squid-study

安装

1 2 3 4 5 6 7 8 9 10 11 12

#archlinux 安装 sudo pacman -S squid #更改配置文件 vim /etc/squid.conf --- http_access allow all http_port 0.0.0.0:3128 https_port 0.0.0.0:3129 cert=/etc/squid/my.crt key=/etc/squid/myPrivate.key cache_dir ufs /var/spool/squid 2048 16 256

证书

1 2 3 4 5

openssl req -new -out tank.csr openssl rsa -in privkey.pem -out myPrivate.key openssl x509 -in tank.csr -out my.crt -req -signkey myPrivate.key -days 3650

初始化

1

squid -z

端口开放

1 2	sudo iptables -I INPUT -p tcp --dport 3129 -j ACCEPT sudo iptables -I INPUT -p tcp --dport 3128 -j ACCEPT

启动squid

1 2	sudo systemctl start squid systemctl status squid

---

stunnel

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24

sudo pacman -S stunnel #SERVER vim /etc/stunnel/stunnel.conf --- setuid = root setgit = root output = /var/log/stunnel.log debug = 7 [https] client = no cert = /etc/stunnel/stunnel.pem key = /etc/stunnel/stunnel.pem accept=0.0.0.0:4128 #等待远端访问端口 connect=localhost:3128 #连接到本地squid端口 --- #CLIENT [https] client = yes accept = 127.0.0.1:8888 #本地8888端口等待访问 connnect=server_IP:4128 #连接服务端4128端口

自签证书

1 2 3

openssl genrsa -out privatekey.pem 2048 openssl req -new -x509 -key privatekey.pem -out publickey.pem -days 3650 cat privatekey.pem publickey.pem >> /etc/stunnel/stunnel.pem