2012-04-20 174 views
0

我試圖通過Ubuntu服務器上的squid代理3.1.14訪問https站點,但我不知道爲什麼我不能。這裏是我的魷魚-v輸出:無法通過squid3訪問https站點

Squid Cache: Version 3.1.14 
configure options: '--build=i686-linux-gnu' '--prefix=/usr' '--includedir=${prefix}/include'  '--mandir=${prefix}/share/man' '--infodir=${prefix}/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--libexecdir=${prefix}/lib/squid3' '--srcdir=.' '--disable-maintainer-mode' '--disable-dependency-tracking' '--disable-silent-rules' '--datadir=/usr/share/squid3' '--sysconfdir=/etc/squid3' '--mandir=/usr/share/man' '--with-cppunit-basedir=/usr' '--enable-inline' '--enable-ssl' '--enable-async-io=8' '--enable-storeio=ufs,aufs,diskd' '--enable-removal-policies=lru,heap' '--enable-delay-pools' '--enable-cache-digests' '--enable-underscores' '--enable-icap-client' '--enable-follow-x-forwarded-for' '--enable-auth=basic,digest,ntlm,negotiate' '--enable-basic-auth-helpers=LDAP,MSNT,NCSA,PAM,SASL,SMB,YP,DB,POP3,getpwnam,squid_radius_auth,multi-domain-NTLM' '--enable-ntlm-auth-helpers=smb_lm,' '--enable-digest-auth-helpers=ldap,password' '--enable-negotiate-auth-helpers=squid_kerb_auth' '--enable-external-acl-helpers=ip_user,ldap_group,session,unix_group,wbinfo_group' '--enable-arp-acl' '--enable-esi' '--enable-zph-qos' '--disable-translation' '--with-logdir=/var/log/squid3' '--with-pidfile=/var/run/squid3.pid' '--with-filedescriptors=65536' '--with-large-files' '--with-default-user=proxy' '--enable-linux-netfilter' 'build_alias=i686-linux-gnu' 'CFLAGS=-g -O2 -g -O2 -Wall' 'LDFLAGS=-Wl,-Bsymbolic-functions' 'CPPFLAGS=' 'CXXFLAGS=-g -O2 -g -O2 -Wall' --with-squid=/etc/squid3/squid3-3.1.14 

這裏是我的squid.conf:

http_port 3124 

cache_mem 256 MB 

maximum_object_size_in_memory 10 MB 
maximum_object_size 100 MB 
minimum_object_size 0 KB 
cache_swap_low 90 
cache_swap_high 95 

cache_dir diskd /cache/squid1 5000 16 256 
cache_dir diskd /cache/squid2 5000 16 256 
cache_dir diskd /cache/squid3 5000 16 256 
cache_dir diskd /cache/squid4 5000 16 256 
cache_dir diskd /cache/squid5 5000 16 256 
cache_dir diskd /cache/squid6 5000 16 256 
cache_dir diskd /cache/squid7 5000 16 256 

access_log /var/log/squid3/access.log squid 

cache_peer x.x.x.x parent 3124 0 no-query login=PASS default no-digest 
memory_replacement_policy lru 
cache_replacement_policy lru 
cache_store_log /var/log/squid3/store.log 
emulate_httpd_log on 
cache_log /var/log/squid3/cache.log 
debug_options ALL,2 
coredump_dir /var/spool/squid3 
minimum_expiry_time 120 seconds 
cache_mgr [email protected] 
cache_effective_user squid 
cache_effective_group squid 
cachemgr_passwd 1234567890 all 


refresh_pattern -i ([^.]+.|)jre-6u31-linux-i586\.bin 1440 50% 9999 override-expire ignore-no-cache ignore-no-store ignore-private 
refresh_pattern -i exe$ 1440 50% 9999 override-expire ignore-no-cache ignore-no-store ignore-private 
refresh_pattern -i com$ 1440 50% 9999 override-expire ignore-no-cache ignore-no-store ignore-private 
refresh_pattern -i br$ 1440 50% 9999 override-expire ignore-no-cache ignore-no-store ignore-private 
refresh_pattern -i [0-9]+$ 1440 50% 9999 override-expire ignore-no-cache ignore-no-store ignore-private 
refresh_pattern -i AutoDL?BundleId=59620$ 1440 50% 9999 override-expire ignore-no-cache ignore-no-store ignore-private 
refresh_pattern -i htm$ 1440 50% 9999 override-expire ignore-no-cache ignore-no-store ignore-private 
refresh_pattern -i php$ 1440 50% 9999 override-expire ignore-no-cache ignore-no-store ignore-private 
refresh_pattern -i html$ 1440 50% 9999 override-expire ignore-no-cache ignore-no-store ignore-private 
refresh_pattern -i asp$ 1440 50% 9999 override-expire ignore-no-cache ignore-no-store ignore-private 
refresh_pattern -i zip$ 0 50% 999999 ignore-reload override-lastmod override-expire reload-into-ims 
refresh_pattern -i \.(mp3|mp4|m4a|ogg|mov|avi|wmv)$ 10080 90% 999999 ignore-no-cache override-expire ignore-private 
refresh_pattern -i flv$ 0 50% 999999 ignore-reload override-lastmod override-expire reload-into-ims 
refresh_pattern -i swf$ 0 50% 999999 ignore-reload override-lastmod override-expire reload-into-ims 
refresh_pattern -i cab$ 0 50% 999999 ignore-reload override-lastmod override-expire reload-into-ims 
refresh_pattern -i rar$ 0 50% 999999 ignore-reload override-lastmod override-expire reload-into-ims 
refresh_pattern ^http:// 30 40% 20160 
refresh_pattern ^ftp:// 30 50% 20160 
refresh_pattern ^gopher:// 30 40% 20160 
refresh_pattern . 1440 100% 1440 ignore-reload override-lastmod override-expire reload-into-ims 

acl manager proto cache_object 
acl localhost src 127.0.0.1/32 

acl SSL_ports port 443 563 
acl cacic_ports port 20 21 22 3306 # cacic 
acl Safe_ports port 80 23  # http 
acl Safe_ports port 21   # ftp 
acl Safe_ports port 443 563  # https, snews 
acl Safe_ports port 70   # gopher 
acl Safe_ports port 210   # wais 
acl Safe_ports port 1025-65535 # unregistered ports 
acl Safe_ports port 280   # http-mgmt 
acl Safe_ports port 488   # gss-http 
acl Safe_ports port 591   # filemaker 
acl Safe_ports port 777   # multiling http 

acl purge method PURGE 
acl CONNECT method CONNECT 

http_access allow manager localhost 
http_access deny manager 
http_access allow purge localhost 
http_access deny purge 
http_access deny !Safe_ports 
http_access deny CONNECT !SSL_ports 


#Cache videos youtube 
acl youtube dstdomain .youtube.com 
cache allow youtube 

# Aqui você irá definir o IP da sua rede interna 
acl redelocal src x.x.x.x/24 
cache allow redelocal 
http_access allow redelocal 
http_access allow localhost 
http_access deny all 

從來就試圖訪問Gmail,Facebook的,...,使用HTTPS任何網站沒有打開,但其他任何不使用https的網站完全打開。

我在做什麼錯?

感謝您的幫助!

+0

您的代理是否可以直接訪問互聯網?或者它需要使用父級訪問網絡? – 2012-04-21 01:10:03

+0

我們使用cache_peer訪問互聯網。我們沒有直接訪問互聯網。 – IOSJR 2012-04-25 12:52:31

回答

0

每個在Ubuntu上玩過Squid的人都可能遇到過這個問題;

Ubuntu Squid包已被編譯爲不帶SSL選項。因此,在Ubuntu服務器上使用Squid代理HTTPS連接是不可能的。

Refer This

相關問題