반응형
    
    
    
  우분투에서 Squid 및 Webmin을 설치하는 방법
테스트 환경
$ lsb_release -d
Description:	Ubuntu 22.04.2 LTSSquid 설치
sudo apt-get updatesudo apt-get install -y squidvim /etc/squid/squid.conf$ cat /etc/squid/squid.conf | egrep -v '^$|^#'
acl localnet src 0.0.0.1-0.255.255.255	# RFC 1122 "this" network (LAN)
acl localnet src 10.0.0.0/8		# RFC 1918 local private network (LAN)
acl localnet src 100.64.0.0/10		# RFC 6598 shared address space (CGN)
acl localnet src 169.254.0.0/16 	# RFC 3927 link-local (directly plugged) machines
acl localnet src 172.16.0.0/12		# RFC 1918 local private network (LAN)
acl localnet src 192.168.0.0/16		# RFC 1918 local private network (LAN)
acl localnet src fc00::/7       	# RFC 4193 local private network range
acl localnet src fe80::/10      	# RFC 4291 link-local (directly plugged) machines
acl SSL_ports port 443
acl Safe_ports port 80		# http
acl Safe_ports port 21		# ftp
acl Safe_ports port 443		# https
acl Safe_ports port 70		# gopher
acl Safe_ports port 210		# wais
acl Safe_ports port 1025-65535	# unregistered ports
acl Safe_ports port 280		# http-mgmt
acl Safe_ports port 488		# gss-http
acl Safe_ports port 591		# filemaker
acl Safe_ports port 777		# multiling http
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
include /etc/squid/conf.d/*.conf
http_access allow localhost
http_access deny all
http_port 3128
coredump_dir /var/spool/squid
refresh_pattern ^ftp:		1440	20%	10080
refresh_pattern ^gopher:	1440	0%	1440
refresh_pattern -i (/cgi-bin/|\?) 0	0%	0
refresh_pattern \/(Packages|Sources)(|\.bz2|\.gz|\.xz)$ 0 0% 0 refresh-ims
refresh_pattern \/Release(|\.gpg)$ 0 0% 0 refresh-ims
refresh_pattern \/InRelease$ 0 0% 0 refresh-ims
refresh_pattern \/(Translation-.*)(|\.bz2|\.gz|\.xz)$ 0 0% 0 refresh-ims
refresh_pattern .		0	20%	4320squid.conf 설정 파일
vim squid.confhttps://raw.githubusercontent.com/anti1346/linux_configure/main/ubuntu/jammy/squid/squid.conf
systemctl squid startWebmin 설치
Webmin은 Squid를 관리하기 위한 웹 기반 인터페이스입니다. Webmin을 설치하기 위해 아래 명령을 실행합니다.
sudo vim /etc/apt/sources.list편집기에서 sources.list 파일을 열고 다음 줄을 파일의 맨 아래에 추가합니다
deb http://download.webmin.com/download/repository sarge contrib저장하고 에디터를 닫은 후 아래 명령을 실행하여 Webmin의 GPG 키를 추가합니다
wget http://www.webmin.com/jcameron-key.ascsudo apt-key add jcameron-key.asc패키지 목록을 업데이트하고 Webmin을 설치합니다
sudo apt-get updatesudo apt-get install -y webminWebmin 액세스
- 계정 패스워드 정보
- 계정 : root
- 패스워드 : root 패스워드
 
https://your_server_ip:10000

728x90
    
    
    
  
Dashboard

Squid Proxy Server

squid 구성 파일 설정

acl localnet src 0.0.0.1-0.255.255.255 # RFC 1122 "this" network (LAN)
acl localnet src 10.0.0.0/8 # RFC 1918 local private network (LAN)
acl localnet src 100.64.0.0/10 # RFC 6598 shared address space (CGN)
acl localnet src 169.254.0.0/16 # RFC 3927 link-local (directly plugged) machines
acl localnet src 172.16.0.0/12 # RFC 1918 local private network (LAN)
acl localnet src 192.168.0.0/16 # RFC 1918 local private network (LAN)
acl localnet src fc00::/7 # RFC 4193 local private network range
acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines
acl allowed_clients src 192.168.0.14
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl allowed_sites dstdomain .naver.com
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
http_access allow localhost
#http_access allow allowed_clients
#http_access allow allowed_sites
http_access allow allowed_clients allowed_sites
http_access deny all
include /etc/squid/conf.d/*.conf
http_port 3128
cache_dir ufs /var/spool/squid 100 16 256
access_log daemon:/var/log/squid/access.log squid
logfile_rotate 7
coredump_dir /var/spool/squid
refresh_pattern ^ftp:		1440	20%	10080
refresh_pattern ^gopher:	1440	0%	1440
refresh_pattern -i (/cgi-bin/|\?) 0	0%	0
refresh_pattern \/(Packages|Sources)(|\.bz2|\.gz|\.xz)$ 0 0% 0 refresh-ims
refresh_pattern \/Release(|\.gpg)$ 0 0% 0 refresh-ims
refresh_pattern \/InRelease$ 0 0% 0 refresh-ims
refresh_pattern \/(Translation-.*)(|\.bz2|\.gz|\.xz)$ 0 0% 0 refresh-ims
refresh_pattern .		0	20%	4320
cache_effective_user proxy
cache_effective_group proxy
squid 구성 파일 검사
- /etc/squid/squid.conf
sudo squid -k parse
참고URL
- 리눅스에 프록시를 지정하는 방법 : https://scbyun.com/1648
acl localnet src 100.64.0.0/10 # RFC 6598 공유 주소 공간(CGN)
728x90
    
    
  반응형
    
    
    
  '리눅스' 카테고리의 다른 글
| 우분투에 MySQL 5.7을 바이너리 파일로 설치하는 방법 (0) | 2023.05.20 | 
|---|---|
| 우분투에서 Chrony를 설치하고 설정하는 방법 (0) | 2023.05.15 | 
| Squid를 Docker 컨테이너로 실행하는 방법 (0) | 2023.05.12 | 
| 리눅스에서 프록시를 지정하는 방법 (0) | 2023.05.12 | 
| docker proxy 설정하는 방법(환경 변수 구성) (0) | 2023.05.11 | 
 
                  
                 
                  
                 
                  
                