0
私はUbuntuサーバー上でsquidプロキシ3.1.14を使用してhttpsサイトにアクセスしようとしていますが、私はなぜそれができないのか分かりません。ここに私のイカ-vの出力は以下のとおりです。squid3経由でhttpsサイトにアクセスできない
Squid Cache: Version 3.1.14
configure options: '--build=i686-linux-gnu' '--prefix=/usr' '--includedir=${prefix}/include' '--mandir=${prefix}/share/man' '--infodir=${prefix}/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--libexecdir=${prefix}/lib/squid3' '--srcdir=.' '--disable-maintainer-mode' '--disable-dependency-tracking' '--disable-silent-rules' '--datadir=/usr/share/squid3' '--sysconfdir=/etc/squid3' '--mandir=/usr/share/man' '--with-cppunit-basedir=/usr' '--enable-inline' '--enable-ssl' '--enable-async-io=8' '--enable-storeio=ufs,aufs,diskd' '--enable-removal-policies=lru,heap' '--enable-delay-pools' '--enable-cache-digests' '--enable-underscores' '--enable-icap-client' '--enable-follow-x-forwarded-for' '--enable-auth=basic,digest,ntlm,negotiate' '--enable-basic-auth-helpers=LDAP,MSNT,NCSA,PAM,SASL,SMB,YP,DB,POP3,getpwnam,squid_radius_auth,multi-domain-NTLM' '--enable-ntlm-auth-helpers=smb_lm,' '--enable-digest-auth-helpers=ldap,password' '--enable-negotiate-auth-helpers=squid_kerb_auth' '--enable-external-acl-helpers=ip_user,ldap_group,session,unix_group,wbinfo_group' '--enable-arp-acl' '--enable-esi' '--enable-zph-qos' '--disable-translation' '--with-logdir=/var/log/squid3' '--with-pidfile=/var/run/squid3.pid' '--with-filedescriptors=65536' '--with-large-files' '--with-default-user=proxy' '--enable-linux-netfilter' 'build_alias=i686-linux-gnu' 'CFLAGS=-g -O2 -g -O2 -Wall' 'LDFLAGS=-Wl,-Bsymbolic-functions' 'CPPFLAGS=' 'CXXFLAGS=-g -O2 -g -O2 -Wall' --with-squid=/etc/squid3/squid3-3.1.14
、ここでは私のあるsquid.confです:
http_port 3124
cache_mem 256 MB
maximum_object_size_in_memory 10 MB
maximum_object_size 100 MB
minimum_object_size 0 KB
cache_swap_low 90
cache_swap_high 95
cache_dir diskd /cache/squid1 5000 16 256
cache_dir diskd /cache/squid2 5000 16 256
cache_dir diskd /cache/squid3 5000 16 256
cache_dir diskd /cache/squid4 5000 16 256
cache_dir diskd /cache/squid5 5000 16 256
cache_dir diskd /cache/squid6 5000 16 256
cache_dir diskd /cache/squid7 5000 16 256
access_log /var/log/squid3/access.log squid
cache_peer x.x.x.x parent 3124 0 no-query login=PASS default no-digest
memory_replacement_policy lru
cache_replacement_policy lru
cache_store_log /var/log/squid3/store.log
emulate_httpd_log on
cache_log /var/log/squid3/cache.log
debug_options ALL,2
coredump_dir /var/spool/squid3
minimum_expiry_time 120 seconds
cache_mgr [email protected]
cache_effective_user squid
cache_effective_group squid
cachemgr_passwd 1234567890 all
refresh_pattern -i ([^.]+.|)jre-6u31-linux-i586\.bin 1440 50% 9999 override-expire ignore-no-cache ignore-no-store ignore-private
refresh_pattern -i exe$ 1440 50% 9999 override-expire ignore-no-cache ignore-no-store ignore-private
refresh_pattern -i com$ 1440 50% 9999 override-expire ignore-no-cache ignore-no-store ignore-private
refresh_pattern -i br$ 1440 50% 9999 override-expire ignore-no-cache ignore-no-store ignore-private
refresh_pattern -i [0-9]+$ 1440 50% 9999 override-expire ignore-no-cache ignore-no-store ignore-private
refresh_pattern -i AutoDL?BundleId=59620$ 1440 50% 9999 override-expire ignore-no-cache ignore-no-store ignore-private
refresh_pattern -i htm$ 1440 50% 9999 override-expire ignore-no-cache ignore-no-store ignore-private
refresh_pattern -i php$ 1440 50% 9999 override-expire ignore-no-cache ignore-no-store ignore-private
refresh_pattern -i html$ 1440 50% 9999 override-expire ignore-no-cache ignore-no-store ignore-private
refresh_pattern -i asp$ 1440 50% 9999 override-expire ignore-no-cache ignore-no-store ignore-private
refresh_pattern -i zip$ 0 50% 999999 ignore-reload override-lastmod override-expire reload-into-ims
refresh_pattern -i \.(mp3|mp4|m4a|ogg|mov|avi|wmv)$ 10080 90% 999999 ignore-no-cache override-expire ignore-private
refresh_pattern -i flv$ 0 50% 999999 ignore-reload override-lastmod override-expire reload-into-ims
refresh_pattern -i swf$ 0 50% 999999 ignore-reload override-lastmod override-expire reload-into-ims
refresh_pattern -i cab$ 0 50% 999999 ignore-reload override-lastmod override-expire reload-into-ims
refresh_pattern -i rar$ 0 50% 999999 ignore-reload override-lastmod override-expire reload-into-ims
refresh_pattern ^http:// 30 40% 20160
refresh_pattern ^ftp:// 30 50% 20160
refresh_pattern ^gopher:// 30 40% 20160
refresh_pattern . 1440 100% 1440 ignore-reload override-lastmod override-expire reload-into-ims
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl SSL_ports port 443 563
acl cacic_ports port 20 21 22 3306 # cacic
acl Safe_ports port 80 23 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl purge method PURGE
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
#Cache videos youtube
acl youtube dstdomain .youtube.com
cache allow youtube
# Aqui você irá definir o IP da sua rede interna
acl redelocal src x.x.x.x/24
cache allow redelocal
http_access allow redelocal
http_access allow localhost
http_access deny all
I'veは、Gmailの、Facebookの、....、HTTPSを使用するすべてのサイトにアクセスしようとしました開いていませんが、httpsを使用しない他のサイトは完全に開きます。
私は間違っていますか?
助けてくれてありがとう!
プロキシはインターネットに直接アクセスできますか?または、Webにアクセスするために親を使用する必要がありますか? –
私たちはインターネットにアクセスするためにcache_peerを使います。私たちはインターネットに直接アクセスすることはできません。 – IOSJR