Squid + Stunnel 配置
环境:
亚马逊服务器一台:3.26.80.132
华为云服务器一台:122.59.52.68
客户机一台: Win11
实现的需求:客户机通过设置华为云代理,实现透过亚马逊服务器上网
一、亚马逊服务器
1、安装Squid
https://blog.csdn.net/mshxuyi/article/details/142092023
2、安装 Stunnel
yum install stunnel -y2、生成自签名证书
cd /etc/stunnel/# 创建证书
openssl req -new -x509 -days 3650 -nodes -out stunnel.pem -keyout stunnel.pem# 根据提示,输入国家,省,市,公司,部门,姓名,邮箱
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:Shanghai
Locality Name (eg, city) [Default City]:Shanghai
Organization Name (eg, company) [Default Company Ltd]:MSH
Organizational Unit Name (eg, section) []:IT
Common Name (eg, your name or your server's hostname) []:Tomma
Email Address []:mshxuyi@gmail.com3、创建配置文件
vim stunnel.confsetuid = root
setgid = root
pid = /var/run/stunnel.piddebug = 7
syslog = yes
output = /var/log/stunnel.logcert = /etc/stunnel/stunnel.pem
CAfile = /etc/stunnel/stunnel.pem
verify = 3socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
delay = no
sslVersion = all
options = NO_SSLv2client=no # 服务端模式[squid]
accept = 0.0.0.0:3129 # stunnel监听端口
connect = 3.26.80.132:3128 # 指向squid服务器4、启动
stunnel /etc/stunnel/stunnel.conf二、华为云服务器
1、只需要安装Stunnel
yum install stunnel -y2、从服务端拷贝证书文件过来
[root@msh stunnel]# ll-rw-r--r-- 1 root root 3099 Oct 8 14:29 stunnel.pem3、创建配置文件
setuid = root
setgid = root
pid = /var/run/stunnel.piddebug = 7
syslog = yes
output = /var/log/stunnel.logcert = /etc/stunnel/stunnel.pem
CAfile = /etc/stunnel/stunnel.pem
verify = 3socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
delay = no
sslVersion = all
options = NO_SSLv2client=yes # 客户端模式[squid]
accept = 0.0.0.0:3129 # 监听端口
connect = 3.26.80.132:3129 # 指向服务端的Stunnel4、启动
stunnel /etc/stunnel/stunnel.conf三、客户机代理上网
