搭建的服务器用的是阿里云的VPS 系统是centos6,GCC版本是4.4.7,由于新的squid需要GCC的版本比较高而且试了几个都有兼容性问题,因此从http://www.squid-cache.org/Versions/v3/3.1/下载了3.1.22版本
Squid 3.1.22
搭建高匿名代理IP服务时,需要编译squid的源码,并在configuration指定参数--enable-http-violations,否则squid不支持搭建高匿代理IP服务。
简介下三类代理IP服务的区别(Header层面):
- 透明代理 :
REMOTE_ADDR: Proxy IP address
HTTP_VIA: Proxy IP address/hostname and details – e.g. 1.1 proxy1.mydomain.net:3128 (squid/2.7.STABLE9)
HTTP_X_FORWARDED_FOR: Your real IP address
- 普通匿名代理IP:
REMOTE_ADDR: Proxy IP address
HTTP_VIA: Proxy IP address/hostname and details – e.g. 1.1 proxy1.mydomain.net:3128 (squid/2.7.STABLE9)
HTTP_X_FORWARDED_FOR: blank
- 高级匿名代:
REMOTE_ADDR: Proxy IP address
HTTP_VIA: blank
HTTP_X_FORWARDED_FOR: blank
因此三者的squid针对header的配置也不同。
首先安装squid:
- 下载squid http://www.squid-cache.org/Versions/v3/3.1/squid-3.1.22.tar.gz,并解压:tar -xf squid-3.1.22.tar.gz;
下载解压squid - 进入squid-3.1.22 配置属性:./configure --enable-http-violations --prefix=/usr --includedir=/usr/include --datadir=/usr/share --bindir=/usr/sbin --libexecdir=/usr/lib/squid --localstatedir=/var --sysconfdir=/etc/squid;
-
编译安装:make && make install。
若有期间有错误,请检测下环境是否兼容。
然后配置vim /etc/squid/squid.conf:
image.png
追加如下项:
forwarded_for off
visible_hostname mmzi
### Deny headers
request_header_access Via deny all
request_header_access X-Forwarded-For deny all
request_header_access Referer deny all
request_header_access From deny all
request_header_access User-Agent deny all
request_header_access X-Cache deny all
### Deny headers
reply_header_access Via deny all
reply_header_access X-Cache deny all
reply_header_access Server deny all
reply_header_access WWW-Authenticate deny all
reply_header_access Link deny all
然后启动即可:/usr/sbin/squid start
建议修改掉默认端口号:http_port xxxx
白名单规则当前是在阿里云安全管理规则中追加, 若自有服务器,可以通过iptable配置。
下面顺便介绍下另外两类配置:
- 透明代理: port后面追加 transparent
- 普通匿名代理:
request_header_access From deny all
request_header_access Referer deny all
request_header_access User-Agent deny all
reply_header_access Server deny all
reply_header_access WWW-Authenticate deny all
reply_header_access Link deny all
