squid-基于rockylinux8配置内网代理访问阿里云软件源

目录1.配置代理服务器2.配置内网服务器1.配置代理服务器[rootlocalhost ~]# yum install -y squidInstalled:libecap-1.0.1-2.moduleel8.9.01437df5ea8f0.x86_64 perl-Carp-1.42-396.el8.noarch perl-DBI-1.641-4.moduleel8.9.01495f278a004.x86_64perl-Data-Dumper-2.167-399.el8.x86_64 perl-Digest-1.17-395.el8.noarch perl-Digest-MD5-2.55-396.el8.x86_64perl-Digest-SHA-1:6.02-1.el8.x86_64 perl-Encode-4:2.97-3.el8.x86_64 perl-Errno-1.28-423.el8_10.x86_64perl-Exporter-5.72-396.el8.noarch perl-File-Path-2.15-2.el8.noarch perl-File-Temp-0.230.600-1.el8.noarchperl-Getopt-Long-1:2.50-4.el8.noarch perl-HTTP-Tiny-0.074-3.el8.noarch perl-IO-1.38-423.el8_10.x86_64perl-IO-Socket-IP-0.39-5.el8.noarch perl-IO-Socket-SSL-2.066-4.moduleel8.9.01517e71a7a62.noarch perl-MIME-Base64-3.15-396.el8.x86_64perl-Math-BigInt-1:1.9998.11-7.el8.noarch perl-Math-Complex-1.59-423.el8_10.noarch perl-Mozilla-CA-20160104-7.moduleel8.9.015210101edce.noarchperl-Net-SSLeay-1.88-2.moduleel8.9.01517e71a7a62.x86_64 perl-PathTools-3.74-1.el8.x86_64 perl-Pod-Escapes-1:1.07-395.el8.noarchperl-Pod-Perldoc-3.28-396.el8.noarch perl-Pod-Simple-1:3.35-395.el8.noarch perl-Pod-Usage-4:1.69-395.el8.noarchperl-Scalar-List-Utils-3:1.49-2.el8.x86_64 perl-Socket-4:2.027-3.el8.x86_64 perl-Storable-1:3.11-3.el8.x86_64perl-Term-ANSIColor-4.06-396.el8.noarch perl-Term-Cap-1.17-395.el8.noarch perl-Text-ParseWords-3.30-395.el8.noarchperl-Text-TabsWrap-2013.0523-395.el8.noarch perl-Time-Local-1:1.280-1.el8.noarch perl-URI-1.73-3.el8.noarchperl-Unicode-Normalize-1.25-396.el8.x86_64 perl-constant-1.33-396.el8.noarch perl-interpreter-4:5.26.3-423.el8_10.x86_64perl-libnet-3.11-3.el8.noarch perl-libs-4:5.26.3-423.el8_10.x86_64 perl-macros-4:5.26.3-423.el8_10.x86_64perl-parent-1:0.237-1.el8.noarch perl-podlators-4.11-1.el8.noarch perl-threads-1:2.21-2.el8.x86_64perl-threads-shared-1.58-2.el8.x86_64 squid-7:4.15-10.moduleel8.10.0208049064dbd.9.x86_64Complete![rootlocalhost ~]# systemctl enable squidCreated symlink /etc/systemd/system/multi-user.target.wants/squid.service → /usr/lib/systemd/system/squid.service.[rootlocalhost ~]# mv /etc/squid/squid.conf /etc/squid/squid.conf.bak[rootlocalhost ~]# vim /etc/squid/squid.conf# 监听内网IP和端口例如在本机所有IP的3128端口监听http_port 3128# 定义内网网段例如假设您的内网段是 10.0.0.0/24acl local_net src 10.9.254.0/24acl aliyun_domain dstdomain .aliyun.com .alibabacloud.com .aliyuncs.com .alicdn.com# 允许定义的本地网络使用代理http_access allow local_net aliyun_domain# 默认拒绝所有其他访问重要安全设置http_access deny all# 配置DNS服务器可选但建议可设置为企业内网DNS或公共DNSdns_nameservers 223.5.5.5 223.6.6.6# 启用日志记录便于排查access_log /var/log/squid/access.logcache_log /var/log/squid/cache.log[rootlocalhost ~]# systemctl start squid[rootlocalhost ~]# systemctl status squid● squid.service - Squid caching proxyLoaded: loaded (/usr/lib/systemd/system/squid.service; enabled; vendor preset: disabled)Active: active (running) since Wed 2025-12-03 17:58:35 CST; 7s agoDocs: man:squid(8)Process: 13937 ExecStartPre/usr/libexec/squid/cache_swap.sh (codeexited, status0/SUCCESS)Main PID: 13943 (squid)Tasks: 2 (limit: 50660)Memory: 13.1MCGroup: /system.slice/squid.service├─13943 /usr/sbin/squid --foreground -f /etc/squid/squid.conf└─13945 (squid-1) --kid squid-1 --foreground -f /etc/squid/squid.confDec 03 17:58:35 localhost.localdomain systemd[1]: Starting Squid caching proxy...Dec 03 17:58:35 localhost.localdomain squid[13943]: Squid Parent: will start 1 kidsDec 03 17:58:35 localhost.localdomain squid[13943]: Squid Parent: (squid-1) process 13945 startedDec 03 17:58:35 localhost.localdomain systemd[1]: Started Squid caching proxy.[rootlocalhost ~]# netstat -ntlpProto Recv-Q Send-Q Local Address Foreign Address State PID/Program nametcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 910/sshdtcp6 0 0 :::22 :::* LISTEN 910/sshdtcp6 0 0 :::3128 :::* LISTEN 13945/(squid-1)2.配置内网服务器[rootlocalhost ~]# vim /etc/profileexport http_proxyhttp://10.9.254.36:3128export https_proxyhttp://10.9.254.36:3128 # 注意对于HTTPS请求Squid代理地址通常也是http://export no_proxylocalhost,127.0.0.1,10.9.254.0/24,.internal.domain.com # 排除不需要代理的内网地址[rootlocalhost ~]# source /etc/profile[rootlocalhost ~]# vim /etc/yum.confproxyhttp://10.9.254.36:3128[rootlocalhost ~]# yum repolistrepo id repo nameappstream Rocky Linux 8 - AppStreambaseos Rocky Linux 8 - BaseOSepel Extra Packages for Enterprise Linux 8 - x86_64extras Rocky Linux 8 - Extras