Yadda ake Saita Squid Proxy Server akan Ubuntu da Debian
Squid shine sanannen caching da tura uwar garken gidan yanar gizo na HTTP yayi amfani da kamfanoni da yawa don adana shafukan yanar gizo daga sabar yanar gizo don inganta saurin sabar gidan yanar gizo, rage lokutan amsawa da rage amfani da bandwidth na cibiyar sadarwa.
A cikin wannan labarin, za mu yi bayanin yadda ake shigar da sabar wakili na squid akan rarrabawar Ubuntu da Debian kuma muyi amfani da shi azaman sabar wakili na HTTP.
Yadda ake Sanya Squid akan Ubuntu
Kafin mu fara, ya kamata ku sani cewa uwar garken Squid ba ta da wasu buƙatu, amma adadin amfani da RAM na iya bambanta dangane da abokan cinikin da ke bincika intanet ta hanyar sabar wakili.
Akwai fakitin squid don shigarwa daga tushen tushen ajiyar Ubuntu, amma kafin hakan tabbatar da sabunta fakitin ku ta gudana.
$ sudo apt update
Da zarar fakitin ku sun cika, zaku iya ci gaba don shigar da squid kuma ku fara kunna shi akan farawa tsarin ta amfani da bin umarni.
$ sudo apt -y install squid $ sudo systemctl start squid $ sudo systemctl enable squid
A wannan lokaci ya kamata wakilin yanar gizon ku na Squid ya rigaya yana gudana kuma kuna iya tabbatar da matsayin sabis ɗin tare da.
$ sudo systemctl status squid
● squid.service - LSB: Squid HTTP Proxy version 3.x
Loaded: loaded (/etc/init.d/squid; generated)
Active: active (running) since Tue 2018-12-04 06:42:43 UTC; 14min ago
Docs: man:systemd-sysv-generator(8)
Tasks: 4 (limit: 1717)
CGroup: /system.slice/squid.service
├─2761 /usr/sbin/squid -YC -f /etc/squid/squid.conf
├─2766 (squid-1) -YC -f /etc/squid/squid.conf
├─2768 (logfile-daemon) /var/log/squid/access.log
└─2772 (pinger)
Dec 04 06:42:43 tecmint systemd[1]: Starting LSB: Squid HTTP Proxy version 3.x...
Dec 04 06:42:43 tecmint squid[2708]: * Starting Squid HTTP Proxy squid
Dec 04 06:42:43 tecmint squid[2708]: ...done.
Dec 04 06:42:43 tecmint systemd[1]: Started LSB: Squid HTTP Proxy version 3.x.
Dec 04 06:42:43 tecmint squid[2761]: Squid Parent: will start 1 kids
Dec 04 06:42:43 tecmint squid[2761]: Squid Parent: (squid-1) process 2766 started
Wadannan sune mahimman wuraren fayil ɗin squid ya kamata ku sani:
- Fayil ɗin sanyi na Squid: /etc/squid/squid.conf
- Squid Access log: /var/log/squid/access.log
- Squid Cache log: /var/log/squid/cache.log
Fayil ɗin daidaitawa na asali yana ƙunshe da wasu ƙa'idodin daidaitawa waɗanda ke buƙatar saita su don shafar halayen Squid.
Yanzu buɗe wannan fayil ɗin don gyara ta amfani da editan Vi kuma kuyi canje-canje kamar yadda aka nuna a ƙasa.
$ sudo vim /etc/squid/squid.conf
Yanzu, zaku iya bincika game da waɗannan layukan kuma ku canza su kamar yadda aka buƙata, a cikin editan Vi, kuna iya bincika waɗannan layin ta hanyar buga 'ESC' da buga maɓallin \/ don rubuta takamaiman. layukan nema.
- http_port : Wannan ita ce tsohuwar tashar jiragen ruwa na uwar garken wakili na HTTP, ta tsohuwa ita ce 3128, kuna iya canza ta zuwa kowace tashar da kuke so, kuna iya ƙarawa \transparent alama zuwa ƙarshen layi kamar http_port 8888 a bayyane don sanya Squid proxy yayi aiki kamar wakili na gaskiya idan kuna so.
- http_access deny all : Wannan layin ba zai bari kowa ya isa ga uwar garken wakili na HTTP ba, shi ya sa kuke buƙatar canza shi zuwa http_access ya ba kowa damar fara amfani da sabar proxy na Squid.
- visible_hostname : Ana amfani da wannan umarnin don saita takamaiman sunan mai masauki zuwa uwar garken squid. Kuna iya ba kowane sunan masauki ga squid.
Bayan yin canje-canje na sama, zaku iya sake kunna uwar garken wakili na Squid ta amfani da umarnin.
$ sudo systemctl restart squid
Yana saita Squid azaman wakili na HTTP akan Ubuntu
A cikin wannan sashin daidaitawar squid, za mu bayyana muku yadda ake saita squid azaman wakili na HTTP ta amfani da adireshin IP na abokin ciniki kawai don tantancewa.
Idan kuna son ba da damar adireshin IP ɗaya kawai don samun damar intanet ta sabon sabar wakili, kuna buƙatar ayyana sabon acl (jerin sarrafawar shiga) a cikin fayil ɗin sanyi.
$ sudo vim /etc/squid/squid.conf
Dokar acl yakamata ku ƙara ita ce:
acl localnet src XX.XX.XX.XX
Inda XX.XX.XX.XX shine adireshin IP na injin abokin ciniki. Ya kamata a ƙara wannan acl a farkon sashin ACL kamar yadda aka nuna a hoton da ke gaba.
Kullum yana da kyau a ayyana sharhi kusa da ACL wanda zai bayyana wanda ke amfani da wannan adireshin IP, misali.
acl localnet src 192.168.0.102 # Boss IP address
Kuna buƙatar sake kunna sabis na Squid don ɗaukar sabbin canje-canje zuwa aiki.
$ sudo systemctl restart squid
Ta hanyar tsoho, wasu tashoshin jiragen ruwa ne kawai ake yarda a cikin tsarin squid, idan kuna son ƙara ƙarin kawai ayyana su a cikin fayil ɗin sanyi kamar yadda aka nuna.
acl Safe_ports port XXX
Inda XXX shine lambar tashar tashar da kuke son izini. Har ila yau yana da kyau a bayyana sharhi kusa da acl wanda zai bayyana abin da za a yi amfani da tashar jiragen ruwa.
Don canje-canjen suyi tasiri, kuna buƙatar sake kunna squid sau ɗaya.
$ sudo systemctl restart squid
Don ba da damar masu amfani su tantance kafin amfani da wakili, kuna buƙatar kunna ingantaccen ingantaccen http a cikin fayil ɗin sanyi, amma kafin haka kuna buƙatar shigar da kunshin apache2-utils ta amfani da bin umarni.
$ sudo apt install apache2-utils
Yanzu ƙirƙirar fayil mai suna passwd wanda daga baya zai adana sunan mai amfani don tantancewa. Squid yana gudana tare da mai amfani \wakili don haka ya kamata fayil ɗin ya zama mallakin mai amfani.
$ sudo touch /etc/squid/passwd $ sudo chown proxy: /etc/squid/passwd $ ls -l /etc/squid/passwd
Yanzu za mu ƙirƙiri sabon mai amfani mai suna \tecmint kuma mu saita kalmar wucewa.
$ sudo htpasswd /etc/squid/passwd tecmint New password: Re-type new password: Adding password for user tecmint
Yanzu don kunna ainihin ƙimar http buɗe fayil ɗin sanyi.
$ sudo vim /etc/squid/squid.conf
Bayan tashar jiragen ruwa ACLs suna ƙara layin masu zuwa:
auth_param basic program /usr/lib64/squid/basic_ncsa_auth /etc/squid/passwd auth_param basic children 5 auth_param basic realm Squid Basic Authentication auth_param basic credentialsttl 2 hours acl auth_users proxy_auth REQUIRED http_access allow auth_users
Ajiye fayil ɗin kuma sake kunna squid domin sabbin canje-canje su yi tasiri:
$ sudo systemctl restart squid
Don toshe hanyar shiga gidan yanar gizon da ba'a so, fara ƙirƙirar fayil mai suna blacklisted_sites.acl wanda zai adana rukunin yanar gizon da ba a so.
$ sudo touch /etc/squid/blacklisted_sites.acl
Yanzu ƙara gidajen yanar gizon da kuke son toshe shiga, misali.
.badsite1.com .badsite2.com
Dot ɗin ci gaba yana sanar da squid don toshe duk nassoshi ga waɗannan rukunin yanar gizon da suka haɗa da www.badsite1, subsite.badsite1.com da sauransu.
Yanzu buɗe fayil ɗin sanyi na Squid.
$ sudo vim /etc/squid/squid.conf
Bayan bayanan ACL na sama suna ƙara layi biyu masu zuwa:
acl bad_urls dstdomain "/etc/squid/blacklisted_sites.acl" http_access deny bad_urls
Yanzu ajiye fayil ɗin kuma sake kunna squid:
$ sudo systemctl restart squid
Don toshe jerin kalmomin shiga, da farko ƙirƙirar fayil mai suna blockkeywords.lst wanda zai adana kalmomin da aka baƙaƙe a ciki.
$ sudo touch /etc/squid/blockkeywords.lst
Yanzu ƙara mahimman kalmomin da kuke son toshe shiga, misali.
facebook instagram gmail
Yanzu buɗe fayil ɗin sanyi na Squid kuma ƙara ƙa'ida mai zuwa.
acl blockkeywordlist url_regex "/etc/squid/blockkeywords.lst" http_access deny blockkeywordlist
Yanzu ajiye fayil ɗin kuma sake kunna squid:
$ sudo systemctl restart squid
Da zarar an daidaita komai daidai, yanzu zaku iya saita mai binciken gidan yanar gizon abokin ciniki na gida ko saitunan cibiyar sadarwar tsarin aiki don amfani da sabon squid HTTP wakili na ku.
Sanya Abokin Ciniki don Amfani da Wakilin Squid
Yanzu don gwada cewa uwar garken wakili na aiki ko a'a, zaku iya buɗe Firefox kuma je zuwa Shirya -> Preferences -> Na ci gaba -> Network -> Saituna kuma zaɓi Configument Proxy Configuration sannan shigar da adireshin IP na wakili na uwar garken da Port to. a yi amfani da shi don duk haɗin kai kamar haka.
Da zarar kun cika duk bayanan wakili da ake buƙata, zaku iya shiga yanar gizo ta amfani da uwar garken wakili na Squid, kuna iya yin abu iri ɗaya a cikin kowane mai bincike ko shirin da kuke so.
Don tabbatar da cewa kuna hawan yanar gizo ta amfani da uwar garken wakili, zaku iya ziyartar http://www.ipaddresslocation.org/, a saman kusurwar dama dole ne ku ga adireshin IP iri ɗaya da adireshin IP ɗin sabar ku.
Don ƙarin saitunan daidaitawa, zaku iya bincika takaddun squid na hukuma. Idan kuna da tambayoyi ko sharhi, da fatan za a ƙara su a cikin sashin sharhin da ke ƙasa.