User Tools
автоматизация_использования_squid
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Last revision Both sides next revision | ||
|
автоматизация_использования_squid [2014/02/20 17:23] val [С использованием WPAD (Web Proxy Auto-Discovery)] |
автоматизация_использования_squid [2023/03/20 08:46] val [С использованием WPAD (Web Proxy Auto-Discovery)] |
||
|---|---|---|---|
| Line 2: | Line 2: | ||
| ===== Автонастройка клиентов ===== | ===== Автонастройка клиентов ===== | ||
| + | |||
| + | ==== Proxy Auto-Configuration ==== | ||
| + | |||
| + | * [[https://developer.mozilla.org/en-US/docs/Web/HTTP/Proxy_servers_and_tunneling/Proxy_Auto-Configuration_PAC_file|Proxy Auto-Configuration (PAC) file]] | ||
| + | * [[https://habr.com/ru/company/icl_services/blog/328316/|Десять примеров того, как не нужно писать PAC-файлы]] | ||
| + | |||
| ==== С использованием WPAD (Web Proxy Auto-Discovery) ==== | ==== С использованием WPAD (Web Proxy Auto-Discovery) ==== | ||
| Line 7: | Line 13: | ||
| !!! Необходимо настроить в браузере "Автоматическое определение параметров прокси" | !!! Необходимо настроить в браузере "Автоматическое определение параметров прокси" | ||
| - | * [[http://technet.microsoft.com/ru-ru/library/cc817412.aspx]] | + | * [[http://technet.microsoft.com/ru-ru/library/cc817412.aspx|JavaScript and JScript Auto-proxy Example Files]] |
| + | * [[https://www.alexandreviot.net/2015/01/03/dns-remove-wpad-filtering/|DNS – Remove WPAD Filtering]] | ||
| <code> | <code> | ||
| - | # cat corpX.un | + | dnscmd /config /enableglobalqueryblocklist 0 |
| + | </code> | ||
| + | |||
| + | <code> | ||
| + | # cat /etc/bind/corpX.un | ||
| </code><code> | </code><code> | ||
| - | wpad A 192.168.X.1 | + | wpad A 192.168.X.10 |
| - | proxy A 192.168.X.1 | + | ;wpad A 192.168.X.1 ;GSSAPI |
| + | |||
| + | proxy A 172.16.1.X | ||
| </code><code> | </code><code> | ||
| - | # cat /WWWDIR/wpad.dat | + | # cat /var/www/html/wpad.dat |
| </code><code> | </code><code> | ||
| - | function FindProxyForURL(url,host) | + | function FindProxyForURL(url,host) { |
| - | { | + | if (shExpMatch(host, "*corpX.un")) return "DIRECT"; |
| - | + | else if (dnsDomainIs(host,"isp.un")) return "DIRECT"; | |
| - | if (shExpMatch(host, "*.rbc.ru")) | + | |
| - | return "HTTPS proxy.corpX.un:8080"; | + | |
| - | else if (shExpMatch(host, "*.eurosport.ru")) | + | |
| - | return "PROXY proxy.corpX.un:3128"; | + | |
| else | else | ||
| - | return "DIRECT"; | + | // return "HTTPS proxy.corpX.un:8080"; |
| + | // return "PROXY proxy.corpX.un:3128"; | ||
| + | // return "PROXY gate.corpX.un:3128"; //GSSAPI | ||
| } | } | ||
| </code> | </code> | ||
| Line 35: | Line 45: | ||
| ===== Transparent proxy ===== | ===== Transparent proxy ===== | ||
| + | * Устарело, не работает для https | ||
| ==== Настойка SQUID ==== | ==== Настойка SQUID ==== | ||
| <code> | <code> | ||
| Line 40: | Line 51: | ||
| </code><code> | </code><code> | ||
| ... | ... | ||
| - | http_port 3128 transparent | + | http_port 8888 transparent |
| + | http_port 3128 | ||
| ... | ... | ||
| </code><code> | </code><code> | ||
| Line 50: | Line 62: | ||
| ==== Настойка FreeBSD (pf) ==== | ==== Настойка FreeBSD (pf) ==== | ||
| <code> | <code> | ||
| + | [gate:~] # cat /var/db/ports/www_squid/options | ||
| + | </code><code> | ||
| + | ... | ||
| + | OPTIONS_FILE_SET+=TP_PF | ||
| + | ... | ||
| + | </code><code> | ||
| + | [gate:~] # cat /etc/devfs.conf | ||
| + | </code><code> | ||
| + | ... | ||
| + | perm pf 0644 | ||
| + | </code><code> | ||
| [gate:~] # cat /etc/pf.conf | [gate:~] # cat /etc/pf.conf | ||
| </code><code> | </code><code> | ||
| ... | ... | ||
| - | rdr proto tcp from 192.168.100+X/24 to any port 80 -> 127.0.0.1 port 3128 | + | rdr proto tcp from $pppoe_corp_net to any port 80 -> 127.0.0.1 port 8888 |
| ... | ... | ||
| </code><code> | </code><code> | ||
| Line 62: | Line 85: | ||
| [[Сервис NAT]] | [[Сервис NAT]] | ||
| <code> | <code> | ||
| - | root@gate:~# iptables -t nat -A PREROUTING -p tcp -s 192.168.100+X.0/24 --dport 80 -j REDIRECT --to-port 3128 | + | root@gate:~# iptables -t nat -A PREROUTING -p tcp -s 192.168.100+X.0/24 --dport 80 -j REDIRECT --to-port 8888 |
| </code> | </code> | ||
автоматизация_использования_squid.txt · Last modified: 2023/03/20 10:03 by val
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
