关闭相关服务
1
2
3
4
| systemctl stop NetworkManager
systemctl disable NetworkManager
systemctl stop firewalld
systemctl disable firewalld
|
修改系统语言
1
2
| vi /etc/locale.conf
LANG="zh_CN.UTF-8"
|
关闭 SELINUX(需要重启)
1
2
| vi /etc/sysconfig/selinux
SELINUX=disabled
|
安装常用包
1
2
| yum -y install net-tools bash-completion wget
yum -y install mlocate screen ntp unzip zip parted rsync tree vim lrzsz tcpdump telnet sysstat lsof strace iptraf iotop hdparm
|
修改时区,并开启时间同步
1
2
3
4
| cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
ntpdate us.pool.ntp.org
echo "0 */8 * * * /usr/sbin/ntpdate us.pool.ntp.org >> /var/log/ntp.log" >> /var/spool/cron/root
systemctl restart crond
|
安装 Squid
1
| yum -y install squid httpd-tools openssl
|
生成密码文件
1
| htpasswd -c /etc/squid/password squid
|
修改配置文件
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
| vi /etc/squid/squid.conf
http_port 31283
# proxy
via off
forwarded_for delete
# acl
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl Safe_ports port 80
acl Safe_ports port 443
# auth
auth_param basic program /usr/lib64/squid/basic_ncsa_auth /etc/squid/password
auth_param basic realm welcome
acl authenticated proxy_auth REQUIRED
# proviliges
http_access deny !Safe_ports
http_access allow local-net
http_access allow authenticated
http_access deny all
|
启动与重启
systemctl start squid
systemctl enable squid
通过 netstat 检查端口监听