用户认证功能的SQUID代理服务器

设置启动脚本：

# cp /opt/sfw/mysql/share/mysql/mysql.server /etc/init.d/mysql.server
# ln /etc/init.d/mysql.server /etc/rc3.d/S79mysql
# ln /etc/init.d/mysql.server /etc/rc0.d/K00mysql
# ln /etc/init.d/mysql.server /etc/rc1.d/K00mysql
# ln /etc/init.d/mysql.server /etc/rc2.d/K00mysql
# ln /etc/init.d/mysql.server /etc/rcS.d/K00mysql
# chown root:sys /etc/init.d/mysql.server /etc/rc3.d/S79mysql
# chmod 0744 /etc/init.d/mysql.server /etc/rc3.d/S79mysql

设置ROOT密码：
# mysqladmin -u root password llzqq

3．安装SQUID

# pkgadd -d ./ -s /var/spool/pkg SFWsquid
# pkgadd SFWsquid
# cd /opt/sfw/squid/etc
# cp squid.conf.default squid.conf
# cp mime.conf.default mime.conf

4.配置SQUID.CONF

http_port 192.168.0.1:3128
cache_mgr llzqq@nero.3322.org
error_directory /opt/sfw/squid/share/errors/Simplify_Chinese
dns_nameservers 202.99.160.68 202.99.168.8
visible_hostname nero.3322.org
httpd_accel_uses_host_header on
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
cache_mem 20 MB
maximum_object_size 4096 KB
minimum_object_size 0 KB
maximum_object_size_in_memory 30 KB
minimum_object_size_in_memory 0 KB
cache_swap_low 85
cache_swap_high 90
cache_dir ufs /opt/sfw/squid/var/cache
cache_effective_user squid
cache_effective_group squid

#http_access allow manager localhost
#http_access allow localhost
#http_access deny manager
#http_access deny !Safe_ports
#http_access deny CONNECT !SSL_ports
#http_access deny all
http_reply_access allow all
icp_access allow all
miss_access allow all
--------------------------------------------------------
# chown –R squid:squid /opt/sfw/squid/var
# /opt/sfw/squid/sbin/squid -z

5. SQUID启动脚本

# vi /etc/rc3.d/S78squid
====================== S78squid =====================
#!/sbin/sh
#
# Copyright (c) 2004 by llzqq, Inc
# llzqq@126.com
# All rights reserved.
#
#ident '@(#)squid 1.1 04/05/24 SMI'

case '$1' in
start)
/opt/sfw/squid/sbin/squid -s
;;
stop)
/opt/sfw/squid/sbin/squid -k shutdown
pkill squid
;;
*)
echo 'Usage: $0 { start | stop }'
exit 1
;;
esac
exit 0
====================== S78squid =====================
# chown root:sys /etc/rc3.d/S78squid
# chmod 744 /etc/rc3.d/S78squid
# ln -s /etc/rc3.d/S78squid /etc/rc2.d/K78squid

二、 安装MYSQL_AUTH

# gzip -d mysql_auth-0.6beta.tar.gz
# tar vxf mysql_auth-0.6beta.tar
# cd mysql_auth-0.6beta 

Makefile中需要修改的内容如下： //from www.w3sky.com

# vi Makefile

CFLAGS = -I/opt/sfw/mysql/include -L/opt/sfw/mysql/lib/mysql
INSTALL = /usr/ucb/install
$(INSTALL) -o root -g sys -m 700 mypasswd /usr/local/bin/mypasswd
$(INSTALL) -o squid -g squid -m 755 mysql_auth /usr/bin/mysql_auth
$(INSTALL) -o squid -g squid -m 600 $(CONF) /etc/mysql_auth.conf
$(INSTALL) -o squid -g squid -m 600 $(CONF) /etc/mysql_auth.conf.default

src/define.h中需要修改的内容如下：

# vi +5 src/define.h
#define CONFIG_FILE '/etc/mysql_auth.conf'
#define DEF_MYSQLD_SOCKET '/tmp/mysql.sock'

src/mysql_auth.conf中需要修改的内容如下：

# vi src/mysql_auth.conf
mysqld_socket /tmp/mysql.sock
# /usr/ccs/bin/make
# /usr/ccs/bin/make install
创建用户数据库：
# cd scripts
# mysql -u root -p****** < create_script

测试MYSQL_AUTH

1.添加一个测试用户
# mypasswd llzqq 123456
Password record ADDED succesfully.

2.验证刚才建立的用户
# mysql_auth
llzqq 123456
0K

3.删除一个已经建立的用户用这个命令
# mypasswd –d username

三、在SQUID.CONF中增加MYSQL_AUTH认证部分

# vi /etc/squid/squid.conf

添加下面的代码到SQUID.CONF中“TAG: acl”一节的后面

auth_param basic program /usr/bin/mysql_auth
auth_param basic realm LLZQQ’S CACHING SERVER
auth_param basic children 5
auth_param basic credentialsttl 2 hours
acl password proxy_auth REQUIRED
http_access allow password
authenticate_ip_ttl 2 hours
http_access deny all

四、客户端设置

在浏览器的代理服务器设置中填写SQUID服务器的IP和端口：
192.168.0.1:3218

在下载软件FLASHGET的代理服务器设置中填写SQUID服务器的IP、端口、用户和密码：
192.168.0.1:3218
user:llzqq
passwd:123456

五、注意事项