Escolar Documentos
Profissional Documentos
Cultura Documentos
(“O Procurador”)
192.168.0.254
eth0
Internet
Rede LAN:
192.168.0.0/24
O Serviço Proxy
http
https
ftp
gopher
socks
O Serviço Proxy – Porta TCP
3128
ou
8080
Proxy – Exemplo de Funcionamento
3128 tcp
Internet
O Serviço Proxy x “Compartilhamento de
Conexão”
PROXY não é o mesmo do que NAT
http://www.microsoft.com/isaserver/
Outros Fabricantes
Ex: Wingate (http://www.wingate.com)
Servidor Proxy – Plataforma Gnu/Linux
SQUID – http://www.squid.org
Linux
FreeBSD
NetBSD
OpenBSD
BSDI
Mac OS/X
OSF/Digital Unix/Tru64
IRIX
SunOS/Solaris
NeXTStep
SCO Unix
AIX
HP-UX
[Compiling#building_squid_on_os_2 OS/2]
SQUID – Serviço Proxy no
GNU/Linux
http://www.squid-cache.org
SQUID no Debian Linux 4.0
squid 2.6.5-6etch1
# squid –z
# squid –k rotate
# squid –f /root/novoarquivodeconfiguração.conf
squid --help
Usage: squid [-dhsvzCDFNRVYX] [-f config-file] [-[au] port] [-k signal]
-a port Specify HTTP port number (default: 3128).
-d level Write debugging to stderr also.
-f file Use given config-file instead of
/etc/squid/squid.conf
-h Print help message.
-k reconfigure|rotate|shutdown|interrupt|kill|debug|check|parse
Parse configuration file, then send signal to
running copy (except -k parse) and exit.
-s Enable logging to syslog.
-u port Specify ICP port number (default: 3130), disable with 0.
-v Print version.
-z Create swap directories
-C Do not catch fatal signals.
-D Disable initial DNS tests.
-F Don't serve any requests until store is rebuilt.
-N No daemon mode.
-R Do not set REUSEADDR on port.
-S Double-check swap during rebuild.
-V Virtual host httpd-accelerator.
-X Force full debugging.
-Y Only return UDP_HIT or UDP_MISS_NOFETCH during fast reload.
Exemplo de “squid.conf”
parte 1
coredump_dir /var/cache/squid
http_port 3128
cache_mgr email@administrador.com.br
request_body_max_size 45 MB
request_header_max_size 10000 KB
ie_refresh on
cache_mem 100 MB
cache_dir ufs /var/log/squid/squid 300 32 256
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
################################
# Define ACL's #
################################
acl all src 0.0.0.0/0.0.0.0
acl Deny_ports port 563 666 1146 1224 1161 1204 1225 1214 1414 1126 1137 2764 2646 1335 1165 1755 1167 3716 3676 1072 1070
acl redeuna src 10.0.0.0/255.0.0.0
acl download_files urlpath_regex \.asf$ \.arj$ \.bzip$ \.ace$ \.iso$ \.adt$ \.cbt$ \.cla$ \.com$ \.cpl$ \.csc$ \.dot$ \.drv$ \.lha$ \.lzh$ \.mso$
\.ov?$ \.pot$ \.sys$ \.mp3$ \.asf$ \.wma$ \.wmf$ \.wmf$ \.ttf$ \.scr$ \.mp3$ \.mpeg$ \.avi$
#######################################################[
Exemplo de “squid.conf”
parte 2
###### APLICANDO ACL's ##################################
#
httpd_accel_with_proxy on
httpd_accel_port 80 3128
httpd_accel_port 80
httpd_accel_host virtual