{"id":1873,"date":"2012-12-25T22:57:41","date_gmt":"2012-12-25T14:57:41","guid":{"rendered":"http:\/\/www.zuola.com\/weblog\/?p=1873"},"modified":"2012-12-25T23:08:05","modified_gmt":"2012-12-25T15:08:05","slug":"%e5%9c%a8ec2%e4%b8%8a%e9%85%8d%e7%bd%aesquid-http%e4%bb%a3%e7%90%86%e6%9c%8d%e5%8a%a1%e5%99%a8%e7%ac%94%e8%ae%b0","status":"publish","type":"post","link":"https:\/\/www.zuola.com\/weblog\/2012\/12\/1873.htm","title":{"rendered":"\u5728ec2\u4e0a\u914d\u7f6esquid http\u4ee3\u7406\u670d\u52a1\u5668\u7b14\u8bb0"},"content":{"rendered":"<p>\u6211\u77e5\u9053VPN\u5728\u4e2d\u56fd\u53d7\u5230\u5f88\u5927\u7684\u5e72\u6270\uff0c\u6211\u5c31\u6ca1\u5728ec2\u4e0a\u5b89\u88c5VPN server\u4e86\uff0c\u6211\u60f3\u5230\u4e86\u65e9\u5e74\u4ee3\u7406\u4e0a\u7f51\u7684\u65b9\u5f0f\uff0cHTTP \u4ee3\u7406\uff0c\u6307\u5b9a\u7aef\u53e3\u53f7\u5c31\u80fd\u4e0a\u7f51\uff0c\u4e8e\u662f\u627e\u5230\u4e86squid\u8fd9\u6b3e\u6210\u719f\u7684\u4ee3\u7406\u670d\u52a1\u5668\uff0csquid\u5f88\u5f3a\u5927\uff0c\u901a\u5e38\u662f\u4f5c\u4e3a\u96c6\u7fa4\u670d\u52a1\u5668\u7684\u524d\u7aef\u7f13\u5b58\u5728\u7528\u7684\uff0c\u6211\u7684\u9700\u6c42\u5374\u5f88\u7b80\u5355\uff1aHTTP\u4ee3\u7406\u4e0a\u7f51\u6d4f\u89c8\u5176\u4ed6\u7f51\u7ad9\u3002<br \/>\n\u767b\u5f55ec2<\/p>\n<pre>zuola$ sudo ssh -v -i ~\/.ssh\/zola.pem bitnami@204.236.236.251<\/pre>\n<p>\u5f00\u59cb\u5b89\u88c5<\/p>\n<pre>bitnami@ip-10-196-185-56:~$ sudo apt-get install squid\r\nReading package lists... Done\r\nBuilding dependency tree       \r\nReading state information... Done\r\nThe following packages were automatically installed and are no longer required:\r\n  python-twisted-web gir1.2-gudev-1.0 python-twisted-names\r\nUse 'apt-get autoremove' to remove them.\r\nThe following extra packages will be installed:\r\n  squid-langpack squid3 squid3-common ssl-cert\r\nSuggested packages:\r\n  squidclient squid-cgi smbclient openssl-blacklist\r\nThe following NEW packages will be installed:\r\n  squid squid-langpack squid3 squid3-common ssl-cert\r\n0 upgraded, 5 newly installed, 0 to remove and 2 not upgraded.\r\nNeed to get 1,988 kB of archives.\r\nAfter this operation, 6,808 kB of additional disk space will be used.\r\nDo you want to continue [Y\/n]? y\r\nGet:1 http:\/\/us-east-1.ec2.archive.ubuntu.com\/ubuntu\/ precise\/main squid-langpack all 20111114-1 [307 kB]\r\nGet:2 http:\/\/us-east-1.ec2.archive.ubuntu.com\/ubuntu\/ precise-updates\/main squid3-common all 3.1.19-1ubuntu3.12.04.1 [122 kB]\r\nGet:3 http:\/\/us-east-1.ec2.archive.ubuntu.com\/ubuntu\/ precise-updates\/main ssl-cert all 1.0.28ubuntu0.1 [12.3 kB]\r\nGet:4 http:\/\/us-east-1.ec2.archive.ubuntu.com\/ubuntu\/ precise-updates\/main squid3 amd64 3.1.19-1ubuntu3.12.04.1 [1,540 kB]\r\nGet:5 http:\/\/us-east-1.ec2.archive.ubuntu.com\/ubuntu\/ precise-updates\/universe squid amd64 3.1.19-1ubuntu3.12.04.1 [6,246 B]\r\nFetched 1,988 kB in 0s (4,124 kB\/s)\r\nPreconfiguring packages ...\r\nSelecting previously unselected package squid-langpack.\r\n(Reading database ... 35919 files and directories currently installed.)\r\nUnpacking squid-langpack (from ...\/squid-langpack_20111114-1_all.deb) ...\r\nSelecting previously unselected package squid3-common.\r\nUnpacking squid3-common (from ...\/squid3-common_3.1.19-1ubuntu3.12.04.1_all.deb) ...\r\nSelecting previously unselected package ssl-cert.\r\nUnpacking ssl-cert (from ...\/ssl-cert_1.0.28ubuntu0.1_all.deb) ...\r\nSelecting previously unselected package squid3.\r\nUnpacking squid3 (from ...\/squid3_3.1.19-1ubuntu3.12.04.1_amd64.deb) ...\r\nSelecting previously unselected package squid.\r\nUnpacking squid (from ...\/squid_3.1.19-1ubuntu3.12.04.1_amd64.deb) ...\r\nProcessing triggers for man-db ...\r\nProcessing triggers for ufw ...\r\nProcessing triggers for ureadahead ...\r\nSetting up squid-langpack (20111114-1) ...\r\nSetting up squid3-common (3.1.19-1ubuntu3.12.04.1) ...\r\nSetting up ssl-cert (1.0.28ubuntu0.1) ...\r\nSetting up squid3 (3.1.19-1ubuntu3.12.04.1) ...\r\nCreating Squid HTTP proxy 3.x spool directory structure\r\n2012\/12\/24 12:46:44| Creating Swap Directories\r\nsquid3 start\/running, process 10571\r\nSetting up squid (3.1.19-1ubuntu3.12.04.1) ...<\/pre>\n<p>\u5148\u6dfb\u52a0suqid\u7684\u7528\u6237\u540d\u548c\u5bc6\u7801\uff0c\u4e0d\u8bbe\u7f6e\u5bc6\u7801\u4e5f\u8bb8\u4f1a\u5bfc\u81f4\u4ee3\u7406\u670d\u52a1\u5668\u88ab\u6ee5\u7528\uff0c\u6211\u5199\u6559\u7a0b\uff08\u5176\u5b9e\u662f\u5b66\u4e60\u7b14\u8bb0\u5566\uff09\u4e86\u80af\u5b9a\u5c31\u4f1a\u6709\u5f88\u591a\u4eba\u6765\u4f53\u9a8c\u554a\uff0c\u4e5f\u8bb8\u4f1a\u6709\u4eba\u626b\u63cf\u5230\u8fd9\u4e2a\u53ef\u7528\u7684\u514d\u8d39\u4ee3\u7406\u4f46\u4ed6\u4e0d\u4e00\u5b9a\u4f1a\u626b\u63cf\u5230\u8fd9\u7bc7\u6587\u7ae0\u3002\u7528\u6237\u540d\u662fzola,\u5bc6\u7801\u662f ilovezola \u968f\u4fbf\u8bbe\u7f6e\u4e2a\u5bc6\u7801\u5c31\u597d\u3002<\/p>\n<p><!--more--><\/p>\n<pre>bitnami@ip-10-196-185-56:\/etc\/squid3$ sudo htpasswd -c \/etc\/squid3\/squid.password zola\r\nNew password: \r\nRe-type new password: \r\nAdding password for user zola<\/pre>\n<p>\u63a5\u4e0b\u6765\u4fee\u6539squid\u7684\u914d\u7f6e\u6587\u4ef6\uff0c<\/p>\n<pre>bitnami@ip-10-196-185-56:~$ sudo vi \/etc\/squid3\/squid.conf<\/pre>\n<p>\u6211\u4f1a\u628a\u5c3d\u91cf\u6bcf\u884c\u4ee3\u7801\u7684\u4f5c\u7528\u89e3\u91ca\u6e05\u695a\uff0c\u6211\u4e5f\u662f\u901a\u8fc7\u9605\u8bfb <a href=\"http:\/\/home.arcor.de\/pangj\/squid\/index.html\">\u00a0Squid\u6743\u5a01\u6307\u5357<\/a>\u00a0\u548c \u00a0<a href=\"http:\/\/www.aikaiyuan.com\/1895.html\">squid\u7f13\u5b58\u670d\u52a1\u5668\u914d\u7f6e-\u4e4bconf\u914d\u7f6e\u6587\u4ef6\u7684\u8be6\u7ec6\u4ecb\u7ecd<\/a>\u6765\u7406\u89e3\u4ee3\u7801\u7684\uff0c\u5e76\u4e14\u6309\u81ea\u5df1\u7684\u9700\u6c42\u8bbe\u7f6e\u4e86squid\u4ee3\u7406\u670d\u52a1\u5668<\/p>\n<pre>\uff03\u9ed8\u8ba4\u7aef\u53e3\u53f7\uff0c\u6211\u4e5f\u6ca1\u6539\uff0c\u52a0\u4e0atransparent\u5c31\u662f\u900f\u660e\u4ee3\u7406\u4e86\uff0c\u6211\u9700\u8981\u7528\u4e8e\u7ed9\u6d4f\u89c8\u5668\u8bbe\u7f6e\u4ee3\u7406\uff0c\u6240\u4ee5\u8981\u900f\u660e\u4ee3\u7406\u6a21\u5f0f\r\nhttp_port 3128 transparent\r\n#\u4e0b\u9762\u662f\u6307\u5b9a\u5bc6\u7801\u6587\u4ef6\r\nauth_param basic program \/usr\/lib\/squid3\/ncsa_auth \/etc\/squid3\/squid.password\r\nauth_param basic children 5\r\n#\u4e0b\u9762\u662fHTTP\u9a8c\u8bc1\u65f6\u7684\u63d0\u793a\uff0c\u6211\u628a\u7528\u6237\u540d\u548c\u5bc6\u7801\u63d0\u793a\u51fa\u6765\u5566\r\nauth_param basic realm Zola's Squid proxy server.username:zola pasword:ilovezola\r\n#\u4e0b\u9762\u662f\u8bbe\u7f6e\u9a8c\u8bc1\u65f6\u6548\uff0c\u4e00\u5c0f\u65f6\u540e\u53c8\u5f97\u8f93\u5165\u4e00\u6b21\u5bc6\u7801\uff0c\u6211\u6545\u610f\u8bbe\u7f6e\u7684\uff0c\u5176\u5b9e\u53ef\u4ee5\u8bbe\u7f6e\u66f4\u957f\r\nauth_param basic credentialsttl 1 hours\r\n#\u5bc6\u7801\u5927\u5c0f\u5199\u662f\u5426\u654f\u611f\r\nauth_param basic casesensitive off\r\n#acl\u662f\u8bbf\u95ee\u63a7\u5236\u5217\u8868\uff0c\u4e0b\u9762\u662f\u4e00\u4e2a\u53ebpassword\u7684\u4ee3\u7406\u8ba4\u8bc1\u8bbe\u7f6e\u4e3a\u5fc5\u987b\u7684\uff0cacl \u662f\u914d\u5408http_access\u4f7f\u7528\u7684\uff0c\u6240\u4ee5\u540e\u9762\u4f1a\u6709http_access allow password\u76f8\u547c\u5e94\r\nacl password proxy_auth REQUIRED\r\n#\u4e0b\u9762\u662f\u4e00\u4e2a\u540d\u5b57\u4e3aall\u7684\u8bbf\u95ee\u63a7\u5236\u5217\u8868\uff0c\u53ef\u4ee5\u4e3aIP\u6bb5\uff0c\u4e5f\u53ef\u5199\u6210all\uff0c\u8fd9\u4e2aall\u8ddf0.0.0.0\/0\u662f\u4e00\u6837\u7684\u6548\u679c\r\nacl all src all\r\n\r\n#\u4e0b\u9762\u4e09\u4e2aacl\u5176\u5b9e\u6211\u662f\u6ca1\u6709\u7528\u5230\u7684\uff0c\u5b9a\u4e49\u4e86locahost\u6765\u6e90\u548cto_localhost\u7684\u76ee\u6807cal\r\nacl manager proto cache_object\r\nacl localhost src 127.0.0.1\/32\r\nacl to_localhost dst 127.0.0.0\/8 0.0.0.0\/32\r\n#\u4e0b\u9762\u662f\u5b9a\u4e49\u4e00\u4e9b\u7aef\u53e3\u4e3aSafe_ports\u7684acl \uff0c\u540e\u9762\u53ef\u4ee5\u5728http_access\u91cc\u5b9a\u4e49\u62d2\u7edd\u8fd8\u662f\u5141\u8bb8\uff0c\u5176\u5b9e\u6211\u53ea\u9700\u8981\u5b9a\u4e4980\u548c443\u5c31\u53ef\u4ee5\u4e86\uff0c\u9ed8\u8ba4\u662f\u8fd9\u4e48\u4e9b\u6211\u5c31\u6ca1\u5220\u9664\u4e86\u3002\u770b\u6587\u6863\u8bf4\uff0cemail\u7528\u768425\u7aef\u53e3\u4e00\u5b9a\u8981\u9632\u8303\uff0c\u4e0d\u7136\u88abspam\u90ae\u4ef6\u53d1\u9001\u8005\u5229\u7528\u4e86\u8fd9\u4e2a\u4ee3\u7406\u7684\u8bdd\uff0c\u5c31\u4f1a\u5bfc\u81f4\u8fd9\u4e2aIP\u88ab\u8bb8\u591a\u9632\u8303\u5783\u573e\u90ae\u4ef6\u7ec4\u7ec7\u5217\u5165\u9ed1\u540d\u5355\uff0c\u751a\u81f3\u8fd8\u4f1a\u5f15\u6765\u6295\u8bc9\uff0c\u4e9a\u9a6c\u900a\u5c31\u4f1a\u602a\u6211\uff0c\u6240\u4ee5\u8fd9\u91cc\u6ca1\u6709\u628a25\u5217\u5165\u5b89\u5168\u7aef\u53e3\u3002\r\nacl SSL_ports port 443\r\nacl Safe_ports port 80          # http\r\nacl Safe_ports port 21          # ftp\r\nacl Safe_ports port 443         # https\r\nacl Safe_ports port 70          # gopher\r\nacl Safe_ports port 210         # wais\r\nacl Safe_ports port 1025-65535  # unregistered ports\r\nacl Safe_ports port 280         # http-mgmt\r\nacl Safe_ports port 488         # gss-http\r\nacl Safe_ports port 591         # filemaker\r\nacl Safe_ports port 777         # multiling http\r\n#\u4e0b\u9762\u8fd9\u4e2aacl\u5c31\u662f\u4e00\u4e2a\u5141\u8bb8CONNETC\u8fd9\u4e2aHTTP\u72b6\u6001\u7684\u63a7\u5236\u5217\u8868\uff0c\u8fd9\u4e2a\u80af\u5b9a\u4f1a\u8981\u5141\u8bb8\u7684\u3002\r\nacl CONNECT method CONNECT\r\n#\u4e0b\u9762\u8fd9\u4e2aacl\u5c31\u597d\u73a9\u4e86\uff0c\u6211\u5b9a\u4e49\u4e86POST\u8fd9\u4e2ahttp\u72b6\u6001\u7684acl\u540d\u5b57\u4e3aPOST\uff0c\u6211\u4f1a\u5728\u540e\u9762\u7684http_access\u62d2\u7edd\u6389\uff0c\u8fd9\u6837\u7528\u6211\u8fd9\u4e2a\u4ee3\u7406\u670d\u52a1\u5668\u7684\u4eba\u5c31\u4e0d\u80fd\u7528\u8fd9\u4e2aIP\u53bb\u53d1\u8d34\u4e86\uff0c\u4e5f\u4e0d\u80fd\u767b\u5f55\u5230\u4efb\u4f55\u7f51\u7ad9\uff0c\u7528\u4e0a\u8fd9\u4e2a\u4ee3\u7406\uff0c\u6240\u6709\u7f51\u7ad9\u5c31\u6210\u53ea\u8bfb\u6a21\u5f0f\u4e86\uff0c\u54c8\u3002\r\nacl POST method POST\r\n# \u4e0b\u9762\u6211\u7528\u6b63\u5219\u8868\u8fbe\u5f0f\u8fc7\u6ee4\u6389\u4e00\u4e9b\u6587\u4ef6\u6269\u5c55\u540d\uff0c\u51e1\u662fURL\u91cc\u6709\u8fd9\u4e9b\u6269\u5c55\u540d\u90fd\u65e0\u6cd5\u4e0b\u8f7d\uff0c\u8fd9\u6837\u505a\u7684\u597d\u5904\u662f\u8282\u7ea6\u6211\u7684\u670d\u52a1\u5668\u6d4f\u91cf\uff0c\u4e9a\u9a6c\u900a\u7684ec2\u7684\u670d\u52a1\u5668\u6d41\u91cf\u6709\u9650\uff0c\u8981\u662f\u88ab\u4eba\u5bb6\u4f7f\u7528\u6211\u7684\u4ee3\u7406\uff0c\u628a\u6d41\u91cf\u5237\u7206\u4e86\u6211\u7684\u4fe1\u7528\u5361\u4e5f\u5c31\u7206\u4e86\r\nacl deny_url_path urlpath_regex -i \\.exe$\r\nacl deny_url_path urlpath_regex -i \\.rar$ \r\nacl deny_url_path urlpath_regex -i \\.zip$ \r\nacl deny_url_path urlpath_regex -i \\.dmg$ \r\nacl deny_url_path urlpath_regex -i \\.swf$\r\nacl deny_url_path urlpath_regex -i \\.flv$\r\nacl deny_url_path urlpath_regex -i \\.mp4$\r\nacl deny_url_path urlpath_regex -i \\.mp3$\r\n\r\n#\u6211\u4e5f\u4e0d\u5141\u8bb8\u4f7f\u7528\u8bbf\u95eeaodobe\u53bb\u5b89\u88c5flash\u64ad\u653e\u5668\uff0c\u56e0\u4e3a\u524d\u9762\u6211\u8bbe\u7f6e\u5c4f\u853dswf\u4f1a\u663e\u793a\u51fa\u8ba9\u7528\u6237\u53bb\u5b89\u88c5flash player\uff0c\u6211\u5e72\u8106\u628aaodobe\u4e5f\u62d2\u7edd\u6389\u3002\u5176\u5b9esquid\u5728\u516c\u53f8\u5c40\u57df\u7f51\u73af\u5883\u4e2d\u4f7f\u7528\u901a\u5e38\u662f\u63a7\u5236\u5458\u5de5\u4e0a\u7f51\u7684\uff0c\u53ef\u4ee5\u6307\u5b9a\u65f6\u95f4\u6bb5\u6765\u5141\u8bb8\u6216\u62d2\u7edd\u8bbf\u95ee\u67d0\u4e9b\u7f51\u7ad9\u3002\r\nacl deny_site dstdomain  .adobe.com\r\n#\u4e0b\u9762\u8fd9\u4e24\u884c\u6211\u4e0d\u61c2\uff0c\u6ca1\u4ed4\u7ec6\u770b\u624b\u518c\r\nhttp_access allow manager localhost\r\nhttp_access deny manager\r\n#\u4e0b\u9762\u5c31\u662f\u6211\u7528\u4e8e\u5c4f\u853d\u7279\u5b9aURL\u7684\uff0c\u5c4f\u853d\u4e0b\u8f7d\r\nhttp_access deny deny_url_path\r\n#\u4e0b\u9762\u662f\u8c03\u7528\u5c4f\u853dadobe\u7684\u4ee3\u7406\r\nhttp_access deny deny_site\r\n\r\n#\u4e0b\u9762\u662f\u5c4f\u853dPOST\u63d0\u4ea4\u6570\u636e\u52a8\u4f5c\u7684\r\nhttp_access deny POST all Safe_ports\r\n#\u4e0b\u9762\u662f\u5c4f\u853d\u975e\u5168\u5b89\u7aef\u53e3\u7684\r\nhttp_access deny !Safe_ports\r\n#\u4e0b\u9762\u662f\u5c4f\u853d\u975eSSL\u7aef\u53e3\u7684\r\nhttp_access deny CONNECT !SSL_ports\r\n#\u4e0b\u9762\u662f\u5141\u8bb8\u672c\u5730IP\u7684\r\nhttp_access allow localhost\r\n\r\n#\u4e0b\u9762\u662f\u5141\u8bb8\u5bc6\u7801\u9a8c\u8bc1\u7684\uff0c\/etc\/squid3\/squid.password \u91cc\u7684\u7528\u6237\u540d\u548c\u5bc6\u7801\u5339\u914d\u5c31\u5141\u8bb8\u8bbf\u95ee\uff0c\u4e0d\u4f1a\u51fa\u73b0\/usr\/share\/squid3\/errors\/zh-cn\/ERR_ACCESS_DENIED\u91cc\u7684\u5185\u5bb9\uff0cERR_ACCESS_DENIED\u4e5f\u662f\u53ef\u4ee5\u81ea\u5b9a\u4e49\u7684\uff0c\u540e\u9762\u4f1a\u4ecb\u7ecd\u5230\u3002\r\nhttp_access allow password\r\n\r\n#\u4e0b\u9762\u662f\u5141\u8bb8\u6240\u6709\u6765\u6e90IP\uff0c\u4e5f\u5c31\u662f\u4e0d\u9650\u5b9a\u4efb\u4f55\u6765\u6e90IP\uff0c\u5176\u5b9e\u53ef\u4ee5\u8bbe\u7f6e\u9650\u5b9a\u67d0\u4e2aIP\u6bb5\u7684\u7528\u6237\u8bbf\u95ee\uff0c\u6bd4\u5982\u53ea\u5141\u8bb8\u4e2d\u56fdIP\u8bbf\u95ee\uff0c\u4f46\u8fd9\u4e2aIP\u6bb5\u6570\u636e\u592a\u5927\u4e86\uff0c\u6211\u5c31\u4e0d\u505a\u8fd9\u4e2a\u5b9e\u9a8c\u4e86\u3002\r\nhttp_access allow all\r\n\r\n#\u8bbe\u7f6e\u7f13\u5b58\u4f7f\u7528\u7684\u5185\u5b58\uff0c\u6211\u7684\u514d\u8d39ec2\u670d\u52a1\u5668\u53ea\u6709600\u591aM\u7684\u5185\u5b58\uff0c\u6211\u5c31\u8c61\u5f81\u6027\u5f04\u4e2a256M\u5427\uff0csquid\u4f5c\u4e3a\u7f13\u5b58\u4ee3\u7406\u670d\u52a1\u5668\uff0c\u5185\u5b58\u8bbe\u7f6e\u8d8a\u5927\u8d8a\u597d\r\ncache_mem 256 MB\r\nmaximum_object_size_in_memory 512 KB\r\n\r\n#\u8bbe\u7f6e\u7f13\u5b58\u4f7f\u7528\u7684\u786c\u76d8\u5b58\u50a8\u7a76\u7adf\uff0csquid\u4f5c\u4e3a\u7f13\u5b58\u4ee3\u7406\u670d\u52a1\u5668\uff0c\u786c\u76d8\u7a76\u7adf\u4e5f\u662f\u8bbe\u7f6e\u8d8a\u5927\u8d8a\u597d\uff0c\u56e0\u4e3a\u7f51\u9875\u90fd\u4f1a\u7f13\u5b58\u5728squid\u670d\u52a1\u5668\u91cc\uff0c\u80fd\u63d0\u9ad8\u7528\u6237\u8bbf\u95ee\u7f51\u7ad9\u7684\u901f\u5ea6\uff0c\u8bb8\u591aISP\u4f1a\u4e3a\u4e86\u63d0\u9ad8\u7528\u6237\u8bbf\u95ee\u4f53\u9a8c\uff0c\u4f1a\u63d0\u4f9bsquid\u670d\u52a1\u5668\u52a0\u901f\u7f51\u7edc\u8bbf\u95ee\u7684\u3002\u5047\u5982\u4f60\u7684\u7f51\u7ad9\u5728\u5168\u7403\u90fd\u6709\u8bbf\u95ee\u8005\uff0c\u4f46\u4e9a\u6d32\u8bbf\u95ee\u7f8e\u6d32\u7f51\u7edc\u663e\u7136\u662f\u6709\u66f4\u591a\u5ef6\u8fdf\uff0c\u4f53\u9a8c\u8d77\u6765\u4e0d\u4e00\u6837\uff0c\u82e5\u7f8e\u56fd\u7f51\u7ad9\u4e5f\u5728\u4e9a\u6d32\u5f04\u4e2asquid\u670d\u52a1\u5668\uff0c\u4e9a\u6d32\u7528\u6237\u8bbf\u95ee\u8d77\u6765\u5c31\u611f\u89c9\u4e0d\u5230\u5ef6\u8fdf\u4e86\r\ncache_dir ufs \/var\/spool\/squid3 100 16 256\r\nmaximum_object_size 406 KB\r\n#\u5185\u5b58\u7f13\u5b58\u6700\u4f4e\u767e\u5206\u4e4b\u4e5d\u5341\uff0c\u5c31\u628a\u65e7\u7684\u5185\u5bb9\u66ff\u6362\u76f4\u5230\u964d\u5230\u767e\u5206\u4e4b85\uff0c\u914d\u5408cache_mem\u4f7f\u7528\r\ncache_swap_low 90\r\n#\u7f13\u5b58\u6700\u9ad8\u8fbe\u5230\u767e\u5206\u4e4b\u4e5d\u5341\u4e94\r\ncache_swap_high 95\r\n\r\n#squid\u7a81\u7136\u6302\u6389\u7684\u65f6\u5019\uff0c\u6216\u8005\u7a81\u7136\u51fa\u73b0\u4ec0\u4e48\u6545\u969c\u7684\u65f6\u5019\uff0c\u5c06squid\u5728\u5185\u5b58\u4e2d\u7684\u8d44\u6599\u5199\u5230\u786c\u76d8\u4e2d\u3002\r\ncoredump_dir \/var\/spool\/squid3\r\n#Refresh _pattern\u662f\u8bbe\u7f6e\u7f13\u5b58\u547d\u4e2d\u7387\u7684\uff0c\u6211\u62ff\u6765\u5f53\u4ee3\u7406\u800c\u4e0d\u5f53\u7f13\u5b58\u7528\uff0c\u6211\u5c31\u4e0d\u7ba1\u4e86\uff0csquid.conf\u663e\u7136\u6709\u4e0b\u9762\u7684\u9009\u9879\uff0c\u6211\u5c31\u4e0d\u89e3\u91ca\u4e86\r\nrefresh_pattern ^ftp:           1440    20%     10080\r\nrefresh_pattern ^gopher:        1440    0%      1440\r\nrefresh_pattern -i (\/cgi-bin\/|\\?) 0     0%      0\r\nrefresh_pattern (Release|Packages(.gz)*)$      0       20%     2880\r\nrefresh_pattern .               0       20%     4320\r\n\r\n#\u8bbe\u7f6e\u7ba1\u7406\u5458\u90ae\u7bb1\uff0c\u4f1a\u5728\u62a5\u9519\u9875\u9762\u663e\u793a\u51fa\u6765\uff0c\u63d0\u793a\u6709\u95ee\u9898\u8054\u7cfb\u7ba1\u7406\u5458\r\ncache_mgr zuola.com@gmail.com\r\n#\u8bbe\u7f6e\u4e3b\u673a\u540d\u5b57\uff0c\u4e5f\u4f1a\u5728\u62a5\u9519\u9875\u663e\u793a\u51fa\u6765\r\nvisible_hostname amazon.zuola.com\r\n#\u4e0b\u9762\u8fd9\u884c\u662f\u4e00\u4e2a\u51b3\u5b9a\u662f\u5426\u9690\u85cf\u7528\u6237IP\u7684\u9009\u9879\uff0c\u8bbe\u7f6e\u4e3aoff\u7684\u8bdd\uff0c\u4f7f\u7528\u672cHTTP\u4ee3\u7406\u767b\u5f55 https:\/\/zuo.la\/useragent\/  \u5c31\u4e0d\u4f1a\u663e\u793a\u4f60\u7684\u771f\u5b9eIP\uff0c\u6211\u628a\u8fd9\u4e2a\u6253\u5f00\u4e86\u5c31\u662f\u6545\u610f\u4e0d\u5e2e\u522b\u4eba\u9690\u85cfIP\uff0c\u6211\u6015\u522b\u4eba\u6ee5\u7528\u8fd9\u4e2a\u554a\u3002\r\nforwarded_for on\r\n~<\/pre>\n<p>\u4fee\u6539403\u62a5\u9519\u63d0\u793a<\/p>\n<pre>bitnami@ip-10-196-185-56:~$ vi \/usr\/share\/squid3\/errors\/zh-cn\/ERR_ACCESS_DENIED<\/pre>\n<p>\u6700\u540e\uff0c\u6765\u4f53\u9a8c\u6211\u7684\u4ee3\u7406\u670d\u52a1\u5668\u5427\uff1a<br \/>\n\u8bf7\u628a\u4f60\u7684\u6d4f\u89c8\u5668\u7684http\u548chttps\u4ee3\u7406\u8bbe\u7f6e\u4e3a204.236.236.251:3128\u5427\uff0c\u8fd9\u6837\uff0c\u4f60\u8bbf\u95ee\u4efb\u4f55\u7f51\u7ad9\u90fd\u4e0d\u80fd\u63d0\u4ea4\u6570\u636e\uff0c\u4e0d\u80fd\u770byoutube\u89c6\u9891\uff0c\u4e0d\u80fd\u4e0b\u8f7dmp3\uff0c\u8fd8\u9700\u8981\u6bcf\u9694\u4e00\u4e2a\u5c0f\u65f6\u8f93\u5165zola \u548cilovezola\uff0c\u5f53\u7136\u8fd9\u662f\u514d\u8d39\uff0c\u4e0d\u8fc7\u6ca1\u6709\u4fdd\u969c\u548c\u5ba2\u670d\u54e6\u3002\u4e5f\u8bb8\u8fc7\u51e0\u4e2a\u6708\u6211\u5c31\u5173\u6389\u8fd9\u4e2a\u670d\u52a1\u4e86\uff0c\u4e5f\u8bb8\u65e9\u88abGFW\u5c4f\u853d\u4e86\u3002<\/p>\n<p><a href=\"http:\/\/www.zuola.com\/weblog\/wp-content\/uploads\/2012\/12\/squid_proxy.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-1874\" alt=\"squid_proxy\" src=\"http:\/\/www.zuola.com\/weblog\/wp-content\/uploads\/2012\/12\/squid_proxy.png\" width=\"586\" height=\"621\" srcset=\"https:\/\/www.zuola.com\/weblog\/wp-content\/uploads\/2012\/12\/squid_proxy.png 586w, https:\/\/www.zuola.com\/weblog\/wp-content\/uploads\/2012\/12\/squid_proxy-283x300.png 283w, https:\/\/www.zuola.com\/weblog\/wp-content\/uploads\/2012\/12\/squid_proxy-452x480.png 452w\" sizes=\"auto, (max-width: 586px) 100vw, 586px\" \/><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u6211\u77e5\u9053VPN\u5728\u4e2d\u56fd\u53d7\u5230\u5f88\u5927\u7684\u5e72\u6270\uff0c\u6211\u5c31\u6ca1\u5728ec2\u4e0a\u5b89\u88c5VPN server\u4e86\uff0c\u6211 <span class=\"readmore\"><a href=\"https:\/\/www.zuola.com\/weblog\/2012\/12\/1873.htm\">Continue Reading &#8230;<\/a><\/span><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-1873","post","type-post","status-publish","format-standard","hentry","category-review"],"views":7605,"_links":{"self":[{"href":"https:\/\/www.zuola.com\/weblog\/wp-json\/wp\/v2\/posts\/1873","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.zuola.com\/weblog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.zuola.com\/weblog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.zuola.com\/weblog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.zuola.com\/weblog\/wp-json\/wp\/v2\/comments?post=1873"}],"version-history":[{"count":0,"href":"https:\/\/www.zuola.com\/weblog\/wp-json\/wp\/v2\/posts\/1873\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.zuola.com\/weblog\/wp-json\/wp\/v2\/media?parent=1873"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.zuola.com\/weblog\/wp-json\/wp\/v2\/categories?post=1873"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.zuola.com\/weblog\/wp-json\/wp\/v2\/tags?post=1873"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}