Bii o ṣe le Ṣeto olupin Aṣoju "Squid" lori Ubuntu ati Debian


Squid jẹ caching ti o gbajumọ julọ ati fifiranṣẹ siwaju olupin aṣoju ayelujara HTTP ti lo ọpọlọpọ awọn ile-iṣẹ mi lati kaṣe awọn oju-iwe wẹẹbu lati ọdọ olupin wẹẹbu kan lati mu ilọsiwaju iyara olupin wẹẹbu pọ si, dinku awọn akoko idahun ati dinku lilo bandiwidi nẹtiwọọki.

Ninu nkan yii, a yoo ṣalaye bi o ṣe le fi sori ẹrọ olupin aṣoju squid lori awọn pinpin Ubuntu ati Debian ati lo bi olupin aṣoju HTTP.

Bii o ṣe le Fi Squid sori Ubuntu

Ṣaaju ki a to bẹrẹ, o yẹ ki o mọ pe olupin Squid ko ni awọn ibeere eyikeyi, ṣugbọn iye lilo iṣamulo Ramu le yato si da lori awọn alabara ti n lọ kiri lori intanẹẹti nipasẹ olupin aṣoju.

Apoti Squid wa lati fi sori ẹrọ lati ibi ipamọ Ubuntu ipilẹ, ṣugbọn ṣaaju pe rii daju lati mu awọn idii rẹ ṣe nipasẹ ṣiṣe.

$ sudo apt update

Ni kete ti awọn idii rẹ ba wa ni imudojuiwọn, o le tẹsiwaju siwaju sii lati fi squid sori ẹrọ ati bẹrẹ ati mu ki o ṣiṣẹ lori ibẹrẹ eto nipa lilo awọn ofin atẹle.

$ sudo apt -y install squid
$ sudo systemctl start squid
$ sudo systemctl enable squid

Ni aaye yii aṣoju aṣoju wẹẹbu Squid rẹ yẹ ki o ṣiṣẹ tẹlẹ ati pe o le rii daju ipo ti iṣẹ naa pẹlu.

$ sudo systemctl status squid
● squid.service - LSB: Squid HTTP Proxy version 3.x
   Loaded: loaded (/etc/init.d/squid; generated)
   Active: active (running) since Tue 2018-12-04 06:42:43 UTC; 14min ago
     Docs: man:systemd-sysv-generator(8)
    Tasks: 4 (limit: 1717)
   CGroup: /system.slice/squid.service
           ├─2761 /usr/sbin/squid -YC -f /etc/squid/squid.conf
           ├─2766 (squid-1) -YC -f /etc/squid/squid.conf
           ├─2768 (logfile-daemon) /var/log/squid/access.log
           └─2772 (pinger)

Dec 04 06:42:43 tecmint systemd[1]: Starting LSB: Squid HTTP Proxy version 3.x...
Dec 04 06:42:43 tecmint squid[2708]:  * Starting Squid HTTP Proxy squid
Dec 04 06:42:43 tecmint squid[2708]:    ...done.
Dec 04 06:42:43 tecmint systemd[1]: Started LSB: Squid HTTP Proxy version 3.x.
Dec 04 06:42:43 tecmint squid[2761]: Squid Parent: will start 1 kids
Dec 04 06:42:43 tecmint squid[2761]: Squid Parent: (squid-1) process 2766 started

Atẹle ni diẹ ninu awọn ipo faili squid pataki ti o yẹ ki o mọ ti:

  • Faili iṣeto iṣeto Squid: /etc/squid/squid.conf
  • Wọle Wiwọle Squid: /var/log/squid/access.log
  • Akọsilẹ Kaṣe Squid: /var/log/squid/cache.log

Faili iṣeto aiyipada ni diẹ ninu awọn itọsọna iṣeto ti o nilo lati tunto lati ni ipa ihuwasi ti Squid naa.

Bayi ṣii faili yii fun ṣiṣatunkọ nipa lilo olootu Vi ati ṣe awọn ayipada bi o ṣe han ni isalẹ.

$ sudo vim /etc/squid/squid.conf

Bayi, o le wa nipa awọn ila wọnyi ki o yi wọn pada bi o ti beere, ninu olootu Vi, o le wa nipa awọn ila wọnyẹn nipa titẹ kọlu 'ESC' ati titẹ bọtini "" / "si kikọ ni pato awọn ila lati wa.

  • http_port : Eyi ni ibudo aiyipada fun olupin aṣoju HTTP, ni aiyipada o jẹ 3128, o le yipada si ibudo miiran ti o fẹ, o tun le ṣafikun\"sihin" taagi si opin ila bii ijuwe http_port 8888 lati ṣe ki aṣoju Squid ṣiṣẹ bi aṣoju aṣoju ti o ba fẹ.
  • http_access sẹ gbogbo : Laini yii kii yoo jẹ ki ẹnikẹni ki o wọle si olupin aṣoju HTTP, iyẹn ni idi ti o nilo lati yi pada si http_access gba gbogbo eniyan laaye lati bẹrẹ lilo olupin aṣoju Squid rẹ.
  • han_hostname : Itọsọna yii ni a lo lati ṣeto orukọ olupin pato si olupin squid. O le fun eyikeyi orukọ ogun si squid.

Lẹhin ṣiṣe awọn ayipada loke, o le tun bẹrẹ olupin aṣoju Squid nipa lilo aṣẹ.

$ sudo systemctl restart squid

Tito leto Squid bi Aṣoju HTTP lori Ubuntu

Ninu abala iṣeto squid yii, a yoo ṣalaye fun ọ bi o ṣe le tunto squid bi aṣoju HTTP ni lilo adiresi IP alabara nikan fun ìfàṣẹsí.

Ti o ba fẹ gba adirẹsi IP kan nikan lati wọle si intanẹẹti nipasẹ olupin aṣoju tuntun rẹ, iwọ yoo nilo lati ṣalaye acl tuntun (atokọ iṣakoso iwọle) ninu faili iṣeto naa.

$ sudo vim /etc/squid/squid.conf

Ofin acl ti o yẹ ki o ṣafikun ni:

acl localnet src XX.XX.XX.XX

Nibo XX.XX.XX.XX ni adiresi IP ti ẹrọ alabara. Acl yii yẹ ki o ṣafikun ni ibẹrẹ ti apakan ACL bi o ṣe han ninu sikirinifoto atẹle.

O jẹ iṣe ti o dara nigbagbogbo lati ṣalaye asọye lẹgbẹẹ ACL eyiti yoo ṣe apejuwe ẹniti o lo adirẹsi IP yii, fun apẹẹrẹ.

acl localnet src 192.168.0.102  # Boss IP address

Iwọ yoo nilo lati tun bẹrẹ iṣẹ Squid lati mu awọn ayipada tuntun wa si ipa.

$ sudo systemctl restart squid

Nipa aiyipada, awọn ibudo omiran nikan ni a gba laaye ninu iṣeto squid, ti o ba fẹ lati ṣafikun diẹ sii ṣalaye wọn ninu faili iṣeto bi o ti han.

acl Safe_ports port XXX

Nibo ni XXX jẹ nọmba ibudo ti o fẹ lati gba laaye. Lẹẹkansi o jẹ adaṣe ti o dara lati ṣalaye asọye lẹgbẹẹ acl ti yoo ṣe apejuwe ohun ti ibudo yoo ṣee lo fun.

Fun awọn ayipada lati ni ipa, iwọ yoo nilo lati tun squid bẹrẹ lẹẹkan si.

$ sudo systemctl restart squid

Lati gba awọn olumulo laaye lati jẹrisi ṣaaju lilo aṣoju, o nilo lati jẹrisi ijẹrisi http ipilẹ ni faili iṣeto, ṣugbọn ṣaaju pe o nilo lati fi sori ẹrọ package apache2-utils ni lilo pipaṣẹ atẹle.

$ sudo apt install apache2-utils

Bayi ṣẹda faili kan ti a pe ni “passwd” ti yoo tọju orukọ olumulo nigbamii fun ìfàṣẹsí naa. Squid nṣiṣẹ pẹlu olumulo\"aṣoju" nitorinaa o yẹ ki faili naa jẹ ti olumulo yẹn.

$ sudo touch /etc/squid/passwd
$ sudo chown proxy: /etc/squid/passwd
$ ls -l /etc/squid/passwd

Bayi a yoo ṣẹda olumulo tuntun ti a pe ni\"tecmint" ati ṣeto ọrọ igbaniwọle rẹ.

$ sudo htpasswd /etc/squid/passwd tecmint

New password: 
Re-type new password: 
Adding password for user tecmint

Bayi lati jẹki ijẹrisi http ipilẹ ṣii faili iṣeto ni.

$ sudo vim /etc/squid/squid.conf

Lẹhin awọn ibudo ACLs ṣafikun awọn ila wọnyi:

auth_param basic program /usr/lib64/squid/basic_ncsa_auth /etc/squid/passwd
auth_param basic children 5
auth_param basic realm Squid Basic Authentication
auth_param basic credentialsttl 2 hours
acl auth_users proxy_auth REQUIRED
http_access allow auth_users

Fipamọ faili naa ki o tun bẹrẹ squid ki awọn ayipada tuntun le ni ipa:

$ sudo systemctl restart squid

Lati dènà iraye si awọn oju opo wẹẹbu ti aifẹ, kọkọ ṣẹda faili kan ti a pe ni "blacklisted_sites.acl" ti yoo tọju awọn aaye dudu dudu ninu rẹ.

$ sudo touch /etc/squid/blacklisted_sites.acl

Bayi ṣafikun awọn oju opo wẹẹbu ti o fẹ lati dènà iraye si, fun apẹẹrẹ.

.badsite1.com
.badsite2.com

Aami ti n tẹsiwaju n ṣalaye squid lati dènà gbogbo awọn itọkasi si awọn aaye naa pẹlu www.badsite1, subsite.badsite1.com ati bẹbẹ lọ

Bayi ṣii faili iṣeto Squid.

$ sudo vim /etc/squid/squid.conf

Ni kete lẹhin awọn ACL ti o wa loke ṣafikun awọn ila meji wọnyi:

acl bad_urls dstdomain "/etc/squid/blacklisted_sites.acl"
http_access deny bad_urls

Bayi fi faili naa pamọ ki o tun bẹrẹ squid:

$ sudo systemctl restart squid

Lati dènà atokọ ti awọn ọrọ-ọrọ, akọkọ ṣẹda faili kan ti a pe ni "blockkeywords.lst" ti yoo tọju awọn koko-ọrọ dudu ni inu rẹ.

$ sudo touch /etc/squid/blockkeywords.lst

Bayi ṣafikun awọn ọrọ-ọrọ ti o fẹ lati dènà iraye si, fun apẹẹrẹ.

facebook
instagram
gmail

Bayi ṣii faili iṣeto Squid ati ṣafikun ofin atẹle.

acl blockkeywordlist url_regex "/etc/squid/blockkeywords.lst"
http_access deny blockkeywordlist

Bayi fi faili naa pamọ ki o tun bẹrẹ squid:

$ sudo systemctl restart squid

Lọgan ti ohun gbogbo ti tunto ni deede, o le tunto aṣawakiri wẹẹbu alabara ti agbegbe rẹ tabi awọn eto nẹtiwọọki ẹrọ ṣiṣe lati lo aṣoju aṣoju HTTP squid tuntun rẹ.

Ṣe atunto Onibara lati Lo Aṣoju Squid

Bayi lati ṣe idanwo pe olupin aṣoju rẹ n ṣiṣẹ tabi rara, o le ṣii Firefox ki o lọ si Ṣatunkọ -> Awọn ayanfẹ -> To ti ni ilọsiwaju -> Nẹtiwọọki -> Eto ki o yan\"Iṣeduro aṣoju afọwọyi" ki o tẹ adirẹsi olupin olupin IP rẹ si Port si ṣee lo fun gbogbo asopọ bi o ṣe tẹle.

Ni kete ti o kun gbogbo awọn alaye aṣoju ti o nilo, iwọ yoo ni anfani lati iyalẹnu Wẹẹbu nipa lilo olupin aṣoju Squid rẹ, o le ṣe ohun kanna ni eyikeyi aṣawakiri miiran tabi eto ti o fẹ.

Lati rii daju pe o n hiho oju opo wẹẹbu nipa lilo olupin aṣoju rẹ, o le ṣabẹwo http://www.ipaddresslocation.org/, ni igun apa ọtun apa oke o gbọdọ wo adiresi IP kanna bi adirẹsi IP olupin rẹ.

Fun awọn eto iṣeto ni afikun diẹ sii, o le ṣayẹwo iwe aṣẹ squid osise. Ti o ba ni ibeere tabi awọn asọye, jọwọ ṣafikun wọn ni abala ọrọ ni isalẹ.