proxylisted

# 代理服务器配置 ## 概述 Squid、Nginx 代理、正向/反向代理配置技能。 ## Squid ���向代理 ### 安装与管理 ```bash # 安装 apt install squid # Debian/Ubuntu yum install squid # CentOS/RHEL # 服务管理 systemctl start squid systemctl enable squid systemctl reload squid # 检查配置 squid -k parse squid -k check ``` ### 基础配置 ```bash # /etc/squid/squid.conf # 端口配置 http_port 3128 # ACL 定义 acl localnet src 10.0.0.0/8 acl localnet src 172.16.0.0/12 acl localnet src 192.168.0.0/16 acl SSL_ports port 443 acl Safe_ports port 80 21 443 70 210 280 488 591 777 1025-65535 # 访问控制 http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localnet http_access deny all # 缓存配置 cache_dir ufs /var/spool/squid 100 16 256 maximum_object_size 100 MB cache_mem 256 MB # 日志 access_log /var/log/squid/access.log squid cache_log /var/log/squid/cache.log ``` ### 认证配置 ```bash # 基础认证 auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/passwd auth_param basic children 5 auth_param basic realm Squid Proxy auth_param basic credentialsttl 2 hours acl authenticated proxy_auth REQUIRED http_access allow authenticated # 创建用户 htpasswd -c /etc/squid/passwd user1 htpasswd /etc/squid/passwd user2 ``` ### 透明代理 ```bash # Squid 配置 http_port 3128 transparent # iptables 重定向 iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128 iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j REDIRECT --to-port 3128 ``` ### 访问控制 ```bash # 时间控制 acl work_hou