누군가 도와주세요. 나는 253 ip를 가진 새 서버에서 작동하는 128 ip를 가진 다른 서버에서 항상 사용되었던 프록시 스크립트를 얻으려고 2주를 보냈습니다.
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl localnet src fc00::/7 # RFC 4193 local private network range
acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
# http_access deny !Safe_ports
# http_access deny CONNECT !SSL_ports
# http_access deny all
http_access allow localnet
http_access allow localhost
# hierarchy_stoplist cgi-bin ?
# Uncomment and adjust the following to add a disk cache directory.
cache_dir ufs /var/spool/squid 300 16 256
coredump_dir /var/spool/squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
auth_param basic program /usr/lib/squid3/basic_ncsa_auth
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
acl ncsa_auth proxy_auth REQUIRED
http_access allow ncsa_auth
# http_port 3000
http_port 164.163.XXX.2:3000 intercept name=3000
http_port 164.163.XXX.3:3000 intercept name=3001
acl ip1 myportname 3000
acl ip2 myportname 3001
tcp_outgoing_address 164.163.XXX.2 ip1
tcp_outgoing_address 164.163.XXX.3 ip2
forwarded_for off
#request_header_access Allow allow all
#request_header_access Authorization allow all
#request_header_access WWW-Authenticate allow all
#request_header_access Proxy-Authorization allow all
#request_header_access Proxy-Authenticate allow all
#request_header_access Cache-Control allow all
#request_header_access Content-Encoding allow all
#request_header_access Content-Length allow all
#request_header_access Content-Type allow all
#request_header_access Date allow all
#request_header_access Expires allow all
#request_header_access Host allow all
#request_header_access If-Modified-Since allow all
#request_header_access Last-Modified allow all
#request_header_access Location allow all
#request_header_access Pragma allow all
#request_header_access Accept allow all
#request_header_access Accept-Charset allow all
#request_header_access Accept-Encoding allow all
#request_header_access Accept-Language allow all
#request_header_access Content-Language allow all
#request_header_access Mime-Version allow all
#request_header_access Retry-After allow all
#request_header_access Title allow all
#request_header_access Connection allow all
#request_header_access Proxy-Connection allow all
#request_header_access User-Agent allow all
#request_header_access Cookie allow all
#request_header_access All deny all
일주일 후 나는 Squid 3.1에서 작동하는 128개의 프록시를 얻었지만 동일한 서버에서 작동하도록 253개의 프록시에 대해 다음 구성 옵션을 사용하여 Squid 3.5를 컴파일하라는 지시를 받았습니다.
옵션 구성: '--build=x86_64-redhat-linux-gnu' '--host=x86_64-redhat-linux-gnu' '--target=x86_64-redhat-linux-gnu' '--program-prefix=' '--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--datadir =/usr/share' '--includedir=/usr/include' '--libdir=/usr/lib64' '--libexecdir=/usr/libexec' '--sharedstatedir=/var/lib' '--mandir =/usr/share/man' '--infodir=/usr/share/info' '--verbose' '--exec_prefix=/usr' '--libexecdir=/usr/lib64/squid' '--localstatedir= /var' '--datadir=/usr/share/squid' '--sysconfdir=/etc/squid' '--with-logdir=$(localstatedir)/log/squid' '--with-pidfile=$( localstatedir)/run/squid.pid' '--disable-dependent-tracking' '--enable-follow-x-forwarded-for' '--enable-auth' '--enable-auth-basic=DB,LDAP ,NCSA,NIS,PAM,POP3,RADIUS,SASL,SMB,getpwnam' '--enable-auth-ntlm=smb_lm,fake' '--enable-auth-digest=file,LDAP' '--enable-auth- 협상=kerberos,wrapper' '--enable-external-acl-helpers=wbinfo_group,kerberos_ldap_group' '--enable-cache-digests' '--enable-cachemgr-hostname=localhost' '--enable-delay-pools' '--enable-epoll' '--enable-icap-client' '--enable-ident-lookups' '--enable-linux-netfilter' '--enable-removal-policies=heap,lru' '-- 활성화-snmp' '--enable-storeio=aufs,diskd,ufs,rock' '--enable-wccpv2' '--enable-esi' '--enable-ssl-crtd' '--enable-icmp' ' --with-aio' '--with-default-user=squid' '--with-filedescriptors=16384' '--with-dl' '--with-openssl' '--with-pthreads' '-- with-included-ltdl' '--disable-arch-native' '--without-nettle' 'build_alias=x86_64-redhat-linux-gnu' 'host_alias=x86_64-redhat-linux-gnu' 'target_alias=x86_64-redhat -linux-gnu' 'CFLAGS=-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fExceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic' 'CXXFLAGS= -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fExceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic -fPIC' 'PKG_CONFIG_PATH=:/usr/lib64/ pkgconfig:/usr/share/pkgconfig' '--enable-ltdl-convenience' 'CXXFLAGS=-DMAXTCPLISTENPORTS=256'
프록시 스크립트가 실제로 무엇을 하고 있는지 IDK 때문에 누군가 나를 도와줄 수 있습니까?
http_port 164.163.XXX.2:3000 차단 이름=3000 http_port 164.163.XXX.3:3000 차단 이름=3001
acl ip1 myportname 3000 acl ip2 myportname 3001
tcp_outgoing_address 164.163.XXX.2 IP1 tcp_outgoing_address 164.163.XXX.3 ip2
지금은 오징어 3.5에서는 더 이상 작동하도록 할 수 없습니다.
답변1
추가하다
acl localnet src 164.163.0.0/16
다른 acl localnet 회선을 사용합니다. 해당 IP가 오징어를 사용하는 것을 허용하지 않았습니다.
다음 가이드를 읽을 때 :https://askubuntu.com/questions/680246/proxy-server-multiple-ips
알겠어요:
http_port xx.xxx.xxx.111:3128 name=3128
http_port xx.xxx.xxx.112:3129 name=3129
...
그런 다음 각 포트에 대해 다음을 수행합니다.
acl tasty3128 myportname 3128 src yy.yyy.yyy.0/24
http_access allow tasty3128
tcp_outgoing_address xx.xxx.xxx.111 tasty3128
acl tasty3129 myportname 3129 src yy.yyy.yyy.0/24
http_access allow tasty3129
tcp_outgoing_address xx.xxx.xxx.112 tasty3129
귀하의 구성에는 "http_access 허용 ..."이 표시되지 않습니다.