FB7-PF-SQUID做反向代理,squid无法启动[已解决]
2009-05-13 14:15:12来源:未知 阅读 ()
pf 把公网卡IP的80转到内网卡的squid80squid 启动不来,cache.log提示:commBind: Cannot bind socket FD 13 to 172.168.0.115:80: (13) Permission denied
(实验目的) internetuser --》Freebsd-Wan-PF --》Freebsd-Lan-Squid --》 web1.web2.web3..webN (因公网IP只有一个,web全在私网)
原来是非ROOT用户不能占用1024下端口,用root启动,问题解决了。感谢乔楚大哥帮助解决!感谢哈尔滨啤酒!
pf配置:
wan_if="rl0"
lan_if="rl1"
inter_net="172.168.0.0/24"
web_server="172.168.0.115"
scrub in on $wan_if
#Nat
nat on $wan_if from $inter_net to any -> ($wan_if)
#http
rdr on $wan_if proto tcp from any to 222.28.44.215 port 80 -> $web_server port 80
pass all
squid配置:
# NETWORK OPTIONS
# -----------------------------------------------------------------------------
http_port 172.168.0.115:80 vhost vport
icp_port 0
cache_peer 172.168.0.115 parent 81 0 no-query originserver
# OPTIONS WHICH AFFECT THE NEIGHBOR SELECTION ALGORITHM
# -----------------------------------------------------------------------------
hierarchy_stoplist cgi-bin ?
hierarchy_stoplist -i ^https:\\ ?
acl QUERY urlpath_regex -i cgi-bin \? \.asp \.php \.jsp \.cgi \.aspx
acl denyssl urlpath_regex -i ^https:\\
no_cache deny QUERY
no_cache deny denyssl
# OPTIONS WHICH AFFECT THE CACHE SIZE
# -----------------------------------------------------------------------------
cache_mem 60 MB
cache_swap_low 90
cache_swap_high 95
maximum_object_size 4096 KB
maximum_object_size_in_memory 80 KB
# dns cache
ipcache_size 1024
ipcache_low 90
ipcache_high 95
fqdncache_size 1024
# LOGFILE PATHNAMES AND CACHE DIRECTORIES
# -----------------------------------------------------------------------------
cache_dir ufs /usr/www/cache 1024 56 256
access_log /usr/local/etc/squid/logs/access.log
cache_log /usr/local/etc/squid/logs/cache.log
#cache_store_log /usr/local/etc/squid/logs/store.log
emulate_httpd_log on
pid_filename /usr/local/etc/squid/logs/squid.pid
# ACCESS CONTROLS
# -----------------------------------------------------------------------------
acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl mydomain dstdomain jyjs.hebei.com.cn
acl mynet src 172.168.0.0/24
http_access allow localhost
http_access allow mydomain
http_access allow mynet
http_access deny all
icp_access deny all
# ADMINISTRATIVE PARAMETERS
# -----------------------------------------------------------------------------
cache_mgr dierock@sina.com
cache_effective_user squid
cache_effective_group squid
visible_hostname www.hebei.com.cn
# MISCELLANEOUS
# -----------------------------------------------------------------------------
标签:
版权申明:本站文章部分自网络,如有侵权,请联系:west999com@outlook.com
特别注意:本站所有转载文章言论不代表本站观点,本站所提供的摄影照片,插画,设计作品,如需使用,请与原作者联系,版权归原作者所有
- 急!断电源后不能启动[搞定了] 2009-05-13
- 用amd64版的兄弟么有用X的吗? 2009-05-13
- 启动dbus和hald网卡就不见了?? 2009-05-13
- netbsd启动gnome失败! 2009-05-13
- 从网上下载的packages为什么本地安装不了?[已解决!] 2009-05-13
IDC资讯: 主机资讯 注册资讯 托管资讯 vps资讯 网站建设
网站运营: 建站经验 策划盈利 搜索优化 网站推广 免费资源
网络编程: Asp.Net编程 Asp编程 Php编程 Xml编程 Access Mssql Mysql 其它
服务器技术: Web服务器 Ftp服务器 Mail服务器 Dns服务器 安全防护
软件技巧: 其它软件 Word Excel Powerpoint Ghost Vista QQ空间 QQ FlashGet 迅雷
网页制作: FrontPages Dreamweaver Javascript css photoshop fireworks Flash
