Windows Subsystem for Linux(ubuntu)にsquidをインストールしてみました。
インストール手順をメモしておきます。
環境
user@lenovo-i7:~$ uname -a
Linux lenovo-i7 4.4.0-17134-Microsoft #137-Microsoft Thu Jun 14 18:46:00 PST 2018 x86_64 x86_64 x86_64 GNU/Linux
user@lenovo-i7:~$ cat /etc/os-release
NAME="Ubuntu"
VERSION="18.04.1 LTS (Bionic Beaver)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 18.04.1 LTS"
VERSION_ID="18.04"
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
VERSION_CODENAME=bionic
UBUNTU_CODENAME=bionic
インストール手順
-
パッケージ更新
user@lenovo-i7:~$ sudo -E apt update -
インストール
user@lenovo-i7:~$ sudo -E apt install squid -y
squid設定
設定内容:
- ローカルネットワークからのアクセスを許可
- ポートを3128から8888に変更
user@lenovo-i7:~$ sudo cp -p /etc/squid/squid.conf /etc/squid/squid.conf.orig
user@lenovo-i7:~$ sudo vi /etc/squid/squid.conf
user@lenovo-i7:~$ diff /etc/squid/squid.conf /etc/squid/squid.conf.orig
975,977c975,977
< acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
< acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
< acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
---
> #acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
> #acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
> #acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
1190c1190
< http_access allow localnet
---
> #http_access allow localnet
1612c1612
< http_port 8888
---
> http_port 3128
squid再起動
user@lenovo-i7:~$ sudo service squid restart
* Restarting Squid HTTP Proxy squid [ OK ]
動作確認
user@lenovo-i7:~$ curl google.co.jp -v
* Rebuilt URL to: google.co.jp/
* Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to 127.0.0.1 (127.0.0.1) port 8888 (#0)
> GET http://google.co.jp/ HTTP/1.1
> Host: google.co.jp
> User-Agent: curl/7.58.0
> Accept: */*
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 301 Moved Permanently
< Location: http://www.google.co.jp/
< Content-Type: text/html; charset=UTF-8
< Date: Wed, 29 Aug 2018 15:17:33 GMT
< Expires: Fri, 28 Sep 2018 15:17:33 GMT
< Cache-Control: public, max-age=2592000
< Server: gws
< Content-Length: 221
< X-XSS-Protection: 1; mode=block
< X-Frame-Options: SAMEORIGIN
< Age: 167
< X-Cache: HIT from lenovo-i7
< X-Cache-Lookup: HIT from lenovo-i7:8888
< Via: 1.1 lenovo-i7 (squid/3.5.27)
< Connection: keep-alive
<
<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>301 Moved</TITLE></HEAD><BODY>
<H1>301 Moved</H1>
The document has moved
<A HREF="http://www.google.co.jp/">here</A>.
</BODY></HTML>
* Connection #0 to host 127.0.0.1 left intact
user@lenovo-i7:~$ curl https://google.co.jp -v
* Rebuilt URL to: https://google.co.jp/
* Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to 127.0.0.1 (127.0.0.1) port 8888 (#0)
* allocate connect buffer!
* Establish HTTP proxy tunnel to google.co.jp:443
> CONNECT google.co.jp:443 HTTP/1.1
> Host: google.co.jp:443
> User-Agent: curl/7.58.0
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 200 Connection established
<
* Proxy replied 200 to CONNECT request
* CONNECT phase completed!
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* CONNECT phase completed!
* CONNECT phase completed!
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-CHACHA20-POLY1305
* ALPN, server accepted to use h2
* Server certificate:
* subject: C=US; ST=California; L=Mountain View; O=Google LLC; CN=*.google.co.jp
* start date: Aug 7 18:33:44 2018 GMT
* expire date: Oct 16 18:28:00 2018 GMT
* subjectAltName: host "google.co.jp" matched cert's "google.co.jp"
* issuer: C=US; O=Google Trust Services; CN=Google Internet Authority G3
* SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x7fffd7c30810)
> GET / HTTP/2
> Host: google.co.jp
> User-Agent: curl/7.58.0
> Accept: */*
>
* Connection state changed (MAX_CONCURRENT_STREAMS updated)!
< HTTP/2 301
< location: https://www.google.co.jp/
< content-type: text/html; charset=UTF-8
< date: Wed, 29 Aug 2018 15:20:23 GMT
< expires: Fri, 28 Sep 2018 15:20:23 GMT
< cache-control: public, max-age=2592000
< server: gws
< content-length: 222
< x-xss-protection: 1; mode=block
< x-frame-options: SAMEORIGIN
< alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
<
<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>301 Moved</TITLE></HEAD><BODY>
<H1>301 Moved</H1>
The document has moved
<A HREF="https://www.google.co.jp/">here</A>.
</BODY></HTML>
* Connection #0 to host 127.0.0.1 left intact