《2022年企业解决方案实践squid+squidGuard+sarg+clamav+mrtg代理服务器教程.docx》由会员分享,可在线阅读,更多相关《2022年企业解决方案实践squid+squidGuard+sarg+clamav+mrtg代理服务器教程.docx(8页珍藏版)》请在得力文库 - 分享文档赚钱的网站上搜索。
1、2022年企业解决方案实践squid+squidGuard+sarg+clamav+mrtg代理服务器教程摘要:企业解决方案实践squid+squidGuard+sarg+clamav+mrtg前不久为公司做了一个SquidProxyServer测试,达到以下要求,供大家参考:域用户认证,只部分用户上internet网,全部用户能上公司intranet.:网站过滤:on-access防病毒,病毒库升级速度快.:上网记录分析.可以为经理级人员供应相关员工上网记录分析.需密码验证.:mrtg流量分析因为以下英文较简洁,就没必要转成中文了硬件配置找了台式机,内存增至1GRAM,一张网卡,放在公司fi
2、rewall后边,defaultgateway设成firewalladdressRedhatLinux9.0Installation:InsertthebootdisketteintoCDdriveandreboot,YourBIOSsettingsmayneedtobechangedtoallowyoutobootfromthedisketteorCD-ROM.Afterashortdelay,ascreencontainingtheboot:promptshouldappear.PressENTERcontinuous,ClickSkipwhenpromptyoutotesttheCDme
3、dia.:Usingyourmouseselecttherelativeoptionrefertothefollowingfortheinstallation:LanguageSelection:English(English)KeyboardConfiguration:U.S.EnglishMouseConfiguration:PS/2InstallationType:ServerDiskPartitioningSetup:ManuallyPartitionwithDiskDruid.FileSystem(ext3)SizeDescription/boot150MB<swap>2
4、048MB/5000MB/varRemainedspaceForproxylog/cache110000MBForproxycache/cache210000MBForproxycache3:BootLoaderConfiguration:NetworkConfiguration:Eth0IPaddress10.160.1.114submask255.255.252.0Gateway10.160.1.10PrimaryDNS10.160.1.110.160.1.3FirewallConfiguration:NoFirewallAdditionallanguagesupport:English(
5、USA)TimeZoneSelection:Asia/ShangHaiSetRootPassword:xxxxxxxxPackageGroupSelection(includedthefollowingonly):Applications:Editors:Vim-enhancedonlyText-baseInternet:AddLynxServers:Serverconfigurationtools:DefaultWebServer:movesquidonlyNetworkServers:Telnet-serveronlyDevelopmenttools:DefaultProceedwithI
6、nstallDonotcreatebootdiskInstallwillcompleteandsystemwillreboot.seewo 回复于:2022-01-18 18:02:52Logonasroot,adduser:support,squid#useradd-cRemotesupportUsersupport#passwdsupport#useradd-gsquid-s/bin/false-cForSquidOnlysquid#chownRsquid.squid/cache1#chownRsquid.squid/cache2#chmod770/cache1#chmod770/cach
7、e2#mkdir/etc/squid#vi/etc/rc.d/rc.localadd:因为公司DHCP的默认网关不是默认gateway,而是另外一台路由器,故在此增加本地路由echo>/etc/issueecho>/etc/sbin/hdparm-c1/dev/hdatouch/var/lock/subsys/local/sbin/iprouteadd10.0.0.0/8via10.160.1.21/sbin/iprouteadd172.160.0.0/12via10.160.1.21/sbin/iprouteadd192.168.0.0/16via10.160.48.21#vi/
8、etc/hostsadd:在些增加内部某些主机的映射,如下要用到的域名服务器,可以多域.CompileandInstallSquid-2.5.STABLE7Downloadsquid2.5Stable7andsaveitto/usr/local/srcafterconnectinternet:#wgethttp:/www.squid-cache.org/Versions/v2/2.5/squid-2.5.STABLE7.tar.gz#tarzxvfsquid-2.5STABLE7.tar.gz#./configure-prefix=/usr/local/squid-sysconfdir=/et
9、c/squid-enable-auth=ntlm-enable-ntlm-auth-helpers=SMB-disable-internal-dns-enable-storeio=aufs,ufs-with-aufs-threads=32-enable-cache-digests-enable-underscores-enable-removal-policies#make#makeinstall#makeclean#strip/usr/local/squid/sbin/squid#strip/usr/local/squid/bin/squidclient#strip/usr/local/sq
10、uid/libexec/dnsserver#strip/usr/local/squid/libexec/unlinkd#strip/usr/local/squid/libexec/cachemgr.cgiDeleteSquid-2.5.STABLE7folderandSquid-2.5.STABLE7.tar.gz#mkdir/var/log/squid#chown-Rsquid.squid/var/log/squidMovethecachemanagerprogramto/var/www/cgi-bin/#mv/usr/lib/squid/cachemgr.cgi/var/www/cgi-b
11、in/cachemgr.cgiStartthehttpandsquidproxyserverautomaticallyduringboot#cp/usr/local/squid/sbin/squid/etc/init.d/squid#lns/etc/rc.d/init.d/http/etc/rc3.d/S86httpd#lns/etc/rc.d/init.d/squid/etc/rc3.d/S876squidModify/etc/httpd/conf/httpd.confpleaserefertoAppendixI;Modify/etc/squid/squid.conffilepleasere
12、fertoAppendixII;Createwpad.daton/var/www/htmlPleaserefertoAppendixIII.Createswapspace#/etc/init.d/squidzRebootAppendixI:/etc/httpd/conf/httpd.confListen10.160.1.114:8000ServerAdminSeewoServerNameServerName:8000AddTypeapplication/x-ns-proxy-autoconfig.datDocumentRoot/var/www/htmlAccessFileName.htacce
13、ssAllowOverrideAllAppendixII:/etc/squid/squid.conf#NETWORKOPTIONShttp_port10.160.1.114:80http_port10.160.1.114:8080icp_port0#OPTIONSWHICHAFFECTTHENEIGHBORSELECTIONALGORITHMhierarchy_stoplistcgi-bin?aclQUERYurlpath_regexcgi-bin?no_cachedenyQUERYacllocalserverdst10.160.1.0/255.255.252.0no_cachedenyloc
14、alserver#OPTIONSWHICHAFFECTTHECACHESIZEcache_mem256MBcache_swap_low93cache_swap_high95maximum_object_size20480KBcache_replacement_policyheapLFUDAmemory_replacement_policyheapLRU#LOGFILEPATHNAMESANDCACHEDIRECTORIEScache_diraufs/cache11000016123cache_diraufs/cache21000016123cache_access_log/var/log/squid/access.logcache_log/var/log/squid/cache.logcache_store_lognone