http://www.squid-cache.org/Doc/
sudo apt install squid
sudo apt install apache2-utils //生成password文件 这里的路径和squid.conf中配置的路径一致 sudo htpasswd -c -d /etc/squid/passwords 自定义用户名 //然后输入两次至少8位的密码,还要保证生成的passwords文件是可读的 sudo chmod o+r /etc/squid/passwords
cd /etc/squid/ cp squid.conf squid.conf.bak
# 匿名代理 forwarded_for off # 配置用户名密码 auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/passwords auth_param basic realm proxy acl authenticated proxy_auth REQUIRED # 访问控制 http_access allow authenticated # 允许不安全端口 # http_access deny !Safe_ports # 允许 非ssl 链接 # http_access deny CONNECT !SSL_ports cache_mgr xxx@gmail.com #Squid 崩溃时邮件发送地址 # 配置重定向 url_rewrite_extras "%>a %>rm %un" url_rewrite_children 3 startup=0 idle=1 concurrency=10 url_rewrite_program /etc/squid/squid-redirect.py
# 重定向脚本 vim /etc/squid/squid-redirect.py # 添加可执行权限 sudo chmod a+x /etc/squid/squid-redirect.py
以下为squid-redirect.py代码
#!/usr/bin/env python3 VERSION=0.3 import re import sys import logging from datetime import datetime logging.basicConfig(filename='squid-redirect.log',level=logging.DEBUG) xxx = re.compile('\.xxx?/$') def main(): """ keep looping and processing requests request format is based on url_rewrite_extras "%>a %>rm %un" """ request = sys.stdin.readline() while request: [ch_id,url,ipaddr,method,user]=request.split() logging.debug(datetime.now().strftime('%Y-%m-%d %H:%M:%S') + ': ' + request +'\n') response = ch_id + ' OK' if 'www.baidu.com' in url: response += ' status=302 url="https://example.com"' response += '\n' logging.debug(datetime.now().strftime('%Y-%m-%d %H:%M:%S') + ': ' + response + '\n') sys.stdout.write(response) sys.stdout.flush() request = sys.stdin.readline() if __name__ == '__main__': main()
脚本日志文件位置:
/var/spool/squid/squid-redirect.log
squid -k parse
参考链接:https://wiki.squid-cache.org/SquidFaq/SquidAcl
acl myserver dst 172.16.5.1 url_rewrite_access myserver
// 开机启动 systemctl enable squid.service sudo service squid start //重启服务 squid restart //关闭服务 squid stop