差異處
這裏顯示兩個版本的差異處。
| Both sides previous revision 前次修改 下次修改 | 前次修改 | ||
|
squid [2017/01/07 16:30] jz |
squid [2018/12/29 21:39] (目前版本) jz |
||
|---|---|---|---|
| 行 1: | 行 1: | ||
| - | ====== squid ====== | + | ====== Squid ====== |
| - | ===== install ===== | + | ===== Install ===== |
| <code bash> | <code bash> | ||
| pkg install squid | pkg install squid | ||
| + | pkg install htdigest | ||
| sysrc squid_enable="YES" | sysrc squid_enable="YES" | ||
| </code> | </code> | ||
| - | ===== config ===== | + | ===== Auth ===== |
| + | There are two ways to specify the password auth, ''htdigest'' or ''htpasswd''. | ||
| + | |||
| + | **htdigest** | ||
| ''/usr/local/etc/squid/squid.conf'' | ''/usr/local/etc/squid/squid.conf'' | ||
| + | <code> | ||
| + | auth_param basic program /usr/local/libexec/squid/basic_ncsa_auth /usr/local/etc/squid/password | ||
| + | auth_param basic realm proxy | ||
| + | auth_param basic casesensitive | ||
| + | </code> | ||
| + | <code bash> | ||
| + | apache-htdigest -c /usr/local/etc/squid/password realm username | ||
| + | # or htdigest if apache-htdigest is not found | ||
| + | </code> | ||
| + | |||
| + | <code bash> | ||
| + | php -a | ||
| + | echo 'user': . crypt('password', base64_encode('password')); | ||
| + | </code> | ||
| + | |||
| + | **htpasswd** | ||
| + | |||
| + | ''/usr/local/etc/squid/squid.conf'' | ||
| <code> | <code> | ||
| auth_param digest realm proxy | auth_param digest realm proxy | ||
| auth_param digest program /usr/local/libexec/squid/digest_file_auth -c /usr/local/etc/squid/password | auth_param digest program /usr/local/libexec/squid/digest_file_auth -c /usr/local/etc/squid/password | ||
| + | </code> | ||
| + | |||
| + | <code bash> | ||
| + | htpasswd -c /usr/local/etc/squid/password username | ||
| + | </code> | ||
| + | |||
| + | ===== ACL ===== | ||
| + | ''/usr/local/etc/squid/squid.conf'' | ||
| + | <code> | ||
| acl users proxy_auth REQUIRED | acl users proxy_auth REQUIRED | ||
| + | acl ncku src 140.116.0.0/16 | ||
| + | http_access deny !ncku | ||
| http_access allow users | http_access allow users | ||
| - | |||
| http_port 3128 | http_port 3128 | ||
| - | |||
| - | # Leave coredumps in the first cache dir | ||
| - | coredump_dir /var/squid/cache | ||
| </code> | </code> | ||
| + | |||
| + | ===== Check config ===== | ||
| <code bash> | <code bash> | ||
| - | apache-htdigest -c /usr/local/etc/squid/passwords realm username | + | squid -f /usr/local/etc/squid/squid.conf -k parse |
| - | # or htdigest if apache-htdigest is not found | + | |
| </code> | </code> | ||
| - | ===== check config ===== | + | ===== Start service ===== |
| <code bash> | <code bash> | ||
| - | squid -f /usr/local/etc/squid/squid.conf -k parse | + | service squid start |
| </code> | </code> | ||
| + | |||
