This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
автоматизация_использования_squid [2015/02/26 17:34] val [Настойка Ubuntu (iptables)] |
автоматизация_использования_squid [2022/10/13 21:37] val [С использованием WPAD (Web Proxy Auto-Discovery)] |
||
---|---|---|---|
Line 2: | Line 2: | ||
===== Автонастройка клиентов ===== | ===== Автонастройка клиентов ===== | ||
+ | |||
+ | ==== Proxy Auto-Configuration ==== | ||
+ | |||
+ | * [[https://developer.mozilla.org/en-US/docs/Web/HTTP/Proxy_servers_and_tunneling/Proxy_Auto-Configuration_PAC_file|Proxy Auto-Configuration (PAC) file]] | ||
+ | * [[https://habr.com/ru/company/icl_services/blog/328316/|Десять примеров того, как не нужно писать PAC-файлы]] | ||
+ | |||
==== С использованием WPAD (Web Proxy Auto-Discovery) ==== | ==== С использованием WPAD (Web Proxy Auto-Discovery) ==== | ||
Line 7: | Line 13: | ||
!!! Необходимо настроить в браузере "Автоматическое определение параметров прокси" | !!! Необходимо настроить в браузере "Автоматическое определение параметров прокси" | ||
- | * [[http://technet.microsoft.com/ru-ru/library/cc817412.aspx]] | + | * [[http://technet.microsoft.com/ru-ru/library/cc817412.aspx|JavaScript and JScript Auto-proxy Example Files]] |
<code> | <code> | ||
- | # cat corpX.un | + | # cat /etc/bind/corpX.un |
</code><code> | </code><code> | ||
wpad A 192.168.X.10 | wpad A 192.168.X.10 | ||
+ | ;wpad A 192.168.X.1 ;GSSAPI | ||
+ | |||
proxy A 172.16.1.X | proxy A 172.16.1.X | ||
</code><code> | </code><code> | ||
- | # cat /WWWDIR/wpad.dat | + | # cat /var/www/html/wpad.dat |
</code><code> | </code><code> | ||
function FindProxyForURL(url,host) { | function FindProxyForURL(url,host) { | ||
- | if (shExpMatch(host, "*.corpX.un")) | + | if (shExpMatch(host, "*corpX.un")) return "DIRECT"; |
- | return "DIRECT"; | + | else if (dnsDomainIs(host,"compX.un")) return "DIRECT"; |
else | else | ||
// return "HTTPS proxy.corpX.un:8080"; | // return "HTTPS proxy.corpX.un:8080"; | ||
- | // return "PROXY proxy.corpX.un:8080"; | + | // return "PROXY proxy.corpX.un:3128"; |
+ | // return "PROXY gate.corpX.un:3128"; //GSSAPI | ||
} | } | ||
</code> | </code> | ||
Line 31: | Line 40: | ||
===== Transparent proxy ===== | ===== Transparent proxy ===== | ||
+ | * Устарело, не работает для https | ||
==== Настойка SQUID ==== | ==== Настойка SQUID ==== | ||
<code> | <code> | ||
Line 36: | Line 46: | ||
</code><code> | </code><code> | ||
... | ... | ||
- | http_port 8080 transparent | + | http_port 8888 transparent |
http_port 3128 | http_port 3128 | ||
... | ... | ||
Line 47: | Line 57: | ||
==== Настойка FreeBSD (pf) ==== | ==== Настойка FreeBSD (pf) ==== | ||
<code> | <code> | ||
+ | [gate:~] # cat /var/db/ports/www_squid/options | ||
+ | </code><code> | ||
+ | ... | ||
+ | OPTIONS_FILE_SET+=TP_PF | ||
+ | ... | ||
+ | </code><code> | ||
+ | [gate:~] # cat /etc/devfs.conf | ||
+ | </code><code> | ||
+ | ... | ||
+ | perm pf 0644 | ||
+ | </code><code> | ||
[gate:~] # cat /etc/pf.conf | [gate:~] # cat /etc/pf.conf | ||
</code><code> | </code><code> | ||
... | ... | ||
- | rdr proto tcp from $pppoe_corp_net to any port 80 -> 127.0.0.1 port 8080 | + | rdr proto tcp from $pppoe_corp_net to any port 80 -> 127.0.0.1 port 8888 |
... | ... | ||
</code><code> | </code><code> | ||
Line 59: | Line 80: | ||
[[Сервис NAT]] | [[Сервис NAT]] | ||
<code> | <code> | ||
- | root@gate:~# iptables -t nat -A PREROUTING -p tcp -s 192.168.100+X.0/24 --dport 80 -j REDIRECT --to-port 8080 | + | root@gate:~# iptables -t nat -A PREROUTING -p tcp -s 192.168.100+X.0/24 --dport 80 -j REDIRECT --to-port 8888 |
</code> | </code> | ||