|
免费注册
发表于 2005-04-26 17:32
发表于 2005-04-26 17:40