基于Xen的VPS 配置squid服务器

安装很简单：apt-get install squid

配置中的重点是打开用户验证。

通过htpasswd建立用户名密码文件，然后在squid的配置文件中设置。

http_port 3128
auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/squid.password
auth_param basic children 5
auth_param basic realm hamo's private proxy
auth_param basic credentialsttl 4 hours

acl all src all
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8
acl localnet src 10.0.0.0/8 # rfc1918 possible internal network
acl localnet src 172.16.0.0/12 # rfc1918 possible internal network
acl localnet src 192.168.0.0/16 # rfc1918 possible internal network

acl ssl_ports port 443 # https教程
acl ssl_ports port 563 # snews
acl ssl_ports port 873 # rsync
acl safe_ports port 80 # http
acl safe_ports port 21 # ftp
acl safe_ports port 443 # https
acl safe_ports port 70 # gopher
acl safe_ports port 210 # wais
acl safe_ports port 1025-65535 # unregistered ports
acl safe_ports port 280 # http-mgmt
acl safe_ports port 488 # gss-http
acl safe_ports port 591 # filemaker
acl safe_ports port 777 # multiling http
acl safe_ports port 631 # cups
acl safe_ports port 873 # rsync
acl safe_ports port 901 # swat
acl purge method purge
acl connect method connect

acl normal proxy_auth required

http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !safe_ports
http_access deny connect !ssl_ports
http_access deny to_localhost
http_access allow localhost
http_access allow normal
http_access deny all

然后重启squid即可。