使用squid proxy允許內網(Not Allow Internet Access)用戶透過proxy啟動Windows 2008 VM

參考資料:

架構:

Internet <—->OA Proxy <—->private proxy <———> windows VM (待補圖形架構圖)

環境:

CentOS 6.4 x86_64 with squid 3.1

squid設定:

#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
#

acl ms_1 dstdomain activation.sls.microsoft.com
http_access allow ms_1
acl ms_2 dstdomain urs.microsoft.com
http_access allow ms_2
acl ms_3 url_regex -i ^http://go.microsoft.com/fwlink
http_access allow ms_3

#CentOS update mirror site
acl centos_mirror dstdomain mirror01.xxx.yyy.net
http_access allow centos_mirror

cache_peer 10.22.33.44 parent 8080 0 no-query no-digest originserver name=oaproxy login=PASSTHRU
cache_peer_access oaproxy allow ms_1
cache_peer_access oaproxy allow ms_2
cache_peer_access oaproxy allow ms_3
cache_peer_access oaproxy allow centos_mirror
cache_peer_access oaproxy deny all

visible_hostname squid

logformat squid %ts.%03tu %6tr %>a %Ss/%03>Hs %<st %rm %ru %un %Sh/%<A %mt
logformat squidmime %ts.%03tu %6tr %>a %Ss/%03>Hs %<st %rm %ru %un %Sh/%<A %mt [%>h] [%<h]
logformat common %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %>Hs %<st %Ss:%Sh
logformat combined %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %>Hs %<st "%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh
access_log /var/log/squid/access.log combined

nonhierarchical_direct off

 

Facebook Comments Box

Leave a Reply