搭建Squid3 密码账号IP代理

上文中,说明了 Squid3 IP Proxy 隐藏原IP,这里就搭建Squid 3密码账号IP代理进行整理,涉及环境 Ubuntu 18.04。

Step 1: htpasswd 和 htdigest 工具

htpasswd和htdigest工具是用于生成Squid密码的,直接安装命令

sudo apt-get install apache2-utils

安装完成后,使用命令如下所示

htpasswd -c /etc/squid/.squid_users xifarm
New password:
Re-type new password:
Adding password for user xifarm

创建的密码在/etc/squid/.squid_users里面存储,我们可以再增加一个用户

htpasswd /etc/squid/.squid_users runwulink
New password:
Re-type new password:
Adding password for user runwulink

这里可以“查看”一下刚才创建的2个账号

cat /etc/squid/.squid_users
xifarm:$apr1$IyfTZICg$2fPImX5o14XC2KPF1kZWv/
runwulink:$apr1$5o0XKeto$m6c5B5KK5ZAK/7A/VIgYB/

验证账号密码用这个脚本–防止我们遗忘密码账号

chown squid /etc/squid/.squid_users
/usr/lib64/squid/basic_ncsa_auth /etc/squid/.squid_users
xifarm password
OK
runwulink password
OK

Step2: 配置squid.conf 密码账号

auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/.squid_users
auth_param basic children 5
auth_param basic realm Proxy Authentication Required
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off

acl auth_users proxy_auth xifarm runwulink
http_access allow auth_users

basic_ncsa_auth 配置密码文件路径 /etc/squid/.squid_users
auth_param basic children 5 指明了这里最多开放5个账号
auth_param basic casesensitive off 大小写不明感
acl auth_users proxy_auth xifarm runwulink

开启Squid测试

systemctl restart squid

Step3:代理使用

wget命令为例

wget google.com
–2019-12-1 00:38:21– http://google.com/
Connecting to 192.168.49.69:3128… connected.
Proxy request sent, awaiting response… 407 Proxy Authentication Required
2018-12-1 00:38:21 ERROR 407: Proxy Authentication Required.

这里会报407错误:密码账号没有设置原因。

wget –proxy-user=amos –proxy-password=password google.com
–2018-12-1 00:39:36– http://google.com/
Connecting to 192.168.49.69:3128… connected.
Proxy request sent, awaiting response… 301 Moved Permanently
Location: http://www.google.com/ [following]
–2018-12-1 00:39:37– http://www.google.com/
Reusing existing connection to 192.168.49.69:3128.
Proxy request sent, awaiting response… 200 OK
Length: unspecified [text/html]
Saving to: ‘index.html.8’

index.html.8 [ <=> ] 11.72K –.-KB/s in 0.1s

2018-12-1 00:39:38 (97.6 KB/s) – ‘index.html.8’ saved [12001]

小经验

  • 查询Squid错误的日志vi /var/log/squid/access.log
  • 注意命令行路径 /usr/lib/squid/basic_ncsa_auth 以你安装Squid的为准!
  • 默认是3128端口,这个端口已经被滥用了,注意修改端口,且适用Squid密码账号方式保护流量