stunnel+squid 配置访问google笔记
Squid 配置请看上一个文章
核心理解:
1. squid 是个帮助转发的工具
2. stunnel 是个加密工具,将转发过程的数据进行加密处理。
https://java-er.com/blog/squid-install/
1.服务器配置
生成服务器加密文件
CentOS 下安装stunnel
yum -y install stunnel openssl openssl-devel
openssl req -new -x509 -days 365 -nodes -out stunnel.pem -keyout stunnel.pem
openssl gendh 512>> stunnel.pem #不是必须的
vi /etc/stunnel/stunnel_ser.conf
cert = /etc/stunnel/stunnel.pem
CAfile = /etc/stunnel/stunnel.pem
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
;;;chroot = /var/run/stunnel
pid = /tmp/stunnel_server.pid
verify = 3
;;; CApath = certs
;;; CRLpath = crls
;;; CRLfile = crls.pem
;setuid = web
;setgid = web
;;; client=yes
compression = zlib
;;; taskbar = no
delay = no
;;; failover = rr
;;; failover = prio
;;; sslVersion = TLSv1
;;; fips=no
sslVersion = all
;;; options = NO_SSLv2
;;; options = NO_SSLv3
debug = 7
syslog = no
output = /var/log/stunnel/server.log
client = no
[sproxy]
accept = 8889
connect = 49.253.31.19:8888
配置文件重点说明
accept = 8889 为squid 端口
connect = 49.253.31.19:8888 为stunnel接受外部信息的端口
启动服务
stunnel /etc/stunnel/stunnel_ser.conf
2. 客户端安装sunnel
MAC 系统
brew install stunnel
cp /usr/local/etc/stunnel/stunnel.conf-sample /usr/local/etc/stunnel/stunnel.conf
vi /usr/local/etc/stunnel/stunnel.conf
cert = /usr/local/etc/stunnel/stunnel.pem
CAfile = /usr/local/etc/stunnel/stunnel.pem
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
;;;chroot = /var/run/stunnel
pid = /tmp/stunnel.pid
verify = 3
;;; CApath = certs
;;; CRLpath = crls
;;; CRLfile = crls.pem
;setuid = web
;setgid = web
;;; client=yes
;compression = zlib
;;; taskbar = no
delay = no
;;; failover = rr
;;; failover = prio
;;; fips=no
sslVersion = all
;;; options = NO_SSLv2
;;; options = NO_SSLv3
debug = 7
syslog = no
output = /data/logs/stunnel.log
client = yes
[sproxy]
accept = 0.0.0.0:7071
connect = 49.253.31.19:8889
重点说明:
connect = 49.253.31.19:8889 ;;;服务器的stunnel端口
accept = 0.0.0.0:7071 ;;;本地代理浏览器用来访问的端口
stunnel /usr/local/etc/stunnel/stunnel.conf
3. Chrome浏览器
用插件SwitchySharp
配置如下
具体怎么安装设置,请看上个文章https://java-er.com/blog/ssh-suidao/
月小升QQ 2651044202, 技术交流QQ群 178491360
首发地址:月小升博客 – https://java-er.com/blog/stunnel-and-squid-note/
无特殊说明,文章均为月小升原创,欢迎转载,转载请注明本文地址,谢谢
您的评论是我写作的动力.