代理服务器、CDN
     分类:环境搭建     有: 0 条评论

代理服务器、CDN

     分类:环境搭建     有: 0 条评论

Squid搭建http代理服务器

一键脚本

支持Centos和Ubuntu

#!/bin/bash
# squid安装脚本

# 代理服务器账户
proxy_user='myproxy'
proxy_passwd='N2PYOnRDk5gKInqQ'
proxy_port=3100



init_sys(){
    echo 'init system !'
    if [ "${PM}" == 'yum' ]; then
        # 关闭SELinux
        setenforce 0
        sed -i "s/^SELINUX=enforcing/SELINUX=disabled/g" /etc/sysconfig/selinux
        sed -i "s/^SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
        sed -i "s/^SELINUX=permissive/SELINUX=disabled/g" /etc/sysconfig/selinux
        sed -i "s/^SELINUX=permissive/SELINUX=disabled/g" /etc/selinux/config
        # 开启包转发
        echo 1 > /proc/sys/net/ipv4/ip_forward
        echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf
    fi
    if [ "${PM}" == 'apt' ]; then
        # 开启包转发
        echo 1 > /proc/sys/net/ipv4/ip_forward
        echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf
    fi
}



yum_squid(){
    echo 'start install squid !'
    yum install squid httpd-tools -y
    # 修改配置
    echo 'auth_param basic program /usr/lib64/squid/basic_ncsa_auth /etc/squid/passwords' >> /etc/squid/squid.conf
    echo 'auth_param basic realm proxy' >> /etc/squid/squid.conf
    echo 'acl authenticated proxy_auth REQUIRED' >> /etc/squid/squid.conf
    echo 'http_access allow authenticated' >> /etc/squid/squid.conf   # 允许所有认证通过的客户端
    sed -i "s/http_port 3128/http_port ${proxy_port}/g" /etc/squid/squid.conf
    sed -i "s/http_access deny all/#http_access deny all/g" /etc/squid/squid.conf
    # 高匿设置
    echo 'request_header_access Via deny all' >> /etc/squid/squid.conf
    echo 'request_header_access X-Forwarded-For deny all' >> /etc/squid/squid.conf
    # 生成密钥
    htpasswd -bc  /etc/squid/passwords ${proxy_user} ${proxy_passwd}
    chmod o+r /etc/squid/passwords
    systemctl enable squid
    systemctl restart squid
}



apt_squid(){
    echo 'start install squid !'
    apt-get update -y && apt-get install squid apache2-utils -y
    # 修改配置
    echo 'auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/passwords' >> /etc/squid/squid.conf
    echo 'auth_param basic realm proxy' >> /etc/squid/squid.conf
    echo 'acl authenticated proxy_auth REQUIRED' >> /etc/squid/squid.conf
    echo 'http_access allow authenticated' >> /etc/squid/squid.conf   # 允许所有认证通过的客户端
    sed -i "s/http_port 3128/http_port ${proxy_port}/g" /etc/squid/squid.conf
    sed -i "s/http_access deny all/#http_access deny all/g" /etc/squid/squid.conf
    # 高匿设置
    echo 'request_header_access Via deny all' >> /etc/squid/squid.conf
    echo 'request_header_access X-Forwarded-For deny all' >> /etc/squid/squid.conf
    # 生成密钥
    htpasswd -bc  /etc/squid/passwords ${proxy_user} ${proxy_passwd}
    chmod o+r /etc/squid/passwords
    service squid enable
    service squid restart
}




# 系统判断
if [ -e "/usr/bin/yum" ]; then
  PM=yum
  init_sys
  yum_squid
fi
if [ -e "/usr/bin/apt-get" ]; then
  PM=apt
  init_sys
  apt_squid
fi

参考:https://github.com/osof/awesome-proxy/blob/master/script-sh/squid.sh


Centos 7 搭建

这里使用了centos7自带的squid代理软件

yum install squid httpd-tools -y

# 用户名密码认证
htpasswd -bc  /etc/squid/passwords [用户名] [密码]
chmod o+r /etc/squid/passwords

# ----------------------------------------------------------
vim /etc/squid/squid.conf

#配置用户名密码,后面会生成passwords文件
auth_param basic program /usr/lib64/squid/basic_ncsa_auth /etc/squid/passwords
auth_param basic realm proxy
acl authenticated proxy_auth REQUIRED #添加IP白名单(通过认证的都接受)
http_access allow authenticated
# http_access deny all # 这一句注释掉
# 高匿设置  https://www.cnblogs.com/vijayfly/p/5800038.html
request_header_access Via deny all
request_header_access X-Forwarded-For deny all

#这里是端口号,可以按需修改,同时监听ipv6和ipv4的端口
http_port 0.0.0.0:3128


# ----------------------------------------------------------
检查squid配置是否正确(如果有错误,会显示错误内容,按相应的改就行。)
squid -z parse


# 修改最大文件打开数
ulimit -n # 查看当前值
1024
ulimit -n 20480 # 快速生效,重启会还原
echo "ulimit -n 20480" >> /etc/rc.local # 写入配置文件


开启squid服务
systemctl start squid
systemctl status squid
systemctl stop firewalld 或者放行端口


squid的日志文件:/var/log/squid/access.log

参考资料:
https://blog.csdn.net/qingfengxulai/article/details/80853870
https://blog.csdn.net/a519395243/article/details/82463637
https://blog.csdn.net/Qwertyuiop2016/article/details/90183014


Squid用于CDN加速网站

没有深入研究,参考以下网站:
注意:目前有两种版本,squid2.7以下的是c语言写的,目前大厂用的还是这个版本;yum源最新的是squid3.5,从2.7以上是c++重构的,稳定性有待验证。

squid代理与缓存实践(一):https://www.cnblogs.com/chensiqiqi/p/9162967.html
Squid缓存服务器(缓存机制、代理模式、ACL访问控制、squid用户认证功能等):https://blog.51cto.com/13721050/2177880
利用 squid 反向代理提高网站性能:https://www.ibm.com/developerworks/cn/linux/l-cn-squid/index.html
配置squid代理服务器加快网站访问速度:https://www.linuxidc.com/Linux/2017-05/143460.htm
squid搭建CDN加速网络缓存服务器:https://blog.csdn.net/weixin_43314056/article/details/84781489
squid缓存php动态文件:http://blog.haohtml.com/archives/10591
Squid中文权威指南(各种参数配置):http://www.netpc.com.cn/doc/squid/chap07.html



检测代理

#!/usr/bin/env python3
# -*-coding:utf-8-*-
# @Autuor : LeoLan  mail:842632422@qq.com
# @Version: Python 3
#

import os
from urllib import request

# 代理服务器账户
proxy_host = '114.115.166.201'
proxy_user = 'myproxy'
proxy_passwd = 'N2PYOnRDk5gKInqQ'
proxy_port = 3100


def test_porxy():
    # 访问网址
    url = 'http://members.3322.org/dyndns/getip'
    # 这是代理IP
    proxy = {'http': f'http://{proxy_user}:{proxy_passwd}@{proxy_host}:{proxy_port}'}
    # 创建ProxyHandler
    proxy_support = request.ProxyHandler(proxy)
    # 创建Opener
    opener = request.build_opener(proxy_support)
    # 添加User Angent
    opener.addheaders = [('User-Agent',
                          'Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36')]
    # 安装OPener
    request.install_opener(opener)
    # 使用自己安装好的Opener
    response = request.urlopen(url, timeout=5)
    # 读取相应信息并解码
    html = response.read().decode("utf-8")
    # 打印信息
    print("代理IP为:", html)
    # 打印本机IP
    print('本机外网IP为:', os.popen('curl http://members.3322.org/dyndns/getip').read())


if __name__ == '__main__':
    test_porxy()

4G代理

Docker竟然还能这么玩?商业级4G代理搭建实战!:https://mp.weixin.qq.com/s/YHLko6nw3AcPEaU_H15esQ

(●゚ω゚●)