转到内容


照片

FREEBSD中使用SQUID代理HTTPS

freebsd squid

  • 请先登录再回复
这个主题当前没有回复

#1 Jamers

Jamers

    管理员

  • 论坛管理员
  • 226 帖子
  • 呼号:BI4TSQ

发表于 2018-09-15 12:32

代理,我要代理

cd /usr/ports/www/squid
make install clean
#要身份验证,把mysql模块选上

cd /usr/ports/databases/p5-DBD-mysql/
make install clean
#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
#
visible_hostname localhost
auth_param basic program /usr/local/libexec/squid/basic_db_auth \
    --dsn "DBI:mysql:host=localhost;port=3306;database=squid" \
    --user squid --password squid --plaintext --persist

auth_param basic children 5
auth_param basic realm Web-Proxy
auth_param basic credentialsttl 1 minute
auth_param basic casesensitive off

acl db-auth proxy_auth REQUIRED
http_access allow db-auth

#http_port 3128
https_port 443 cert=/etc/ssl/squid.crt key=/etc/ssl/squid.key


request_header_access Via deny all
request_header_access X-Forwarded-For deny all
request_header_access All allow all
reply_header_access Server deny all
reply_header_access X-Cache deny all
reply_header_access X-Cache-Lookup deny all
reply_header_access Warning deny all
reply_header_access Expires deny all
reply_header_access Cache-Control deny all
reply_header_access age deny all
#证书最好用正式签发的,因为访问代理服务器的时候需要使用与证书一致的域名进行访问

cd /etc/ssl
openssl req -new -sha256 -keyout squid.key -nodes -x509 -days 3650 -out squid.crt


openssl req -new -sha512 > squid.csr
密码:qqbx.cn
openssl rsa -in privkey.pem -out squid.key
openssl x509 -in squid.csr -out squid.crt -req -signkey squid.key -days 3650






同时将以下关键词作为标签:freebsd, squid

0 用户正在浏览这个主题

0 会员,0 游客,0 隐身会员