2 m y my Squid server ip:192.168.1.9, 172.16.1.1 Linux: 172.16.1.

2 Quid server l m t ch ng trnh internet proxy-caching c vai tr ti p nh n cc yu c u t cc client v chuy n cho internet server thich h p. ng th i n c ng l u l i trn a nh ng d li u c tr v t internet server g i l caching Nh ng giao th c h tr trn Squid: HTTP, FTP, SSL 1/ ki m tra Squid c ci ch a

Rpm -qa | grep squid 2/ ci t Squid Yum install squid 3/c u hnh web server: a/ ci t Apache v t o th m c g c cho web site mkdir /var/www/html/myweb b/ t o trang web <html> <head><title>TEST PAPE</title></head> <body> <p>xin chao tat ca cac ban</p> </body> </html> 4/s a file c u hnh httpd.conf [root@localhost ~]# vi /etc/httpd/conf/httpd.conf <Directory "/var/www/html/myweb">

Options Indexes FollowSymLinks AllowOverride None

Order allow,deny Allow from all Allow from 172.16.1.0/255.255.255.0 </Directory> 5/start httpd v stop firewall [root@localhost ~]# service httpd start [root@localhost ~]# service iptables stop 6/ki m tra truy c p: http://172.16.1.1/myweb/ 7/c u hnh Squid: [root@localhost ~]# vi /etc/squid/squid.conf 921 http_port 8080 (port l ng nghe) (cho php caching 10 MB) ( th m c l u tr ) (l u active requests c a client)

1579 cache_mem 10 MB

1786 cache_dir ufs /var/spool/squid 100 16 256 1948 access_log /var/log/squid/access.log squid 8/ Access Control: trong file squid.conf a/c u hnh truy c p m ng n i b t th 2 t i th 6 t 8h 590 acl my_network src 172.16.1.0/24

n 17h chi u;( cu i tag acl)

591 acl allow_hours time MTWHF 8:00-17:00

638 http_access 9/ restart squid :

allow my_network

allow_hours

[root@localhost ~]# service squid restart 10/ trn my window: Vo internet->options ->connection -> Lan settings -> ch n user a proxy server.... nh p vo ip v port

Ki m tra th vo web. 11/thay i gi trn proxy server v ki m tra l i ngy gi trn h th ng: [root@localhost ~]# date -s 05:00 Tue May 3 05:00:00 ICT 2011 [root@localhost ~]# date Tue May 3 05:00:13 ICT 2011 12/ki m tra truy c p:

13/ cho php /c m truy c p

n m t s website c php truy c p

a/t o file ch a danh sch cc site vi /etc/squid/allow_sites dantri.com.vn google.com yahoo.com

b/ t o danh sch cc site b c m truy c p: www.tuoitre.com

www.nhatnghe.com www.phimf.com c/ s a file c u hnh squid.conf 590 acl my_network src 172.16.1.0/24

591 acl allow_hours time MTWHF 8:00-17:00 592 acl allow_sites dstdomain 593 acl deny_sites dstdomain /etc/squid/allow_sites /etc/squid/deny_sites

640 http_access 641 http_access d/ restart l i squid service squid restart ki m tra 14/ dung password T o user:

deny

deny_sites allow_hours allow_sites

allow my_network

[root@localhost ~]# useradd u1 [root@localhost ~]# htpasswd -c /etc/squid/squid_passwd u1 New password: Re-type new password: Adding password for user u1 S a file c u hnh: [root@localhost ~]# vi /etc/squid/squid.conf 273 auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/squid_passwd

591 acl ncsa_users proxy_auth

REQUIRED

642 http_access allow my_network allow_hours allow_sites ncsa_users 15/gi i h n n i dung download: -t o file ch cc ph n m r ng c a cc file c n gi i h n download: vi /etc/squid/clock_files.acl \.gif \.jpeg -s a file c u hnh: 591 acl clock_files urlpath_regex "/etc/squid/clock_files.acl" 642 http_access deny clock_files