Proxy Server And Squid

Uploaded by: Mr. Kaison Nasawat
0
0

May 2020
PDF

This document was uploaded by user and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this DMCA report form. Report DMCA

Overview

Download & View Proxy Server And Squid as PDF for free.

More details

Words: 3,202
Pages: 37

Preview
Full text

19

4. Proxy Server and Squid 4.1.1 Proxy Server ก!! "# ! $% &%'()$*% % + ก( ก'ก , ก )ก' !&

% +ก'ก )-'. "#!ก % $ ) , )'( "# ') $!/ก ก 0&+1ก " !213 ก+ )ก) + ) ) , './&ก(+ ) ' "#

ก NAT (Network Address Translation) $ ก( Proxy Service )) ก' % +' ก)ก ก % +' ก + !KKL &" ก + ก% ) !/ก ($%)2 .& ก+ !! %ก+ ก%MM"กL %กNL ก+ % " !213ก + $ก "#ก$K '( "#+ IP Address ' % ก + /) ก ' %M + ! Leased Line % + "#M"กL + / "#ก %กก'' +Q Dial up $ก ADSL % + )M"กL " 1 IP Sharer ก 33 %) ก) )ก+ )ก + ' .& ก'()0&+ % " 1ก ก+ !&

'ก )2+ !KKL'(ก '()ก+ก $ ก($) ) V%0&+ % ก %% '.'( "#$)2ก' " $ก++ !!$ก!M )2ก $.' + )$ก" 1 Web Service ก ก+ Proxy Server Proxy Server $/.M"กL ก+ก ( request ) 'ก

%&ก ก Q" ก )) - $ Q" ก FTP Client %)! 0 ก " -\ )"% Proxy Server '. " !)

%&ก & 1 % "#)ก% $) 1ก 1ก Q

20

1 $/&กก($$0+ ก กก")ก0&ก

+ Firewall Proxy ($กN)"%1$ ก "# 4.1.2 Squid "_ก%Mก- Q" ก Proxy Server " !213!&ก Squid -. "# Q" ก" 1 Proxy Caching Server !($ก$ก Web Caching Service ' (ก'ก %&ก % ! 0 " -\ )"% $ ! &% , 0 ' /&ก!( ก)$ ))'( + % !ก ก&%-(ก ' !/(&% +$ก) )ก) ก " -\ ) Q + )$%ก++ !!&%% ก'ก Squid ML! "# Firewall Proxy ก) ก Squid "# 3 Web Only Cache $/. ' (กQ"Q% HTTP Q V3 ' !/ +&%'กQ"Q% , + RealAudio $ FTP ก )กL FTP (QQ"Q% HTTP -. 3! ) % !($Q"Q% SSL %) Squid !/(ก +กก ก+ !&

)-+ SSL +

)-ก %\ , '. "dK$ Proxy Sever ($กก 3ก ก' ' ก&%ก -!) $ ))'( Qe!ก Proxy )' ก) 'ก' "#ก 31 $ก -\ )ก 'ก Proxy ' ($ "#)ก% $) Q%% ) % &%Mก ' 0 Proxy ! "#ก '. !& + $ ))'( )' (ก) 256 MB / "# Proxy !($Q ก -!&%!&' +/. 512 MB ก'ก+3) e!ก ก (ก) 500 MB$/ "#Qe! ก+ก ' +/. 10 GB " L 5 $ ) "#

21

4.1.3 Proxy Server

&%& $ ))'( + Proxy Sever ' $ก ก&% %

ก"#ก$%&#'&()*+*,-./-&$0 กL! &% Proxy Server Proxy Server ก $%'ก&% %)/.! $Qe!&% ' $) ก(Mก 0 Proxy Server

22

1&234&,&#'&()*+*,-./-&$0/5 4.1.4 04&6')5' Proxy Server Q) Proxy Server %)' $/.Q&%!/($ Qe!

ก&% กก (ก% )0%$% + "#ก%ก+ )% + + $) Q%% ) % -\ )0&+ก $ $) -\ ) 0&+ก % ก'ก 'ก&%$ ))'( Proxy ( $ก -!&%( ).

ก1523&6, Proxy Server 4.1.5 ก68 69: (%/*;<ก Squid !($Q" ก Cent OS ' Q" ก Squid 3 %) (ก Cent OS Server $ Custom ' !/ %ก$ Squid $ก )ก ' !/ 3 " Q'ก-+M Cent OS mount/mnt/cdrom rpm Bivh $%'กQ" ก %) !/)'!กก% ))(! rpm Bqa squid

23

9:*6*#3 1 ก)'!ก squid )(! rpm mqa |grep squid

(!)'!ก squid 0%%32 ก %)

9:*6*#3 2 ก)'!ก($ก +Q" -! squid )(! ps mef |grep squid

24

(!)'!ก($ ก +Q" -! squid

0%%32

9:*6*#3 3 ก ก\%\qก squid Q+(! vi "( $ \%\qก+\% /etc/squid/squid.conf

(!ก "ก ก\%\qก squid

25

9:*6*#3 4

"# !&" !&%squid.conf ก WELCOME TO SQUID 2 % % ,Q" ก

9:*6*#3 5 !K%กNL # & $!M 3 $squid (! ก' config ก!/% # ก Qกก($$ %3 http_port port ! + $) Cache server ก %&ก % ! &%0 HTTP Protocal +! )$K ' "# 8080 /

ก($ ' $ก3 3128

26

กก($$ %3 http_port ! + $) Cache server ก %&ก % ! &%0 HTTP Protocal

9:*6*#3 6 3 port 3130 %" 3 cache server + %ก&% $) ก 3130 "# z ก + ก Cache server

ก 3 port 3130 %" 3 cache server + %ก&% $) ก 3130 "# z ก + ก Cache server

27

9:*6*#3 7 cache_mem "#) "%+ก($ memory pool ) ก+ default 8 MB กQ 3) cache_mem )'() memory ก 50 MB Q)2ก()L 1000 MB e!ก' ก 10MB cache memory V

ก($3e!ก 9 5000MB '.ก($ cache memory "# 50MB ก memory ' "# %zz!' ก($$ "# 2n % ก% !M 64 MB ก($ memory pool ) ก+ default 8 MB ก 64 MB

28

9:*6*#3 8 ก($\%!&!M' ก cache squid /\%$K

กก) ก($ก' (ก' ก cache

ก($\%!&!M' ก cache

9:*6*#3 9 "#กก($3' ก cache squid Q 100 cache '

ก) $ ) "# MB ก+' '' )+ ) 1000 m 2000 ก /)" ก' ก cache ($" !213 /ก" ก' ($ก$ cache +% 16 '() directory + ก % 256 '() directory + 2 '() directory ' ก\% cache ' ! 16 x 256 directory directory ก\% cache ' ก 16x256 = 4096 directory

29

ก($3e!ก' ก cache 5000MB

9:*6*#3 10 "#กก($( $ ' ก log file client

ก($( $ '

ก log file

30

9:*6*#3 11 $ก ก+ก % ก! "% disk space !/' ก($$ squid ก log file ก Q ก cache_access_log /dev/null -.' ($ %ก(%ก ! 0%$ Q)( ).

31

/ ก! "% disk space !/ ก($$ squid

ก log file

9:*6*#3 12 ' "#ก ก - IP กM}" 3ก+ Q) %&ก & %! ก($$ 3 acl our_network src 10.0.18.0/24 -. "#%! +&

ก ก - IP กM}" 3ก+Q %&ก & %! ก($$

32

9:*6*#3 13 "#กMK$ , subnet !/ +ก proxy

กMK$ , subnet !/ + ก proxy

9:*6*#3 14 (ก Save $%'ก ก\% squid.conf %)Q+(! wq

(!ก Save

33

9:*6*#3 15 "#ก(! ก( squid !/+(! service squid restart $ ก restart Q!"( $ /etc/init.d/squid &" +(! service squid restart ก ก( squid

(! service squid restart ก ( squid

0% OK

&" +(! restart Q!"( $ /etc/init.d/squid

(! restart Q!"( $ /etc/init.d/squid

0% OK

34

59:*6*#3 16 $กก$ "_กL linux squid MกQQ (ก! $33(! chkconfig squid on $ " - system )(! system

(! squid MกQQ (ก!

4.1.6 ก969:/,1/23(ก,. (client) !($ %&ก ' +ก )0 Squid Proxy Server $ "qQ" ก Web Browser %)ก($$+0 Proxy Q+ 3 ! % 3 "# Squid "ก$ก ก" , Internet Explorer $ Browser ), + ก3 http:// ' "#3$ % 80 ก+ก3 http:// 'ก Proxy server )2ก" 9:*6*#3 1

"q ) -. %) %ก Tools %) %ก Internet Option 3 ""

35

9:*6*#3 2

" Internet Options %ก " Connections % %ก LAN Setting

36

9:*6*#3 3

+ $/&ก Use a proxy server for your LAN % " IP Address % $ %3 server ก($ % %ก OK

4.1.7 ก -*MN+( $ก1/23(ก,. กL %&ก ' ก&&% )- , proxy server ' (ก$&% e!ก) &%$ /ก' ! "$ %&ก / ก' "$&%'ก ! $ %&ก 3(!( ก) ก) Cache "/ %&ก

)-$ ก&%-(ก Proxy server ' (ก! &%'ก +"$Q ! )%")Q$%'ก '.&!.ก/.) )ก( 3 "#ก! &%ก )ก

37

ก -*MN+( /9:#3 1 ก)Q$% "#ก)Q$%+ )% 9 min 25 sec \% 16.3 MB ' $) "#ก)Q$%+ก ก 2 &" "

1/23(ก,. 0ก -*MN+( ก ก -*MN+( /9:#3 2 ก)Q$%' $) + )% )ก) ก$% 3 ) + )% 1 min 52 sec L &%\%+M )ก "# 3 ) &%)Q$% ก /&ก!( ก) server %) %&ก '.".&%'ก server ($ &!.ก) )

38

1/23(ก,. 0ก -*MN+( /9:#3 4.1.8 O Squid Proxy ก Set Up PROXY / CACHE SERVER Proxy/Cache Server ก+ 3 $%ก. 3 ก Proxy/ Cache Server % ก' + )ก" $" L !"ก + )'!! % ($0&+

ก& ). 'ก Proxy/Cache Server ' ($" &% %&ก ก

%&ก % ' " &% % ' ก!( &% $% ) ) / %&ก , &% $% ก Proxy/Cache Server ก' (&%& %)! $ก %&ก ก" $ $ก 0&+ก&%$ 'ก "# ) 3 ก ก!/ก"M RELOAD 'ก Browser +(9กก Proxy/Cache Server 1.) ก $) () Proxy ก Cache () Proxy !/.ก" $ ก) + ก " &%- (site) '$ %&ก %&ก ' " ' ($ "# Proxy Server

39

! )() Cache !/. ก(!( &% ก" %))ก) ก) +

" ก$ %&ก ) ' (!( ก)) 3) " ' " 'ก-'ก ก+"ก %) ' ก /&ก %)ก ' ก "# Proxy/Cache Server $ Proxy Caching Server 0%1Lก ก) Proxy $ Cache +() Cache Server ) Q" ก($ "# Cache Server + Squid, CERN Httpd, Harvest, NetCache, Microsoft Proxy % Netscape Proxy 2.Parent & Sibling Parent % Sibling "#ก M/.)!32-.ก % ก Cache Server % Q)!32! !/2 3. Hit % Miss () Hit ก Miss ' "#((/) &%& Cache Server $ + Hit % + Miss &% Hit $)) %&ก &% %)&%& Cache Server ! )&% Miss "#" Cache Server &%&

FTP Server ( File Transfer Protocol server) ก! )$K ' ก$ก FTP (File Transfer Protocol) . 3)! )ก ก( ก %ก "%&% -.Q" ก($3) !/$ก FTP !($ "_ก Linux / Unix & $%+ ) ' "# WU-FTP, ProFTP, $ BSD-FTP $. '()Q" ก+) VSFTP (http://vsftpd.beasts.org) -.)!/)"%1 % ) )ก(!& VSFTP'. "#ก %ก$.!($ก'( "#

-\ ) FTP % ก)"%1. VSFTP "#Q" ก FTP Server) % "%1 -.!/%) !0& Q'' /. -\ )Q0 + Q$) FTP ) - FTP , VSFTP ก

Red Hat,OpenBSD, % SuSE ก !/ SANS ก () VSFTP "# FTP )+

3 )"%1!&

40

4.2.1 /O"&968 VSFTP VSFTP "#Q" ก(&

$% (daemon) -. + )$3) $ก FTP Q VSFTP ' (& Linux / UNIX % ML! & 3 ) "%1 " !213) % ก'กML!, ก

"#

%ก)!/ก'ก virtual users %กก( (standalone / xinetd) ) !/'(ก"L&% (bandwidth) ก$ก) )"%1 VSFTP /&กก 3 ก'Mก3 3ก wuftpd,proftpd, % bsd-ftpd Qก ++0&+ root -.) !)"%1 ก'กก"ก"dK$$ ))'(% (buffer overflows) 4.2.2 %1](^ก8*)*8ก FTP 1. (^ก8* '-._')5'#3&#.,)*% (Real FTP)0&+ก' + K+0&+& '

-\ ) !/ "% " 2. (^ก8* '-._')5'#3&#.,)*%6,$0ก9 16 (Guest FTP) % ก Real FTP !/ "% "$ ก -\ )ก($ 3. (^ก8* '-._')5'#34&,&#.,)*% (Anonymous FTP) กก FTP "q !$ )Q%ก+ก "#" ' !K+0&+$)Q%ก '.ก($ $%ก Q++ anonymous ! )$!0 $ M "#&" e-mail address 4.2.3 ก68 69: vsftp 9:*6*#3 1 !($ CentOS ' Q" ก vsftp 3 %) (ก CentOS Server $ Custom ' !/ %ก$ vsftp $ก )ก ' !/

3 " Q'ก-+M CentOS )(! mount /dev/cdrom /mnt cd /mnt cd CentOS cd RPMS

41

rpm Bivh vsftpd-2.0.1-5.EL4.5.i386.rpm $%'กQ" ก %) !/)'!กก% ))(! rpm Bqa vsftp vsftpd-2.0.1-5.EL4.5 ก)'!ก vsftp )(! rpm mqa |grep vsftp

9:*6*#3 2 ก)'!ก($ก +Q" -! vsftpd )(! ps mef |grep vsftpd

9:*6*#3 3 'ก(ก ก+ FTP Q(ก "q service ก Q(! setup

42

9:*6*#3 4 $%'ก (ก+(! setup 3 %)' "ก13&"$ (ก %ก System Services ) Run Tool &"

%ก

9:*6*#3 5 $(ก %ก$) vsftpd Qก spacebar %) %ก OK &"

43 9:*6*#3 6 (ก!0&+$ Q+(! (! adduser Q(ก 0&++ test1 (! passwd Q(ก! $!0&+ test1 $! test1 &"

9:*6*#3 7 $ ( service Q+(! service vsftpd start &"

9:*6*#3 8

44 $ (ก% "Q+(! ftp ก $(ก check ip ก Q+(! ifconfig Q ก($$ ip 192.168.1.46 ก33 ftp 192.168.1.46 &"

'ก(ก! +) % 'กก$! password 4.2.7 ก*1;M'&()* windows ก)5' Dos 9:*6*#3 1 ก+ Dos !/+(! ftp ) IP Address Domain name

ก($ ip 192.168.1.46 ก+(! ftp 192.168.1.46 "ก$! + % $!0&+

ก! +0&+ test1 !)%"3ก$!0 ก($&" ก" C:\ ก

)2ก ftp> $33 by 9:*6*#3 2

45 "#ก upload ' +(! put 3Q$%\% bill.jpg ." % +(! pwd ก& ก ก' copy \% % +(! lcd ก %ก ก ' ก\% copy )

9:*6*#3 3

"#(ก)'!) \% bill.jpg /&ก upload ") server $ Q+(! ls-l 3&\%$ ก/home/test1 $

' $) \% bill.jpg /&ก3Q$%& /home/test %) 9:*6*#3 4 "#ก UPLOAD &%Q+(! mput +กLกupload $%,\% )Q+(! mput % + $ * ) + ก ) ' (กupload file c:james $ Q33 mput *.* % (ก"q Q$ก/)(! prompt

46

9:*6*#3 5 "#ก)'!) \%$/&ก! $Q+(! ls-l

9:*6*#3 6 "#ก copy \%'ก FTP Server Q+(! get ' "#(!+ก copy\%'ก FTP Server ก) ' copy \% ก) C:james '.

"% ก$ (Qก+(! get + ก\% ก-+ bill.jpg ก+ (! get bill.jpg

47

9:*6*#3 7 "#ก copy \%'ก FTP Server Q+(! mget +กLก Copy $%,\% )Q+(! mget % + $ * ) + ก ) ' (ก copyfile + bill.jpg , thai.bmp

9:*6*#3 8 "#ก%(ก "&) \% copy /&ก! $Q "& c:\james ' $) \% ก- bill.jpg , thai.bmp /&กQ$%

48

MRTG (Multi Router Traffic Graphic) MRTG "#Q" ก)'! % ' ก !/ ( )ก Q" ก Open Source , + net m snmp ())"Lก+ 3! $Q"Q% snmp) crontab () )%$ MRTG !M &%+ ) )%ก($ + Mก, 5 ) Apache ( "#)( !&% ก\ ) -) % MRTG ' +Q"Q% SNMP ก() SNMP Protocols SNMP (Simple Network Management Protocol) "#Q"Q%!($)M % )'!M"กL (& 33% + % Q! TCP/IP Q V3 M"กL + layer 3 Switch , Router % Firewall ' +Q"Q% SNMP ก( Admin !/)'!) $"dK$ ) ก"dK$! ) % ก"dK$'M กก Q"Q%. 2 )+ SNMP.1 % SNMP.2 "_ก Linux Red Hat !!MQ"Q% SNMP 3+ก $ & \qก! , () ก0 Linux Red Hat "# Gateway $ Router) ก0* MRTG Q" ก MRTG ' ( )กQ"Q% SNMP Q* Agent ก &)

"% "% ก) !/ ก(ก "# 2 ! ))ก SNMP Server % MRTG Server

49 SNMP Server $/.M"กL )ก (Hub , Layer 3 Switch , Router % Firewall) $ 3) SNMP Service ) % )!/)'!!/กL ( )ก)M"กL )ก) (ก)'!"Lก) ก &% Q+Q"Q% SNMP ($ "# Network Management Server MRTG Server $/. 3) Q" ก MRTG ) MRTG ' "q+% 24 +)Q !/' + "# Linux client $ Linux Server ก

A

B

C

D

E

F

G

H SELE CTED ON-LINE

&" !ก( MRTG 0 Q"Q% SNMP 'ก&" % ! HTTP Request Proxy Server 3 ก&

) 3'ก Proxy Server ' ! HTTP Request ก%3! &% ) 3' $ L SNMP Server (ก! Agent ก" &ก "% "%

% ก))&% , ) ( ก) "#ก )ก)

50

ก) "L&%) กก 3 MRTG Server ' ! ก (SNMP Request) 0 Q"Q% SNMP " SNMP Server SNMP Server ก' ก%) SNMP Request )% ก($Q" ก MRTG ' &%0 ) SNMP Agent + ) )%ก!M &%ก($) %) ก&% ) กก($ Q" ก MRTG ' (&%!\% HTML % 3%ก\ "#\%&"13 %) !0% Web server + Apache , IIS $0 ) - , ก$9 1ก^g868 MRTG ก ก&%!/Q" ก MRTG !/' ก 5 ) - &% L )%' (Real Time) ' 0%Mก, 5 - &%!/) (Daily) ' !&%$

! ' !ก\$ Mก &%' - &%!/!"$ (Weekly) ' (&%Mก, 30 !0% - &%!/ (Monthly) ' (&%Mก, 2 +)Q !0% - &%!/" (Yearly) ' (&%Mก, 24 +)Q !0% ก68 69:Nก& MRTG 4.3.1. กQ" ก MRTG & $%)2 + ก'ก 0 Linux Q $ก)Q$%Q" ก'ก ) WWW.MRTG.ORG ' +)2ก)Q$% MRTG Q0 (! YUM INSTALL %)ก"M ENTER Q&" (!

51

&"ก MRTG Q+(! YUM INSTALL &%' /&ก& ก +) /etc/mrtg -. "# ก template ก! HTML FILE % HTML FILE ' /&ก ก)$+) /var/www/mrtg

4.3.2. (ก! Template File Q+(! Cfgmaker --global "Options[_]: bits,growright" --global "WorkDir: /var/www/mrtg" --output /etc/mrtg/industrial.cfg public@localhost

52

&"ก+(!ก! Template File WorkDir: /var/www/mrtg $/.( $ ก +!($ ก\%0%%32

"# HTML PAGE Options[_]:bits,growright

$/.ก+3+ก !0%ก\Q 'ก) % !&%ก "# bits

output /etc/mrtg/industrial.cfg $/.( $ ก + ก\% .cfg public@localhost $/.( M"กL'(3)ก ก' )'& &%

4.3.3. 'ก(ก\% 3$!\% "#\% HTML Q+(! env LANG=C /usr/bin/mrtg/ /etc/mrtg/industrial.cfg

53

&"ก+(!!\%$ "#\% HTML ก!$ mrtg ( Qก ก' ) ก)ก log file \. -. ก' 3 "#1) "ก!($ก mrtg ! ก (ก !' %)' $) & $%\%\%&"13 %ก\% Q' ก "# 3 +)ก 1. 4;(M HTML "#\% "q&Q0 Q" ก Browser ก&\\qก! 3 , % '()\%" 1' ก'()3 ,

+ & กQ $ Router 2. 4;(M png.gif "#\%&"13ก !ก\qก , \\qก! 3. 4;(M log "#\% ก%กก( ) 4.3.4. (ก! Shortcut Q "$ /var/www/html %)+(! ln -s /var/www/mrtg/ ./mrtg

54

&"ก! Shortcut MRTG 4.3.5. (ก ก\%$ MRTG Mก, 5 Q+(! VI MRTG Q " ก\%$ /etc/cron.d

&"ก ก\%$ MRTG Mก, 5

(ก ก\% !' %)$+(! Service Crond Restart 3$ config $

4.3.6. (ก กก Web server $\% MRTG Q " ก cd /etc/httpd/conf 'ก$" ก\%Q+(! Vi httpd.conf %)" ก\% Document Root /var/www/html $ก% "# /var/www/mrtg

55

&"ก ก\% htttpd 4.3.7. ก+ MRTG + Qก "q ) - Q $ 3 3 http://localhost/mrtg

&"ก+ MRTG

Proxy Server And Squid

Overview

More details

Related Documents

Proxy Server And Squid

Squid Proxy

Proxy Transparente Con Squid

Squid Proxy Configuration Guide

Proxy Server

Proxy Server

More Documents from ""

Sol Unit02

Week 2

Diff&integral Formula

Physicsiunit02_4p