This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
сервис_http_proxy [2009/06/22 14:32] val |
сервис_http_proxy [2010/08/27 09:30] val |
||
---|---|---|---|
Line 45: | Line 45: | ||
[gate:~] # /usr/local/etc/rc.d/squid start | [gate:~] # /usr/local/etc/rc.d/squid start | ||
- | [gate:~] # tail -f /usr/local/squid/logs/access.log | + | [gate:~] # tail -f /var/squid/logs/access.log |
</code> | </code> | ||
Line 79: | Line 79: | ||
SARG: Records in file: 23, reading: 0.00% | SARG: Records in file: 23, reading: 0.00% | ||
SARG: Successful report generated on /usr/local/www/data/squid-reports/2006Jun28-2006Jun28 | SARG: Successful report generated on /usr/local/www/data/squid-reports/2006Jun28-2006Jun28 | ||
+ | </code> | ||
+ | |||
+ | ==== Автоматизация процесса построения отчета (FreeBSD) ==== | ||
+ | |||
+ | на постоянно работающем сервере: | ||
+ | <code> | ||
+ | [gate:~] # cat /usr/local/etc/periodic/daily/100.sarg.sh | ||
+ | #!/bin/sh | ||
+ | echo Generate Squid Access Report | ||
+ | /usr/bin/find /usr/local/www/data/squid-reports/ -maxdepth 1 -mtime +60 -type d -name '*-*' -exec rm -r {} \; | ||
+ | /usr/local/sbin/squid -k rotate | ||
+ | /usr/local/bin/sarg | ||
+ | |||
+ | [gate:~] # chmod +x /usr/local/etc/periodic/daily/100.sarg.sh | ||
+ | </code> | ||
+ | |||
+ | на сервере работающем в течении рабочего дня: | ||
+ | <code> | ||
+ | [gate:~] # cat /usr/local/etc/rc.d/sarg.sh | ||
+ | #!/bin/sh | ||
+ | echo Generate Squid Access Report | ||
+ | /usr/bin/find /usr/local/www/data/squid-reports/ -maxdepth 1 -mtime +60 -type d -name '*-*' -delete | ||
+ | /usr/local/sbin/squid -k rotate | ||
+ | /usr/local/bin/sarg | ||
+ | |||
+ | [gate:~] # chmod +x /usr/local/etc/rc.d/sarg.sh | ||
</code> | </code> | ||
Line 217: | Line 243: | ||
... | ... | ||
acl our_networks src 192.168.100+X.0/24 | acl our_networks src 192.168.100+X.0/24 | ||
- | acl full_access src 192.168.100+X.2 127.0.0.1 | + | acl full_access src 192.168.100+X.100 127.0.0.1 |
#For FreeBSD | #For FreeBSD | ||
Line 228: | Line 254: | ||
... | ... | ||
- | [gate:local/etc/squid] # squid -k check | + | gate# squid -k check |
- | [gate:local/etc/squid] # squid -k reconfigure | + | gate# squid -k reconfigure |
</code> | </code> | ||
- | ==== Автоматизация процесса построения отчета (FreeBSD) ==== | + | ===== Настройка "прозрачного" (transparent) http proxy ===== |
- | на постоянно работающем сервере: | + | ==== С использованием WPAD (Web Proxy Auto-Discovery) ==== |
<code> | <code> | ||
- | [gate:~] # cat /usr/local/etc/periodic/daily/100.sarg.sh | + | # cat /etc/namedb/master/corpX.un |
- | #!/bin/sh | + | ... |
- | echo Generate Squid Access Report | + | wpad A 192.168.X.1 |
- | /usr/bin/find /usr/local/www/data/squid-reports/ -maxdepth 1 -mtime +60 -type d -name '*-*' -exec rm -r {} \; | + | proxy A 192.168.X.1 |
- | /usr/local/sbin/squid -k rotate | + | ... |
- | /usr/local/bin/sarg | + | |
- | [gate:~] # chmod +x /usr/local/etc/periodic/daily/100.sarg.sh | + | # cat /usr/local/www/data/wpad.dat |
+ | function FindProxyForURL(url,host) | ||
+ | { | ||
+ | return "PROXY proxy.corpX.un:3128"; | ||
+ | } | ||
</code> | </code> | ||
+ | ==== С использованием перенаправления пакетов ==== | ||
- | на сервере работающем в течении рабочего дня: | + | === Настойка SQUID === |
- | <code> | + | |
- | [gate:~] # cat /usr/local/etc/rc.d/sarg.sh | + | |
- | #!/bin/sh | + | |
- | echo Generate Squid Access Report | + | |
- | /usr/bin/find /usr/local/www/data/squid-reports/ -maxdepth 1 -mtime +60 -type d -name '*-*' -delete | + | |
- | /usr/local/sbin/squid -k rotate | + | |
- | /usr/local/bin/sarg | + | |
- | + | ||
- | [gate:~] # chmod +x /usr/local/etc/rc.d/sarg.sh | + | |
- | </code> | + | |
- | + | ||
- | ===== Настройка "прозрачного" (transparent) http proxy ===== | + | |
- | + | ||
- | ==== Настойка SQUID ==== | + | |
<code> | <code> | ||
gate# diff squid.conf.default squid.conf | gate# diff squid.conf.default squid.conf | ||
... | ... | ||
- | 938c938 | + | 1127c1127 |
< http_port 3128 | < http_port 3128 | ||
--- | --- | ||
Line 275: | Line 291: | ||
</code> | </code> | ||
- | ==== Настойка FreeBSD (pf) ==== | + | === Настойка FreeBSD (pf) === |
<code> | <code> | ||
[gate:~] # cat /etc/pf.conf | [gate:~] # cat /etc/pf.conf | ||
Line 285: | Line 301: | ||
</code> | </code> | ||
- | ==== Настойка Ubuntu (iptables) ==== | + | === Настойка Ubuntu (iptables) === |
+ | [[Сервис NAT]] | ||
<code> | <code> | ||
root@gate:~# iptables -t nat -A PREROUTING -i eth0 -p tcp -s 192.168.X.0/24 --dport 80 -j REDIRECT --to-port 3128 | root@gate:~# iptables -t nat -A PREROUTING -i eth0 -p tcp -s 192.168.X.0/24 --dport 80 -j REDIRECT --to-port 3128 | ||
</code> | </code> | ||
- | ==== Мониторинг ==== | + | === Мониторинг === |
<code> | <code> | ||
gate# tail -f access.log | gate# tail -f access.log | ||
</code> | </code> | ||
+ | ==== С использованием групповых политик ==== | ||
+ | |||
+ | [[Основы Windows]] |