立即注册  找回密码
 立即注册
CeraNetworksBGVM服务器主机交流会员请立即修改密码Sharktech防护
查看: 20|回复: 1

求助squid的配置

[复制链接]

求助squid的配置

[复制链接]

27

主题

142

回帖

635

积分

高级会员

积分
635
野猪佩奇

27

主题

142

回帖

635

积分

高级会员

积分
635
2024-12-7 02:08:49 | 显示全部楼层 |阅读模式
现在的环境是:
阿里云ecs,两个网卡,一个主网卡一个辅助网卡,各有一个IP,都可以使用squid的代理.
现在辅助网卡又增加了一个弹性IP,绑定ecs成功,能ping通能SSH,
但是这个IP不可以使用squid,其他的两个IP都可以正常使用.请问是什么问题?
172.18.202.98和172.18.202.96都是正常使用的,
只有172.18.202.102这个不能使用

[ol]
  • http_port 3030
  • cache deny all
  • hierarchy_stoplist cgi-bin ?
  • cache_log /var/log/squid/cache.log
  • access_log /var/log/squid/access.log
  • # access_log none
  • # cache_store_log none
  • # cache_log /dev/null
  • refresh_pattern ^ftp: 1440 20% 10080
  • refresh_pattern ^gopher: 1440 0% 1440
  • refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
  • refresh_pattern . 0 20% 4320
  • acl localhost src 127.0.0.1/32 ::1
  • acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
  • acl localnet src 172.18.0.0/16
  • http_access allow localnet
  • acl source_172_18_202_102 src 172.18.202.102/32
  • http_access allow source_172_18_202_102
  • acl SSL_ports port 1-65535
  • acl Safe_ports port 1-65535
  • acl CONNECT method CONNECT
  • acl siteblacklist dstdomain "/etc/squid/blacklist.acl"
  • http_access allow manager localhost
  • http_access deny manager
  • http_access deny !Safe_ports
  • http_access deny CONNECT !SSL_ports
  • http_access deny siteblacklist
  • auth_param basic program /usr/lib/squid3/basic_ncsa_auth /etc/squid/passwd
  • auth_param basic children 5
  • auth_param basic realm Squid proxy-caching web server
  • auth_param basic credentialsttl 2 hours
  • acl password proxy_auth REQUIRED
  • http_access allow localhost
  • http_access allow password
  • http_access deny all
  • forwarded_for off
  • request_header_access Allow allow all
  • request_header_access Authorization allow all
  • request_header_access WWW-Authenticate allow all
  • request_header_access Proxy-Authorization allow all
  • request_header_access Proxy-Authenticate allow all
  • request_header_access Cache-Control allow all
  • request_header_access Content-Encoding allow all
  • request_header_access Content-Length allow all
  • request_header_access Content-Type allow all
  • request_header_access Date allow all
  • request_header_access Expires allow all
  • request_header_access Host allow all
  • request_header_access If-Modified-Since allow all
  • request_header_access Last-Modified allow all
  • request_header_access Location allow all
  • request_header_access Pragma allow all
  • request_header_access Accept allow all
  • request_header_access Accept-Charset allow all
  • request_header_access Accept-Encoding allow all
  • request_header_access Accept-Language allow all
  • request_header_access Content-Language allow all
  • request_header_access Mime-Version allow all
  • request_header_access Retry-After allow all
  • request_header_access Title allow all
  • request_header_access Connection allow all
  • request_header_access Proxy-Connection allow all
  • request_header_access User-Agent allow all
  • request_header_access Cookie allow all
  • request_header_access All deny all
  • acl proxy_ip_172_18_202_96 myip 172.18.202.96
  • tcp_outgoing_address 172.18.202.96 proxy_ip_172_18_202_96
  • acl proxy_ip_172_18_202_98 myip 172.18.202.98
  • tcp_outgoing_address 172.18.202.98 proxy_ip_172_18_202_98
  • acl proxy_ip_172_18_202_102 myip 172.18.202.102
  • tcp_outgoing_address 172.18.202.102 proxy_ip_172_18_202_102[/ol]复制代码

    这是配置文件的内容,前两个没问题,只有172.18.202.102这个不能使用

    路由表:
    [ol]
  • ip route show
  • default via 172.18.207.253 dev eth1 proto static
  • default via 172.18.207.253 dev eth0 proto dhcp src 172.18.202.96 metric 100
  • default via 172.18.207.253 dev eth1 proto dhcp src 172.18.202.98 metric 200
  • 172.18.192.0/20 dev eth0 proto kernel scope link src 172.18.202.96 metric 100
  • 172.18.192.0/20 dev eth1 proto kernel scope link src 172.18.202.98 metric 200
  • 172.18.207.253 dev eth0 proto dhcp scope link src 172.18.202.96 metric 100
  • 172.18.207.253 dev eth1 proto dhcp scope link src 172.18.202.98 metric 200
  • [/ol]复制代码

    ip addr show
    [ol]
  • ip route show
  • default via 172.18.207.253 dev eth1 proto static
  • default via 172.18.207.253 dev eth0 proto dhcp src 172.18.202.96 metric 100
  • default via 172.18.207.253 dev eth1 proto dhcp src 172.18.202.98 metric 200
  • 172.18.192.0/20 dev eth0 proto kernel scope link src 172.18.202.96 metric 100
  • 172.18.192.0/20 dev eth1 proto kernel scope link src 172.18.202.98 metric 200
  • 172.18.207.253 dev eth0 proto dhcp scope link src 172.18.202.96 metric 100
  • 172.18.207.253 dev eth1 proto dhcp scope link src 172.18.202.98 metric 200
  • root@iZwz96t5lrt7slg2n3cqctZ:~# ^C
  • root@iZwz96t5lrt7slg2n3cqctZ:~# ip addr show
  • 1: lo:  mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
  •     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
  •     inet 127.0.0.1/8 scope host lo
  •        valid_lft forever preferred_lft forever
  •     inet6 ::1/128 scope host
  •        valid_lft forever preferred_lft forever
  • 2: eth0:
    mtu 1500 qdisc fq_codel state UP group default qlen 1000
  •     link/ether 00:16:3e:0c:36:4c brd ff:ff:ff:ff:ff:ff
  •     inet 172.18.202.96/20 metric 100 brd 172.18.207.255 scope global dynamic eth0
  •        valid_lft 315358791sec preferred_lft 315358791sec
  •     inet6 fe80::216:3eff:fe0c:364c/64 scope link
  •        valid_lft forever preferred_lft forever
  • 3: eth1:
    mtu 1500 qdisc fq_codel state UP group default qlen 1000
  •     link/ether 00:16:3e:20:d9:28 brd ff:ff:ff:ff:ff:ff
  •     inet 172.18.202.98/20 metric 200 brd 172.18.207.255 scope global dynamic eth1
  •        valid_lft 315358791sec preferred_lft 315358791sec
  •     inet 172.18.202.102/20 brd 172.18.207.255 scope global secondary eth1
  •        valid_lft forever preferred_lft forever
  •     inet6 fe80::216:3eff:fe20:d928/64 scope link
  •        valid_lft forever preferred_lft forever
  • [/ol]复制代码

    大佬们帮帮我,解决给两包华子,我去吃个宵夜,回来回复
  • 回复

    使用道具 举报

    27

    主题

    142

    回帖

    635

    积分

    高级会员

    积分
    635
    野猪佩奇 楼主

    27

    主题

    142

    回帖

    635

    积分

    高级会员

    积分
    635
    2024-12-7 03:56:30 | 显示全部楼层


    吃完饭回来了没人回
    回复

    使用道具 举报

    您需要登录后才可以回帖 登录 | 立即注册

    本版积分规则

    Archiver|小黑屋|HS2V主机综合交流论坛

    GMT+8, 2024-12-23 07:46 , Processed in 0.015076 second(s), 3 queries , Gzip On, Redis On.

    Powered by Discuz! X3.5

    © 2001-2024 Discuz! Team.

    快速回复 返回顶部 返回列表