経緯
AWS環境でプライベートサブネット上のEC2からインターネット上のdnfリポジトリを使いたい。
多くは、パブリックサブネット上にNATゲートウェイを置いて、そこをインターネットGWを経由して外へ出る構成だと思う。
今回は、NATゲートウェイの代わりにプロキシサーバを構築して、外へ出る構成を作ってみる。
構成図
やってみる
※インスタンスの構築の流れはここでは省略します。一般的な構築なので。
【セキュリティグループの設定】
※検証用なので、セキュリティはガバガバの設定です。本番はしっかり設計してください。
・Bastion/Proxy
最低でも個人環境からSSH接続できること、プロキシ通信を受信できるようにすることが大切です。
(マイIPを設定しているので伏せています)
・検証用Webサーバ
今回は、この後にALBを立ててインターネット経由でWebサーバが覗けることを確認するため、ALBについているセキュリティグループから受信できるようにしています。
基本的に踏み台からHTTP通信をすることはないです(癖で入れてしまっただけなので…)
SSH接続も踏み台サーバのプライベートIPのみで必要最低限の接続になるのでご自身の環境で設定してください。
【プロキシサーバ構築】
今回はSquidを入れていきます。
まずは、dnfのアップデートをします。
[root@ip-10-0-100-246 ~]# dnf -y update
Updating Subscription Management repositories.
Unable to read consumer identity
This system is not registered with an entitlement server. You can use "rhc" or "subscription-manager" to register.
Red Hat Enterprise Linux 9 for x86_64 - AppStre 55 MB/s | 36 MB 00:00
Red Hat Enterprise Linux 9 for x86_64 - BaseOS 50 MB/s | 25 MB 00:00
Red Hat Enterprise Linux 9 Client Configuration 32 kB/s | 3.0 kB 00:00
Dependencies resolved.
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
kernel x86_64 5.14.0-427.22.1.el9_4 rhel-9-baseos-rhui-rpms 5.5 M
kernel-core x86_64 5.14.0-427.22.1.el9_4 rhel-9-baseos-rhui-rpms 20 M
kernel-modules x86_64 5.14.0-427.22.1.el9_4 rhel-9-baseos-rhui-rpms 39 M
kernel-modules-core
x86_64 5.14.0-427.22.1.el9_4 rhel-9-baseos-rhui-rpms 33 M
Upgrading:
kernel-tools x86_64 5.14.0-427.22.1.el9_4 rhel-9-baseos-rhui-rpms 5.7 M
kernel-tools-libs
x86_64 5.14.0-427.22.1.el9_4 rhel-9-baseos-rhui-rpms 5.5 M
python-unversioned-command
noarch 3.9.18-3.el9_4.1 rhel-9-appstream-rhui-rpms 10 k
python3 x86_64 3.9.18-3.el9_4.1 rhel-9-baseos-rhui-rpms 29 k
python3-libs x86_64 3.9.18-3.el9_4.1 rhel-9-baseos-rhui-rpms 7.8 M
python3-perf x86_64 5.14.0-427.22.1.el9_4 rhel-9-baseos-rhui-rpms 5.6 M
rh-amazon-rhui-client
noarch 4.0.19-1.el9 rhui-client-config-server-9 46 k
selinux-policy noarch 38.1.35-2.el9_4.2 rhel-9-baseos-rhui-rpms 53 k
selinux-policy-targeted
noarch 38.1.35-2.el9_4.2 rhel-9-baseos-rhui-rpms 6.9 M
shim-x64 x86_64 15.8-4.el9_3 rhel-9-baseos-rhui-rpms 476 k
Transaction Summary
================================================================================
Install 4 Packages
Upgrade 10 Packages
Total download size: 130 M
Downloading Packages:
(1/14): kernel-5.14.0-427.22.1.el9_4.x86_64.rpm 20 MB/s | 5.5 MB 00:00
(2/14): kernel-core-5.14.0-427.22.1.el9_4.x86_6 27 MB/s | 20 MB 00:00
(3/14): python-unversioned-command-3.9.18-3.el9 781 kB/s | 10 kB 00:00
(4/14): shim-x64-15.8-4.el9_3.x86_64.rpm 16 MB/s | 476 kB 00:00
(5/14): selinux-policy-38.1.35-2.el9_4.2.noarch 4.3 MB/s | 53 kB 00:00
(6/14): selinux-policy-targeted-38.1.35-2.el9_4 32 MB/s | 6.9 MB 00:00
(7/14): kernel-tools-5.14.0-427.22.1.el9_4.x86_ 29 MB/s | 5.7 MB 00:00
(8/14): kernel-modules-5.14.0-427.22.1.el9_4.x8 26 MB/s | 39 MB 00:01
(9/14): kernel-modules-core-5.14.0-427.22.1.el9 24 MB/s | 33 MB 00:01
(10/14): python3-3.9.18-3.el9_4.1.x86_64.rpm 2.5 MB/s | 29 kB 00:00
(11/14): kernel-tools-libs-5.14.0-427.22.1.el9_ 9.6 MB/s | 5.5 MB 00:00
(12/14): rh-amazon-rhui-client-4.0.19-1.el9.noa 1.5 MB/s | 46 kB 00:00
(13/14): python3-perf-5.14.0-427.22.1.el9_4.x86 15 MB/s | 5.6 MB 00:00
(14/14): python3-libs-3.9.18-3.el9_4.1.x86_64.r 28 MB/s | 7.8 MB 00:00
--------------------------------------------------------------------------------
Total 63 MB/s | 130 MB 00:02
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Running scriptlet: selinux-policy-targeted-38.1.35-2.el9_4.2.noarch 1/1
Preparing : 1/1
Installing : kernel-modules-core-5.14.0-427.22.1.el9_4.x86_64 1/24
Installing : kernel-core-5.14.0-427.22.1.el9_4.x86_64 2/24
Running scriptlet: kernel-core-5.14.0-427.22.1.el9_4.x86_64 2/24
Installing : kernel-modules-5.14.0-427.22.1.el9_4.x86_64 3/24
Running scriptlet: kernel-modules-5.14.0-427.22.1.el9_4.x86_64 3/24
Upgrading : selinux-policy-38.1.35-2.el9_4.2.noarch 4/24
Running scriptlet: selinux-policy-38.1.35-2.el9_4.2.noarch 4/24
Running scriptlet: selinux-policy-targeted-38.1.35-2.el9_4.2.noarch 5/24
Upgrading : selinux-policy-targeted-38.1.35-2.el9_4.2.noarch 5/24
Running scriptlet: selinux-policy-targeted-38.1.35-2.el9_4.2.noarch 5/24
Upgrading : python3-libs-3.9.18-3.el9_4.1.x86_64 6/24
Upgrading : python3-3.9.18-3.el9_4.1.x86_64 7/24
Upgrading : python-unversioned-command-3.9.18-3.el9_4.1.noarch 8/24
Upgrading : kernel-tools-libs-5.14.0-427.22.1.el9_4.x86_64 9/24
Running scriptlet: kernel-tools-libs-5.14.0-427.22.1.el9_4.x86_64 9/24
Upgrading : kernel-tools-5.14.0-427.22.1.el9_4.x86_64 10/24
Running scriptlet: kernel-tools-5.14.0-427.22.1.el9_4.x86_64 10/24
Upgrading : python3-perf-5.14.0-427.22.1.el9_4.x86_64 11/24
Upgrading : rh-amazon-rhui-client-4.0.19-1.el9.noarch 12/24
warning: /etc/yum.repos.d/redhat-rhui.repo saved as /etc/yum.repos.d/redhat-rhui.repo.rpmsave
Running scriptlet: rh-amazon-rhui-client-4.0.19-1.el9.noarch 12/24
[INFO:choose_repo] choose_repo:33 2024-06-29 11:31:58,388: Enabling binary repos in redhat-rhui.repo
[INFO:choose_repo] choose_repo:56 2024-06-29 11:31:58,391: Enabling client config repo
[INFO:choose_repo] choose_repo:64 2024-06-29 11:31:58,391: Executing [sed -i 's/enabled=0/enabled=1/' /etc/yum.repos.d/redhat-rhui-client-config.repo]
Installing : kernel-5.14.0-427.22.1.el9_4.x86_64 13/24
Upgrading : shim-x64-15.8-4.el9_3.x86_64 14/24
Running scriptlet: rh-amazon-rhui-client-4.0.18-1.el9.noarch 15/24
Cleanup : rh-amazon-rhui-client-4.0.18-1.el9.noarch 15/24
Running scriptlet: selinux-policy-38.1.35-2.el9_4.noarch 16/24
Cleanup : selinux-policy-38.1.35-2.el9_4.noarch 16/24
Running scriptlet: selinux-policy-38.1.35-2.el9_4.noarch 16/24
Cleanup : selinux-policy-targeted-38.1.35-2.el9_4.noarch 17/24
Running scriptlet: selinux-policy-targeted-38.1.35-2.el9_4.noarch 17/24
Cleanup : shim-x64-15.8-3.el9_4.x86_64 18/24
Running scriptlet: kernel-tools-5.14.0-427.20.1.el9_4.x86_64 19/24
Cleanup : kernel-tools-5.14.0-427.20.1.el9_4.x86_64 19/24
Running scriptlet: kernel-tools-5.14.0-427.20.1.el9_4.x86_64 19/24
Cleanup : python3-perf-5.14.0-427.20.1.el9_4.x86_64 20/24
Cleanup : python3-3.9.18-3.el9.x86_64 21/24
Cleanup : python-unversioned-command-3.9.18-3.el9.noarch 22/24
Cleanup : python3-libs-3.9.18-3.el9.x86_64 23/24
Cleanup : kernel-tools-libs-5.14.0-427.20.1.el9_4.x86_64 24/24
Running scriptlet: kernel-tools-libs-5.14.0-427.20.1.el9_4.x86_64 24/24
Running scriptlet: kernel-modules-core-5.14.0-427.22.1.el9_4.x86_64 24/24
Running scriptlet: kernel-core-5.14.0-427.22.1.el9_4.x86_64 24/24
Running scriptlet: kernel-modules-5.14.0-427.22.1.el9_4.x86_64 24/24
Running scriptlet: selinux-policy-targeted-38.1.35-2.el9_4.2.noarch 24/24
Running scriptlet: kernel-tools-libs-5.14.0-427.20.1.el9_4.x86_64 24/24
Verifying : kernel-5.14.0-427.22.1.el9_4.x86_64 1/24
Verifying : kernel-core-5.14.0-427.22.1.el9_4.x86_64 2/24
Verifying : kernel-modules-5.14.0-427.22.1.el9_4.x86_64 3/24
Verifying : kernel-modules-core-5.14.0-427.22.1.el9_4.x86_64 4/24
Verifying : python-unversioned-command-3.9.18-3.el9_4.1.noarch 5/24
Verifying : python-unversioned-command-3.9.18-3.el9.noarch 6/24
Verifying : shim-x64-15.8-4.el9_3.x86_64 7/24
Verifying : shim-x64-15.8-3.el9_4.x86_64 8/24
Verifying : selinux-policy-38.1.35-2.el9_4.2.noarch 9/24
Verifying : selinux-policy-38.1.35-2.el9_4.noarch 10/24
Verifying : selinux-policy-targeted-38.1.35-2.el9_4.2.noarch 11/24
Verifying : selinux-policy-targeted-38.1.35-2.el9_4.noarch 12/24
Verifying : kernel-tools-5.14.0-427.22.1.el9_4.x86_64 13/24
Verifying : kernel-tools-5.14.0-427.20.1.el9_4.x86_64 14/24
Verifying : kernel-tools-libs-5.14.0-427.22.1.el9_4.x86_64 15/24
Verifying : kernel-tools-libs-5.14.0-427.20.1.el9_4.x86_64 16/24
Verifying : python3-perf-5.14.0-427.22.1.el9_4.x86_64 17/24
Verifying : python3-perf-5.14.0-427.20.1.el9_4.x86_64 18/24
Verifying : python3-3.9.18-3.el9_4.1.x86_64 19/24
Verifying : python3-3.9.18-3.el9.x86_64 20/24
Verifying : python3-libs-3.9.18-3.el9_4.1.x86_64 21/24
Verifying : python3-libs-3.9.18-3.el9.x86_64 22/24
Verifying : rh-amazon-rhui-client-4.0.19-1.el9.noarch 23/24
Verifying : rh-amazon-rhui-client-4.0.18-1.el9.noarch 24/24
Installed products updated.
Upgraded:
kernel-tools-5.14.0-427.22.1.el9_4.x86_64
kernel-tools-libs-5.14.0-427.22.1.el9_4.x86_64
python-unversioned-command-3.9.18-3.el9_4.1.noarch
python3-3.9.18-3.el9_4.1.x86_64
python3-libs-3.9.18-3.el9_4.1.x86_64
python3-perf-5.14.0-427.22.1.el9_4.x86_64
rh-amazon-rhui-client-4.0.19-1.el9.noarch
selinux-policy-38.1.35-2.el9_4.2.noarch
selinux-policy-targeted-38.1.35-2.el9_4.2.noarch
shim-x64-15.8-4.el9_3.x86_64
Installed:
kernel-5.14.0-427.22.1.el9_4.x86_64
kernel-core-5.14.0-427.22.1.el9_4.x86_64
kernel-modules-5.14.0-427.22.1.el9_4.x86_64
kernel-modules-core-5.14.0-427.22.1.el9_4.x86_64
Complete!
次にSquidをインストール
[root@ip-10-0-100-246 ~]# dnf -y install squid
Updating Subscription Management repositories.
Unable to read consumer identity
This system is not registered with an entitlement server. You can use "rhc" or "subscription-manager" to register.
Red Hat Enterprise Linux 9 for x86_64 - AppStream from RHUI 78 kB/s | 4.5 kB 00:00
Red Hat Enterprise Linux 9 for x86_64 - BaseOS from RHUI (RP 76 kB/s | 4.1 kB 00:00
Red Hat Enterprise Linux 9 Client Configuration 29 kB/s | 1.5 kB 00:00
Dependencies resolved.
=============================================================================================
Package Arch Version Repository Size
=============================================================================================
Installing:
squid x86_64 7:5.5-12.el9_4 rhel-9-appstream-rhui-rpms 3.9 M
Installing dependencies:
httpd-filesystem noarch 2.4.57-8.el9 rhel-9-appstream-rhui-rpms 15 k
libecap x86_64 1.0.1-10.el9 rhel-9-appstream-rhui-rpms 28 k
libtool-ltdl x86_64 2.4.6-45.el9 rhel-9-appstream-rhui-rpms 39 k
perl-AutoLoader noarch 5.74-481.el9 rhel-9-appstream-rhui-rpms 21 k
perl-B x86_64 1.80-481.el9 rhel-9-appstream-rhui-rpms 184 k
perl-Carp noarch 1.50-460.el9 rhel-9-appstream-rhui-rpms 31 k
perl-Class-Struct noarch 0.66-481.el9 rhel-9-appstream-rhui-rpms 22 k
perl-DBI x86_64 1.643-9.el9 rhel-9-appstream-rhui-rpms 729 k
perl-Data-Dumper x86_64 2.174-462.el9 rhel-9-appstream-rhui-rpms 59 k
perl-Digest noarch 1.19-4.el9 rhel-9-appstream-rhui-rpms 29 k
perl-Digest-MD5 x86_64 2.58-4.el9 rhel-9-appstream-rhui-rpms 39 k
perl-Digest-SHA x86_64 1:6.02-461.el9 rhel-9-appstream-rhui-rpms 66 k
perl-DynaLoader x86_64 1.47-481.el9 rhel-9-appstream-rhui-rpms 26 k
perl-Encode x86_64 4:3.08-462.el9 rhel-9-appstream-rhui-rpms 1.7 M
perl-English noarch 1.11-481.el9 rhel-9-appstream-rhui-rpms 14 k
perl-Errno x86_64 1.30-481.el9 rhel-9-appstream-rhui-rpms 15 k
perl-Exporter noarch 5.74-461.el9 rhel-9-appstream-rhui-rpms 34 k
perl-Fcntl x86_64 1.13-481.el9 rhel-9-appstream-rhui-rpms 22 k
perl-File-Basename noarch 2.85-481.el9 rhel-9-appstream-rhui-rpms 17 k
perl-File-Path noarch 2.18-4.el9 rhel-9-appstream-rhui-rpms 38 k
perl-File-Temp noarch 1:0.231.100-4.el9 rhel-9-appstream-rhui-rpms 63 k
perl-File-stat noarch 1.09-481.el9 rhel-9-appstream-rhui-rpms 17 k
perl-FileHandle noarch 2.03-481.el9 rhel-9-appstream-rhui-rpms 16 k
perl-Getopt-Long noarch 1:2.52-4.el9 rhel-9-appstream-rhui-rpms 64 k
perl-Getopt-Std noarch 1.12-481.el9 rhel-9-appstream-rhui-rpms 16 k
perl-HTTP-Tiny noarch 0.076-462.el9 rhel-9-appstream-rhui-rpms 57 k
perl-IO x86_64 1.43-481.el9 rhel-9-appstream-rhui-rpms 92 k
perl-IO-Socket-IP noarch 0.41-5.el9 rhel-9-appstream-rhui-rpms 45 k
perl-IO-Socket-SSL noarch 2.073-1.el9 rhel-9-appstream-rhui-rpms 223 k
perl-IPC-Open3 noarch 1.21-481.el9 rhel-9-appstream-rhui-rpms 24 k
perl-MIME-Base64 x86_64 3.16-4.el9 rhel-9-appstream-rhui-rpms 34 k
perl-Math-BigInt noarch 1:1.9998.18-460.el9 rhel-9-appstream-rhui-rpms 194 k
perl-Math-Complex noarch 1.59-481.el9 rhel-9-appstream-rhui-rpms 47 k
perl-Mozilla-CA noarch 20200520-6.el9 rhel-9-appstream-rhui-rpms 14 k
perl-Net-SSLeay x86_64 1.92-2.el9 rhel-9-appstream-rhui-rpms 392 k
perl-POSIX x86_64 1.94-481.el9 rhel-9-appstream-rhui-rpms 98 k
perl-PathTools x86_64 3.78-461.el9 rhel-9-appstream-rhui-rpms 92 k
perl-Pod-Escapes noarch 1:1.07-460.el9 rhel-9-appstream-rhui-rpms 22 k
perl-Pod-Perldoc noarch 3.28.01-461.el9 rhel-9-appstream-rhui-rpms 92 k
perl-Pod-Simple noarch 1:3.42-4.el9 rhel-9-appstream-rhui-rpms 229 k
perl-Pod-Usage noarch 4:2.01-4.el9 rhel-9-appstream-rhui-rpms 43 k
perl-Scalar-List-Utils x86_64 4:1.56-461.el9 rhel-9-appstream-rhui-rpms 77 k
perl-SelectSaver noarch 1.02-481.el9 rhel-9-appstream-rhui-rpms 12 k
perl-Socket x86_64 4:2.031-4.el9 rhel-9-appstream-rhui-rpms 58 k
perl-Storable x86_64 1:3.21-460.el9 rhel-9-appstream-rhui-rpms 98 k
perl-Symbol noarch 1.08-481.el9 rhel-9-appstream-rhui-rpms 14 k
perl-Term-ANSIColor noarch 5.01-461.el9 rhel-9-appstream-rhui-rpms 51 k
perl-Term-Cap noarch 1.17-460.el9 rhel-9-appstream-rhui-rpms 24 k
perl-Text-ParseWords noarch 3.30-460.el9 rhel-9-appstream-rhui-rpms 18 k
perl-Text-Tabs+Wrap noarch 2013.0523-460.el9 rhel-9-appstream-rhui-rpms 25 k
perl-Time-Local noarch 2:1.300-7.el9 rhel-9-appstream-rhui-rpms 37 k
perl-URI noarch 5.09-3.el9 rhel-9-appstream-rhui-rpms 125 k
perl-base noarch 2.27-481.el9 rhel-9-appstream-rhui-rpms 16 k
perl-constant noarch 1.33-461.el9 rhel-9-appstream-rhui-rpms 25 k
perl-if noarch 0.60.800-481.el9 rhel-9-appstream-rhui-rpms 14 k
perl-interpreter x86_64 4:5.32.1-481.el9 rhel-9-appstream-rhui-rpms 73 k
perl-libnet noarch 3.13-4.el9 rhel-9-appstream-rhui-rpms 134 k
perl-libs x86_64 4:5.32.1-481.el9 rhel-9-appstream-rhui-rpms 2.2 M
perl-mro x86_64 1.23-481.el9 rhel-9-appstream-rhui-rpms 29 k
perl-overload noarch 1.31-481.el9 rhel-9-appstream-rhui-rpms 46 k
perl-overloading noarch 0.02-481.el9 rhel-9-appstream-rhui-rpms 13 k
perl-parent noarch 1:0.238-460.el9 rhel-9-appstream-rhui-rpms 16 k
perl-podlators noarch 1:4.14-460.el9 rhel-9-appstream-rhui-rpms 118 k
perl-subs noarch 1.03-481.el9 rhel-9-appstream-rhui-rpms 12 k
perl-vars noarch 1.05-481.el9 rhel-9-appstream-rhui-rpms 13 k
Installing weak dependencies:
perl-NDBM_File x86_64 1.15-481.el9 rhel-9-appstream-rhui-rpms 23 k
Transaction Summary
=============================================================================================
Install 67 Packages
Total download size: 12 M
Installed size: 39 M
Downloading Packages:
(1/67): perl-Digest-MD5-2.58-4.el9.x86_64.rpm 700 kB/s | 39 kB 00:00
(2/67): perl-Data-Dumper-2.174-462.el9.x86_64.rpm 966 kB/s | 59 kB 00:00
(3/67): perl-IO-Socket-SSL-2.073-1.el9.noarch.rpm 17 MB/s | 223 kB 00:00
(4/67): perl-Mozilla-CA-20200520-6.el9.noarch.rpm 1.3 MB/s | 14 kB 00:00
(5/67): perl-Term-Cap-1.17-460.el9.noarch.rpm 2.8 MB/s | 24 kB 00:00
(6/67): perl-Pod-Simple-3.42-4.el9.noarch.rpm 14 MB/s | 229 kB 00:00
(7/67): perl-Time-Local-1.300-7.el9.noarch.rpm 4.3 MB/s | 37 kB 00:00
(8/67): perl-Pod-Escapes-1.07-460.el9.noarch.rpm 3.0 MB/s | 22 kB 00:00
(9/67): perl-Encode-3.08-462.el9.x86_64.rpm 16 MB/s | 1.7 MB 00:00
(10/67): perl-Storable-3.21-460.el9.x86_64.rpm 4.4 MB/s | 98 kB 00:00
(11/67): perl-podlators-4.14-460.el9.noarch.rpm 5.5 MB/s | 118 kB 00:00
(12/67): libecap-1.0.1-10.el9.x86_64.rpm 1.5 MB/s | 28 kB 00:00
(13/67): perl-Digest-SHA-6.02-461.el9.x86_64.rpm 4.2 MB/s | 66 kB 00:00
(14/67): libtool-ltdl-2.4.6-45.el9.x86_64.rpm 1.8 MB/s | 39 kB 00:00
(15/67): perl-Exporter-5.74-461.el9.noarch.rpm 3.3 MB/s | 34 kB 00:00
(16/67): perl-File-Temp-0.231.100-4.el9.noarch.rpm 6.2 MB/s | 63 kB 00:00
(17/67): perl-Getopt-Long-2.52-4.el9.noarch.rpm 5.8 MB/s | 64 kB 00:00
(18/67): perl-MIME-Base64-3.16-4.el9.x86_64.rpm 3.2 MB/s | 34 kB 00:00
(19/67): perl-Text-Tabs+Wrap-2013.0523-460.el9.noarch.rpm 3.2 MB/s | 25 kB 00:00
(20/67): perl-parent-0.238-460.el9.noarch.rpm 1.9 MB/s | 16 kB 00:00
(21/67): perl-Digest-1.19-4.el9.noarch.rpm 2.9 MB/s | 29 kB 00:00
(22/67): perl-File-Path-2.18-4.el9.noarch.rpm 4.0 MB/s | 38 kB 00:00
(23/67): perl-DBI-1.643-9.el9.x86_64.rpm 29 MB/s | 729 kB 00:00
(24/67): perl-IO-Socket-IP-0.41-5.el9.noarch.rpm 3.0 MB/s | 45 kB 00:00
(25/67): perl-Pod-Usage-2.01-4.el9.noarch.rpm 3.0 MB/s | 43 kB 00:00
(26/67): perl-Scalar-List-Utils-1.56-461.el9.x86_64.rpm 8.3 MB/s | 77 kB 00:00
(27/67): perl-Socket-2.031-4.el9.x86_64.rpm 7.6 MB/s | 58 kB 00:00
(28/67): perl-Term-ANSIColor-5.01-461.el9.noarch.rpm 3.5 MB/s | 51 kB 00:00
(29/67): perl-Text-ParseWords-3.30-460.el9.noarch.rpm 1.3 MB/s | 18 kB 00:00
(30/67): perl-URI-5.09-3.el9.noarch.rpm 9.3 MB/s | 125 kB 00:00
(31/67): perl-constant-1.33-461.el9.noarch.rpm 2.7 MB/s | 25 kB 00:00
(32/67): perl-Pod-Perldoc-3.28.01-461.el9.noarch.rpm 8.9 MB/s | 92 kB 00:00
(33/67): perl-libnet-3.13-4.el9.noarch.rpm 12 MB/s | 134 kB 00:00
(34/67): perl-Carp-1.50-460.el9.noarch.rpm 2.7 MB/s | 31 kB 00:00
(35/67): perl-Math-BigInt-1.9998.18-460.el9.noarch.rpm 15 MB/s | 194 kB 00:00
(36/67): perl-PathTools-3.78-461.el9.x86_64.rpm 8.0 MB/s | 92 kB 00:00
(37/67): perl-AutoLoader-5.74-481.el9.noarch.rpm 2.5 MB/s | 21 kB 00:00
(38/67): perl-Net-SSLeay-1.92-2.el9.x86_64.rpm 20 MB/s | 392 kB 00:00
(39/67): perl-Math-Complex-1.59-481.el9.noarch.rpm 3.4 MB/s | 47 kB 00:00
(40/67): perl-SelectSaver-1.02-481.el9.noarch.rpm 1.1 MB/s | 12 kB 00:00
(41/67): perl-if-0.60.800-481.el9.noarch.rpm 1.5 MB/s | 14 kB 00:00
(42/67): perl-overloading-0.02-481.el9.noarch.rpm 1.5 MB/s | 13 kB 00:00
(43/67): httpd-filesystem-2.4.57-8.el9.noarch.rpm 1.6 MB/s | 15 kB 00:00
(44/67): perl-B-1.80-481.el9.x86_64.rpm 16 MB/s | 184 kB 00:00
(45/67): perl-Class-Struct-0.66-481.el9.noarch.rpm 2.0 MB/s | 22 kB 00:00
(46/67): perl-English-1.11-481.el9.noarch.rpm 1.2 MB/s | 14 kB 00:00
(47/67): perl-Errno-1.30-481.el9.x86_64.rpm 1.7 MB/s | 15 kB 00:00
(48/67): perl-File-Basename-2.85-481.el9.noarch.rpm 1.5 MB/s | 17 kB 00:00
(49/67): perl-File-stat-1.09-481.el9.noarch.rpm 1.4 MB/s | 17 kB 00:00
(50/67): perl-FileHandle-2.03-481.el9.noarch.rpm 1.5 MB/s | 16 kB 00:00
(51/67): perl-Getopt-Std-1.12-481.el9.noarch.rpm 1.8 MB/s | 16 kB 00:00
(52/67): perl-HTTP-Tiny-0.076-462.el9.noarch.rpm 6.6 MB/s | 57 kB 00:00
(53/67): perl-IPC-Open3-1.21-481.el9.noarch.rpm 3.0 MB/s | 24 kB 00:00
(54/67): perl-IO-1.43-481.el9.x86_64.rpm 5.9 MB/s | 92 kB 00:00
(55/67): perl-NDBM_File-1.15-481.el9.x86_64.rpm 2.7 MB/s | 23 kB 00:00
(56/67): perl-POSIX-1.94-481.el9.x86_64.rpm 9.7 MB/s | 98 kB 00:00
(57/67): perl-Symbol-1.08-481.el9.noarch.rpm 1.7 MB/s | 14 kB 00:00
(58/67): perl-base-2.27-481.el9.noarch.rpm 1.8 MB/s | 16 kB 00:00
(59/67): perl-interpreter-5.32.1-481.el9.x86_64.rpm 7.7 MB/s | 73 kB 00:00
(60/67): perl-mro-1.23-481.el9.x86_64.rpm 2.6 MB/s | 29 kB 00:00
(61/67): perl-overload-1.31-481.el9.noarch.rpm 3.3 MB/s | 46 kB 00:00
(62/67): perl-vars-1.05-481.el9.noarch.rpm 1.4 MB/s | 13 kB 00:00
(63/67): perl-DynaLoader-1.47-481.el9.x86_64.rpm 3.0 MB/s | 26 kB 00:00
(64/67): perl-libs-5.32.1-481.el9.x86_64.rpm 39 MB/s | 2.2 MB 00:00
(65/67): perl-Fcntl-1.13-481.el9.x86_64.rpm 860 kB/s | 22 kB 00:00
(66/67): perl-subs-1.03-481.el9.noarch.rpm 1.6 MB/s | 12 kB 00:00
(67/67): squid-5.5-12.el9_4.x86_64.rpm 43 MB/s | 3.9 MB 00:00
---------------------------------------------------------------------------------------------
Total 27 MB/s | 12 MB 00:00
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Running scriptlet: squid-7:5.5-12.el9_4.x86_64 1/1
Preparing : 1/1
Installing : perl-Digest-1.19-4.el9.noarch 1/67
Installing : perl-Digest-MD5-2.58-4.el9.x86_64 2/67
Installing : perl-FileHandle-2.03-481.el9.noarch 3/67
Installing : perl-B-1.80-481.el9.x86_64 4/67
Installing : perl-libnet-3.13-4.el9.noarch 5/67
Installing : perl-Data-Dumper-2.174-462.el9.x86_64 6/67
Installing : perl-AutoLoader-5.74-481.el9.noarch 7/67
Installing : perl-base-2.27-481.el9.noarch 8/67
Installing : perl-URI-5.09-3.el9.noarch 9/67
Installing : perl-Time-Local-2:1.300-7.el9.noarch 10/67
Installing : perl-if-0.60.800-481.el9.noarch 11/67
Installing : perl-Mozilla-CA-20200520-6.el9.noarch 12/67
Installing : perl-Pod-Escapes-1:1.07-460.el9.noarch 13/67
Installing : perl-Text-Tabs+Wrap-2013.0523-460.el9.noarch 14/67
Installing : perl-File-Path-2.18-4.el9.noarch 15/67
Installing : perl-Net-SSLeay-1.92-2.el9.x86_64 16/67
Installing : perl-IO-Socket-IP-0.41-5.el9.noarch 17/67
Installing : perl-IO-Socket-SSL-2.073-1.el9.noarch 18/67
Installing : perl-Term-ANSIColor-5.01-461.el9.noarch 19/67
Installing : perl-Class-Struct-0.66-481.el9.noarch 20/67
Installing : perl-Term-Cap-1.17-460.el9.noarch 21/67
Installing : perl-File-Temp-1:0.231.100-4.el9.noarch 22/67
Installing : perl-IPC-Open3-1.21-481.el9.noarch 23/67
Installing : perl-POSIX-1.94-481.el9.x86_64 24/67
Installing : perl-subs-1.03-481.el9.noarch 25/67
Installing : perl-Pod-Simple-1:3.42-4.el9.noarch 26/67
Installing : perl-HTTP-Tiny-0.076-462.el9.noarch 27/67
Installing : perl-Socket-4:2.031-4.el9.x86_64 28/67
Installing : perl-SelectSaver-1.02-481.el9.noarch 29/67
Installing : perl-Symbol-1.08-481.el9.noarch 30/67
Installing : perl-File-stat-1.09-481.el9.noarch 31/67
Installing : perl-podlators-1:4.14-460.el9.noarch 32/67
Installing : perl-Pod-Perldoc-3.28.01-461.el9.noarch 33/67
Installing : perl-Text-ParseWords-3.30-460.el9.noarch 34/67
Installing : perl-overloading-0.02-481.el9.noarch 35/67
Installing : perl-mro-1.23-481.el9.x86_64 36/67
Installing : perl-IO-1.43-481.el9.x86_64 37/67
Installing : perl-Fcntl-1.13-481.el9.x86_64 38/67
Installing : perl-Pod-Usage-4:2.01-4.el9.noarch 39/67
Installing : perl-parent-1:0.238-460.el9.noarch 40/67
Installing : perl-MIME-Base64-3.16-4.el9.x86_64 41/67
Installing : perl-Scalar-List-Utils-4:1.56-461.el9.x86_64 42/67
Installing : perl-constant-1.33-461.el9.noarch 43/67
Installing : perl-Errno-1.30-481.el9.x86_64 44/67
Installing : perl-File-Basename-2.85-481.el9.noarch 45/67
Installing : perl-Getopt-Std-1.12-481.el9.noarch 46/67
Installing : perl-overload-1.31-481.el9.noarch 47/67
Installing : perl-vars-1.05-481.el9.noarch 48/67
Installing : perl-Storable-1:3.21-460.el9.x86_64 49/67
Installing : perl-Getopt-Long-1:2.52-4.el9.noarch 50/67
Installing : perl-Exporter-5.74-461.el9.noarch 51/67
Installing : perl-Carp-1.50-460.el9.noarch 52/67
Installing : perl-PathTools-3.78-461.el9.x86_64 53/67
Installing : perl-NDBM_File-1.15-481.el9.x86_64 54/67
Installing : perl-Encode-4:3.08-462.el9.x86_64 55/67
Installing : perl-libs-4:5.32.1-481.el9.x86_64 56/67
Installing : perl-interpreter-4:5.32.1-481.el9.x86_64 57/67
Installing : perl-Digest-SHA-1:6.02-461.el9.x86_64 58/67
Installing : perl-Math-Complex-1.59-481.el9.noarch 59/67
Installing : perl-Math-BigInt-1:1.9998.18-460.el9.noarch 60/67
Installing : perl-English-1.11-481.el9.noarch 61/67
Installing : perl-DynaLoader-1.47-481.el9.x86_64 62/67
Installing : perl-DBI-1.643-9.el9.x86_64 63/67
Running scriptlet: httpd-filesystem-2.4.57-8.el9.noarch 64/67
Installing : httpd-filesystem-2.4.57-8.el9.noarch 64/67
Installing : libtool-ltdl-2.4.6-45.el9.x86_64 65/67
Installing : libecap-1.0.1-10.el9.x86_64 66/67
Running scriptlet: squid-7:5.5-12.el9_4.x86_64 67/67
Installing : squid-7:5.5-12.el9_4.x86_64 67/67
Running scriptlet: squid-7:5.5-12.el9_4.x86_64 67/67
Verifying : perl-Data-Dumper-2.174-462.el9.x86_64 1/67
Verifying : perl-Digest-MD5-2.58-4.el9.x86_64 2/67
Verifying : perl-Encode-4:3.08-462.el9.x86_64 3/67
Verifying : perl-IO-Socket-SSL-2.073-1.el9.noarch 4/67
Verifying : perl-Mozilla-CA-20200520-6.el9.noarch 5/67
Verifying : perl-Pod-Simple-1:3.42-4.el9.noarch 6/67
Verifying : perl-Term-Cap-1.17-460.el9.noarch 7/67
Verifying : perl-Time-Local-2:1.300-7.el9.noarch 8/67
Verifying : perl-Pod-Escapes-1:1.07-460.el9.noarch 9/67
Verifying : perl-Storable-1:3.21-460.el9.x86_64 10/67
Verifying : perl-podlators-1:4.14-460.el9.noarch 11/67
Verifying : libecap-1.0.1-10.el9.x86_64 12/67
Verifying : libtool-ltdl-2.4.6-45.el9.x86_64 13/67
Verifying : perl-Digest-SHA-1:6.02-461.el9.x86_64 14/67
Verifying : perl-Exporter-5.74-461.el9.noarch 15/67
Verifying : perl-File-Temp-1:0.231.100-4.el9.noarch 16/67
Verifying : perl-Getopt-Long-1:2.52-4.el9.noarch 17/67
Verifying : perl-MIME-Base64-3.16-4.el9.x86_64 18/67
Verifying : perl-Text-Tabs+Wrap-2013.0523-460.el9.noarch 19/67
Verifying : perl-parent-1:0.238-460.el9.noarch 20/67
Verifying : perl-DBI-1.643-9.el9.x86_64 21/67
Verifying : perl-Digest-1.19-4.el9.noarch 22/67
Verifying : perl-File-Path-2.18-4.el9.noarch 23/67
Verifying : perl-IO-Socket-IP-0.41-5.el9.noarch 24/67
Verifying : perl-Pod-Usage-4:2.01-4.el9.noarch 25/67
Verifying : perl-Scalar-List-Utils-4:1.56-461.el9.x86_64 26/67
Verifying : perl-Socket-4:2.031-4.el9.x86_64 27/67
Verifying : perl-Term-ANSIColor-5.01-461.el9.noarch 28/67
Verifying : perl-Text-ParseWords-3.30-460.el9.noarch 29/67
Verifying : perl-URI-5.09-3.el9.noarch 30/67
Verifying : perl-constant-1.33-461.el9.noarch 31/67
Verifying : perl-Pod-Perldoc-3.28.01-461.el9.noarch 32/67
Verifying : perl-libnet-3.13-4.el9.noarch 33/67
Verifying : perl-Carp-1.50-460.el9.noarch 34/67
Verifying : perl-Math-BigInt-1:1.9998.18-460.el9.noarch 35/67
Verifying : perl-PathTools-3.78-461.el9.x86_64 36/67
Verifying : perl-Net-SSLeay-1.92-2.el9.x86_64 37/67
Verifying : perl-AutoLoader-5.74-481.el9.noarch 38/67
Verifying : perl-Math-Complex-1.59-481.el9.noarch 39/67
Verifying : perl-SelectSaver-1.02-481.el9.noarch 40/67
Verifying : perl-if-0.60.800-481.el9.noarch 41/67
Verifying : perl-overloading-0.02-481.el9.noarch 42/67
Verifying : httpd-filesystem-2.4.57-8.el9.noarch 43/67
Verifying : perl-B-1.80-481.el9.x86_64 44/67
Verifying : perl-Class-Struct-0.66-481.el9.noarch 45/67
Verifying : perl-English-1.11-481.el9.noarch 46/67
Verifying : perl-Errno-1.30-481.el9.x86_64 47/67
Verifying : perl-File-Basename-2.85-481.el9.noarch 48/67
Verifying : perl-File-stat-1.09-481.el9.noarch 49/67
Verifying : perl-FileHandle-2.03-481.el9.noarch 50/67
Verifying : perl-Getopt-Std-1.12-481.el9.noarch 51/67
Verifying : perl-HTTP-Tiny-0.076-462.el9.noarch 52/67
Verifying : perl-IO-1.43-481.el9.x86_64 53/67
Verifying : perl-IPC-Open3-1.21-481.el9.noarch 54/67
Verifying : perl-NDBM_File-1.15-481.el9.x86_64 55/67
Verifying : perl-POSIX-1.94-481.el9.x86_64 56/67
Verifying : perl-Symbol-1.08-481.el9.noarch 57/67
Verifying : perl-base-2.27-481.el9.noarch 58/67
Verifying : perl-interpreter-4:5.32.1-481.el9.x86_64 59/67
Verifying : perl-libs-4:5.32.1-481.el9.x86_64 60/67
Verifying : perl-mro-1.23-481.el9.x86_64 61/67
Verifying : perl-overload-1.31-481.el9.noarch 62/67
Verifying : perl-vars-1.05-481.el9.noarch 63/67
Verifying : squid-7:5.5-12.el9_4.x86_64 64/67
Verifying : perl-DynaLoader-1.47-481.el9.x86_64 65/67
Verifying : perl-Fcntl-1.13-481.el9.x86_64 66/67
Verifying : perl-subs-1.03-481.el9.noarch 67/67
Installed products updated.
Installed:
httpd-filesystem-2.4.57-8.el9.noarch libecap-1.0.1-10.el9.x86_64
libtool-ltdl-2.4.6-45.el9.x86_64 perl-AutoLoader-5.74-481.el9.noarch
perl-B-1.80-481.el9.x86_64 perl-Carp-1.50-460.el9.noarch
perl-Class-Struct-0.66-481.el9.noarch perl-DBI-1.643-9.el9.x86_64
perl-Data-Dumper-2.174-462.el9.x86_64 perl-Digest-1.19-4.el9.noarch
perl-Digest-MD5-2.58-4.el9.x86_64 perl-Digest-SHA-1:6.02-461.el9.x86_64
perl-DynaLoader-1.47-481.el9.x86_64 perl-Encode-4:3.08-462.el9.x86_64
perl-English-1.11-481.el9.noarch perl-Errno-1.30-481.el9.x86_64
perl-Exporter-5.74-461.el9.noarch perl-Fcntl-1.13-481.el9.x86_64
perl-File-Basename-2.85-481.el9.noarch perl-File-Path-2.18-4.el9.noarch
perl-File-Temp-1:0.231.100-4.el9.noarch perl-File-stat-1.09-481.el9.noarch
perl-FileHandle-2.03-481.el9.noarch perl-Getopt-Long-1:2.52-4.el9.noarch
perl-Getopt-Std-1.12-481.el9.noarch perl-HTTP-Tiny-0.076-462.el9.noarch
perl-IO-1.43-481.el9.x86_64 perl-IO-Socket-IP-0.41-5.el9.noarch
perl-IO-Socket-SSL-2.073-1.el9.noarch perl-IPC-Open3-1.21-481.el9.noarch
perl-MIME-Base64-3.16-4.el9.x86_64 perl-Math-BigInt-1:1.9998.18-460.el9.noarch
perl-Math-Complex-1.59-481.el9.noarch perl-Mozilla-CA-20200520-6.el9.noarch
perl-NDBM_File-1.15-481.el9.x86_64 perl-Net-SSLeay-1.92-2.el9.x86_64
perl-POSIX-1.94-481.el9.x86_64 perl-PathTools-3.78-461.el9.x86_64
perl-Pod-Escapes-1:1.07-460.el9.noarch perl-Pod-Perldoc-3.28.01-461.el9.noarch
perl-Pod-Simple-1:3.42-4.el9.noarch perl-Pod-Usage-4:2.01-4.el9.noarch
perl-Scalar-List-Utils-4:1.56-461.el9.x86_64 perl-SelectSaver-1.02-481.el9.noarch
perl-Socket-4:2.031-4.el9.x86_64 perl-Storable-1:3.21-460.el9.x86_64
perl-Symbol-1.08-481.el9.noarch perl-Term-ANSIColor-5.01-461.el9.noarch
perl-Term-Cap-1.17-460.el9.noarch perl-Text-ParseWords-3.30-460.el9.noarch
perl-Text-Tabs+Wrap-2013.0523-460.el9.noarch perl-Time-Local-2:1.300-7.el9.noarch
perl-URI-5.09-3.el9.noarch perl-base-2.27-481.el9.noarch
perl-constant-1.33-461.el9.noarch perl-if-0.60.800-481.el9.noarch
perl-interpreter-4:5.32.1-481.el9.x86_64 perl-libnet-3.13-4.el9.noarch
perl-libs-4:5.32.1-481.el9.x86_64 perl-mro-1.23-481.el9.x86_64
perl-overload-1.31-481.el9.noarch perl-overloading-0.02-481.el9.noarch
perl-parent-1:0.238-460.el9.noarch perl-podlators-1:4.14-460.el9.noarch
perl-subs-1.03-481.el9.noarch perl-vars-1.05-481.el9.noarch
squid-7:5.5-12.el9_4.x86_64
Complete!
Squidを設定していきますが、こちらも検証用なのでガバガバの設定です。ご容赦くださいませ。
[root@ip-10-0-100-246 ~]# cat /etc/squid/squid.conf
#
# Recommended minimum configuration:
#
# Example rule allowing access from your local networks.
# Adapt to list your (internal) IP networks from where browsing
# should be allowed
acl localnet src 0.0.0.1-0.255.255.255 # RFC 1122 "this" network (LAN)
acl localnet src 10.0.0.0/8 # RFC 1918 local private network (LAN)
acl localnet src 100.64.0.0/10 # RFC 6598 shared address space (CGN)
acl localnet src 169.254.0.0/16 # RFC 3927 link-local (directly plugged) machines
acl localnet src 172.16.0.0/12 # RFC 1918 local private network (LAN)
acl localnet src 192.168.0.0/16 # RFC 1918 local private network (LAN)
acl localnet src fc00::/7 # RFC 4193 local private network range
acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines
+ acl all src 0.0.0.0/0
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
#
# Recommended minimum Access Permission configuration:
#
# Deny requests to certain unsafe ports
http_access deny !Safe_ports
# Deny CONNECT to other than secure SSL ports
http_access deny CONNECT !SSL_ports
# Only allow cachemgr access from localhost
http_access allow localhost manager
http_access deny manager
+ http_access allow all
# We strongly recommend the following be uncommented to protect innocent
# web applications running on the proxy server who think the only
# one who can access services on "localhost" is a local user
#http_access deny to_localhost
#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
#
# Example rule allowing access from your local networks.
# Adapt localnet in the ACL section to list your (internal) IP networks
# from where browsing should be allowed
http_access allow localnet
http_access allow localhost
# And finally deny all other access to this proxy
http_access deny all
# Squid normally listens to port 3128
- http_port 3128
+ http_port 8080
# Uncomment and adjust the following to add a disk cache directory.
#cache_dir ufs /var/spool/squid 100 16 256
# Leave coredumps in the first cache dir
coredump_dir /var/spool/squid
+ cache_log /var/log/squid/cache.log
+ access_log /var/log/squid/access.log
+ cache_store_log /var/log/squid/store.log
#
# Add any of your own refresh_pattern entries above these.
#
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
[root@ip-10-0-100-246 ~]#
設定したらSquidを再起動
[root@ip-10-0-100-246 squid]# systemctl start squid
[root@ip-10-0-100-246 squid]# systemctl status squid
● squid.service - Squid caching proxy
Loaded: loaded (/usr/lib/systemd/system/squid.service; disabled; preset: disabled)
Active: active (running) since Sat 2024-06-29 11:44:03 UTC; 4s ago
Docs: man:squid(8)
Process: 27936 ExecStartPre=/usr/libexec/squid/cache_swap.sh (code=exited, status=0/SUCC>
Main PID: 27938 (squid)
Tasks: 2 (limit: 4400)
Memory: 14.3M
CPU: 116ms
CGroup: /system.slice/squid.service
├─27938 /usr/sbin/squid --foreground -f /etc/squid/squid.conf
└─27940 "(squid-1)" --kid squid-1 --foreground -f /etc/squid/squid.conf
Jun 29 11:44:03 ip-10-0-100-246.ap-northeast-1.compute.internal systemd[1]: Starting Squid c>
Jun 29 11:44:03 ip-10-0-100-246.ap-northeast-1.compute.internal squid[27938]: 2024/06/29 11:>
Jun 29 11:44:03 ip-10-0-100-246.ap-northeast-1.compute.internal squid[27938]: 2024/06/29 11:>
Jun 29 11:44:03 ip-10-0-100-246.ap-northeast-1.compute.internal squid[27938]: 2024/06/29 11:>
Jun 29 11:44:03 ip-10-0-100-246.ap-northeast-1.compute.internal squid[27938]: 2024/06/29 11:>
Jun 29 11:44:03 ip-10-0-100-246.ap-northeast-1.compute.internal squid[27938]: 2024/06/29 11:>
Jun 29 11:44:03 ip-10-0-100-246.ap-northeast-1.compute.internal squid[27938]: Squid Parent: >
Jun 29 11:44:03 ip-10-0-100-246.ap-northeast-1.compute.internal squid[27938]: Squid Parent: >
Jun 29 11:44:03 ip-10-0-100-246.ap-northeast-1.compute.internal systemd[1]: Started Squid ca>
[root@ip-10-0-100-246 squid]# systemctl enable squid
Created symlink /etc/systemd/system/multi-user.target.wants/squid.service → /usr/lib/systemd/system/squid.service.
[root@ip-10-0-100-246 squid]#
[root@ip-10-0-100-246 squid]#
[root@ip-10-0-100-246 squid]# systemctl status squid
● squid.service - Squid caching proxy
Loaded: loaded (/usr/lib/systemd/system/squid.service; enabled; preset: disabled)
Active: active (running) since Sat 2024-06-29 11:44:03 UTC; 13s ago
Docs: man:squid(8)
Main PID: 27938 (squid)
Tasks: 2 (limit: 4400)
Memory: 14.3M
CPU: 117ms
CGroup: /system.slice/squid.service
├─27938 /usr/sbin/squid --foreground -f /etc/squid/squid.conf
└─27940 "(squid-1)" --kid squid-1 --foreground -f /etc/squid/squid.conf
Jun 29 11:44:03 ip-10-0-100-246.ap-northeast-1.compute.internal systemd[1]: Starting Squid c>
Jun 29 11:44:03 ip-10-0-100-246.ap-northeast-1.compute.internal squid[27938]: 2024/06/29 11:>
Jun 29 11:44:03 ip-10-0-100-246.ap-northeast-1.compute.internal squid[27938]: 2024/06/29 11:>
Jun 29 11:44:03 ip-10-0-100-246.ap-northeast-1.compute.internal squid[27938]: 2024/06/29 11:>
Jun 29 11:44:03 ip-10-0-100-246.ap-northeast-1.compute.internal squid[27938]: 2024/06/29 11:>
Jun 29 11:44:03 ip-10-0-100-246.ap-northeast-1.compute.internal squid[27938]: 2024/06/29 11:>
Jun 29 11:44:03 ip-10-0-100-246.ap-northeast-1.compute.internal squid[27938]: Squid Parent: >
Jun 29 11:44:03 ip-10-0-100-246.ap-northeast-1.compute.internal squid[27938]: Squid Parent: >
Jun 29 11:44:03 ip-10-0-100-246.ap-northeast-1.compute.internal systemd[1]: Started Squid ca>
[root@ip-10-0-100-246 squid]#
[root@ip-10-0-100-246 squid]# ss -nlpt | grep 8080
LISTEN 0 4096 *:8080 *:* users:(("squid",pid=27940,fd=11))
[root@ip-10-0-100-246 squid]#
次にWebサーバ側に入って、dnfリポジトリにアクセスできるようにしていきます。
dnfの設定ファイルにプロキシの設定を追加します。
プロキシサーバのIPアドレスと待ち受けているポートを指定。
[root@ip-10-0-0-158 ~]# cat /etc/dnf/dnf.conf
[main]
gpgcheck=1
installonly_limit=3
clean_requirements_on_remove=True
best=True
skip_if_unavailable=False
+ proxy=http://10.0.100.246:8080
dnfアップデートできるか確認
[root@ip-10-0-0-158 ~]# dnf -y update
Updating Subscription Management repositories.
Unable to read consumer identity
This system is not registered with an entitlement server. You can use "rhc" or "subscription-manager" to register.
Red Hat Enterprise Linux 9 for x86_64 - AppStream from RHUI 47 MB/s | 36 MB 00:00
Red Hat Enterprise Linux 9 for x86_64 - BaseOS from RHUI (RP 50 MB/s | 25 MB 00:00
Red Hat Enterprise Linux 9 Client Configuration 30 kB/s | 3.0 kB 00:00
Dependencies resolved.
=============================================================================================
Package Arch Version Repository Size
=============================================================================================
Installing:
kernel x86_64 5.14.0-427.22.1.el9_4 rhel-9-baseos-rhui-rpms 5.5 M
kernel-core x86_64 5.14.0-427.22.1.el9_4 rhel-9-baseos-rhui-rpms 20 M
kernel-modules x86_64 5.14.0-427.22.1.el9_4 rhel-9-baseos-rhui-rpms 39 M
kernel-modules-core x86_64 5.14.0-427.22.1.el9_4 rhel-9-baseos-rhui-rpms 33 M
Upgrading:
kernel-tools x86_64 5.14.0-427.22.1.el9_4 rhel-9-baseos-rhui-rpms 5.7 M
kernel-tools-libs x86_64 5.14.0-427.22.1.el9_4 rhel-9-baseos-rhui-rpms 5.5 M
python-unversioned-command noarch 3.9.18-3.el9_4.1 rhel-9-appstream-rhui-rpms 10 k
python3 x86_64 3.9.18-3.el9_4.1 rhel-9-baseos-rhui-rpms 29 k
python3-libs x86_64 3.9.18-3.el9_4.1 rhel-9-baseos-rhui-rpms 7.8 M
python3-perf x86_64 5.14.0-427.22.1.el9_4 rhel-9-baseos-rhui-rpms 5.6 M
rh-amazon-rhui-client noarch 4.0.19-1.el9 rhui-client-config-server-9 46 k
selinux-policy noarch 38.1.35-2.el9_4.2 rhel-9-baseos-rhui-rpms 53 k
selinux-policy-targeted noarch 38.1.35-2.el9_4.2 rhel-9-baseos-rhui-rpms 6.9 M
shim-x64 x86_64 15.8-4.el9_3 rhel-9-baseos-rhui-rpms 476 k
Transaction Summary
=============================================================================================
Install 4 Packages
Upgrade 10 Packages
Total download size: 130 M
Downloading Packages:
(1/14): kernel-5.14.0-427.22.1.el9_4.x86_64.rpm 26 MB/s | 5.5 MB 00:00
(2/14): kernel-core-5.14.0-427.22.1.el9_4.x86_64.rpm 37 MB/s | 20 MB 00:00
(3/14): python-unversioned-command-3.9.18-3.el9_4.1.noarch.r 679 kB/s | 10 kB 00:00
(4/14): shim-x64-15.8-4.el9_3.x86_64.rpm 19 MB/s | 476 kB 00:00
(5/14): selinux-policy-38.1.35-2.el9_4.2.noarch.rpm 4.0 MB/s | 53 kB 00:00
(6/14): selinux-policy-targeted-38.1.35-2.el9_4.2.noarch.rpm 31 MB/s | 6.9 MB 00:00
(7/14): kernel-tools-5.14.0-427.22.1.el9_4.x86_64.rpm 37 MB/s | 5.7 MB 00:00
(8/14): kernel-tools-libs-5.14.0-427.22.1.el9_4.x86_64.rpm 38 MB/s | 5.5 MB 00:00
(9/14): kernel-modules-5.14.0-427.22.1.el9_4.x86_64.rpm 29 MB/s | 39 MB 00:01
(10/14): python3-3.9.18-3.el9_4.1.x86_64.rpm 2.4 MB/s | 29 kB 00:00
(11/14): kernel-modules-core-5.14.0-427.22.1.el9_4.x86_64.rp 25 MB/s | 33 MB 00:01
(12/14): rh-amazon-rhui-client-4.0.19-1.el9.noarch.rpm 1.1 MB/s | 46 kB 00:00
(13/14): python3-perf-5.14.0-427.22.1.el9_4.x86_64.rpm 11 MB/s | 5.6 MB 00:00
(14/14): python3-libs-3.9.18-3.el9_4.1.x86_64.rpm 20 MB/s | 7.8 MB 00:00
---------------------------------------------------------------------------------------------
Total 71 MB/s | 130 MB 00:01
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Running scriptlet: selinux-policy-targeted-38.1.35-2.el9_4.2.noarch 1/1
Preparing : 1/1
Installing : kernel-modules-core-5.14.0-427.22.1.el9_4.x86_64 1/24
Installing : kernel-core-5.14.0-427.22.1.el9_4.x86_64 2/24
Running scriptlet: kernel-core-5.14.0-427.22.1.el9_4.x86_64 2/24
Installing : kernel-modules-5.14.0-427.22.1.el9_4.x86_64 3/24
Running scriptlet: kernel-modules-5.14.0-427.22.1.el9_4.x86_64 3/24
Upgrading : selinux-policy-38.1.35-2.el9_4.2.noarch 4/24
Running scriptlet: selinux-policy-38.1.35-2.el9_4.2.noarch 4/24
Running scriptlet: selinux-policy-targeted-38.1.35-2.el9_4.2.noarch 5/24
Upgrading : selinux-policy-targeted-38.1.35-2.el9_4.2.noarch 5/24
Running scriptlet: selinux-policy-targeted-38.1.35-2.el9_4.2.noarch 5/24
Upgrading : python3-libs-3.9.18-3.el9_4.1.x86_64 6/24
Upgrading : python3-3.9.18-3.el9_4.1.x86_64 7/24
Upgrading : python-unversioned-command-3.9.18-3.el9_4.1.noarch 8/24
Upgrading : kernel-tools-libs-5.14.0-427.22.1.el9_4.x86_64 9/24
Running scriptlet: kernel-tools-libs-5.14.0-427.22.1.el9_4.x86_64 9/24
Upgrading : kernel-tools-5.14.0-427.22.1.el9_4.x86_64 10/24
Running scriptlet: kernel-tools-5.14.0-427.22.1.el9_4.x86_64 10/24
Upgrading : python3-perf-5.14.0-427.22.1.el9_4.x86_64 11/24
Upgrading : rh-amazon-rhui-client-4.0.19-1.el9.noarch 12/24
warning: /etc/yum.repos.d/redhat-rhui.repo saved as /etc/yum.repos.d/redhat-rhui.repo.rpmsave
Running scriptlet: rh-amazon-rhui-client-4.0.19-1.el9.noarch 12/24
[INFO:choose_repo] choose_repo:33 2024-06-29 11:58:50,028: Enabling binary repos in redhat-rhui.repo
[INFO:choose_repo] choose_repo:56 2024-06-29 11:58:50,029: Enabling client config repo
[INFO:choose_repo] choose_repo:64 2024-06-29 11:58:50,030: Executing [sed -i 's/enabled=0/enabled=1/' /etc/yum.repos.d/redhat-rhui-client-config.repo]
Installing : kernel-5.14.0-427.22.1.el9_4.x86_64 13/24
Upgrading : shim-x64-15.8-4.el9_3.x86_64 14/24
Running scriptlet: rh-amazon-rhui-client-4.0.18-1.el9.noarch 15/24
Cleanup : rh-amazon-rhui-client-4.0.18-1.el9.noarch 15/24
Running scriptlet: selinux-policy-38.1.35-2.el9_4.noarch 16/24
Cleanup : selinux-policy-38.1.35-2.el9_4.noarch 16/24
Running scriptlet: selinux-policy-38.1.35-2.el9_4.noarch 16/24
Cleanup : selinux-policy-targeted-38.1.35-2.el9_4.noarch 17/24
Running scriptlet: selinux-policy-targeted-38.1.35-2.el9_4.noarch 17/24
Cleanup : shim-x64-15.8-3.el9_4.x86_64 18/24
Running scriptlet: kernel-tools-5.14.0-427.20.1.el9_4.x86_64 19/24
Cleanup : kernel-tools-5.14.0-427.20.1.el9_4.x86_64 19/24
Running scriptlet: kernel-tools-5.14.0-427.20.1.el9_4.x86_64 19/24
Cleanup : python3-perf-5.14.0-427.20.1.el9_4.x86_64 20/24
Cleanup : python3-3.9.18-3.el9.x86_64 21/24
Cleanup : python-unversioned-command-3.9.18-3.el9.noarch 22/24
Cleanup : python3-libs-3.9.18-3.el9.x86_64 23/24
Cleanup : kernel-tools-libs-5.14.0-427.20.1.el9_4.x86_64 24/24
Running scriptlet: kernel-tools-libs-5.14.0-427.20.1.el9_4.x86_64 24/24
Running scriptlet: kernel-modules-core-5.14.0-427.22.1.el9_4.x86_64 24/24
Running scriptlet: kernel-core-5.14.0-427.22.1.el9_4.x86_64 24/24
Running scriptlet: kernel-modules-5.14.0-427.22.1.el9_4.x86_64 24/24
Running scriptlet: selinux-policy-targeted-38.1.35-2.el9_4.2.noarch 24/24
Running scriptlet: kernel-tools-libs-5.14.0-427.20.1.el9_4.x86_64 24/24
Verifying : kernel-5.14.0-427.22.1.el9_4.x86_64 1/24
Verifying : kernel-core-5.14.0-427.22.1.el9_4.x86_64 2/24
Verifying : kernel-modules-5.14.0-427.22.1.el9_4.x86_64 3/24
Verifying : kernel-modules-core-5.14.0-427.22.1.el9_4.x86_64 4/24
Verifying : python-unversioned-command-3.9.18-3.el9_4.1.noarch 5/24
Verifying : python-unversioned-command-3.9.18-3.el9.noarch 6/24
Verifying : shim-x64-15.8-4.el9_3.x86_64 7/24
Verifying : shim-x64-15.8-3.el9_4.x86_64 8/24
Verifying : selinux-policy-38.1.35-2.el9_4.2.noarch 9/24
Verifying : selinux-policy-38.1.35-2.el9_4.noarch 10/24
Verifying : selinux-policy-targeted-38.1.35-2.el9_4.2.noarch 11/24
Verifying : selinux-policy-targeted-38.1.35-2.el9_4.noarch 12/24
Verifying : kernel-tools-5.14.0-427.22.1.el9_4.x86_64 13/24
Verifying : kernel-tools-5.14.0-427.20.1.el9_4.x86_64 14/24
Verifying : kernel-tools-libs-5.14.0-427.22.1.el9_4.x86_64 15/24
Verifying : kernel-tools-libs-5.14.0-427.20.1.el9_4.x86_64 16/24
Verifying : python3-perf-5.14.0-427.22.1.el9_4.x86_64 17/24
Verifying : python3-perf-5.14.0-427.20.1.el9_4.x86_64 18/24
Verifying : python3-3.9.18-3.el9_4.1.x86_64 19/24
Verifying : python3-3.9.18-3.el9.x86_64 20/24
Verifying : python3-libs-3.9.18-3.el9_4.1.x86_64 21/24
Verifying : python3-libs-3.9.18-3.el9.x86_64 22/24
Verifying : rh-amazon-rhui-client-4.0.19-1.el9.noarch 23/24
Verifying : rh-amazon-rhui-client-4.0.18-1.el9.noarch 24/24
Installed products updated.
Upgraded:
kernel-tools-5.14.0-427.22.1.el9_4.x86_64
kernel-tools-libs-5.14.0-427.22.1.el9_4.x86_64
python-unversioned-command-3.9.18-3.el9_4.1.noarch
python3-3.9.18-3.el9_4.1.x86_64
python3-libs-3.9.18-3.el9_4.1.x86_64
python3-perf-5.14.0-427.22.1.el9_4.x86_64
rh-amazon-rhui-client-4.0.19-1.el9.noarch
selinux-policy-38.1.35-2.el9_4.2.noarch
selinux-policy-targeted-38.1.35-2.el9_4.2.noarch
shim-x64-15.8-4.el9_3.x86_64
Installed:
kernel-5.14.0-427.22.1.el9_4.x86_64
kernel-core-5.14.0-427.22.1.el9_4.x86_64
kernel-modules-5.14.0-427.22.1.el9_4.x86_64
kernel-modules-core-5.14.0-427.22.1.el9_4.x86_64
Complete!
アップデートできましたね。
最後に、プロキシサーバ側でのログを確認します。
RHELのリポジトリに向けてGETしに行っているので目的は達成ですね。
お疲れ様でした!
[root@ip-10-0-100-246 squid]# head -20 access.log
1719662152.629 90 10.0.0.158 TCP_MISS/200 21662 GET http://www.google.co.jp/ - HIER_DIRECT/142.251.42.195 text/html
1719662262.343 48 10.0.0.158 TCP_TUNNEL/200 3251 CONNECT rhui.ap-northeast-1.aws.ce.redhat.com:443 - HIER_DIRECT/3.115.250.18 -
1719662262.377 33 10.0.0.158 TCP_TUNNEL/200 7843 CONNECT rhui.ap-northeast-1.aws.ce.redhat.com:443 - HIER_DIRECT/3.115.250.18 -
1719662263.074 694 10.0.0.158 TCP_TUNNEL/200 5831024 CONNECT rhui.ap-northeast-1.aws.ce.redhat.com:443 - HIER_DIRECT/3.115.250.18 -
1719662263.074 695 10.0.0.158 TCP_TUNNEL/200 29949211 CONNECT rhui.ap-northeast-1.aws.ce.redhat.com:443 - HIER_DIRECT/3.115.250.18 -
1719662263.075 694 10.0.0.158 TCP_TUNNEL/200 2488641 CONNECT rhui.ap-northeast-1.aws.ce.redhat.com:443 - HIER_DIRECT/3.115.250.18 -
1719662271.530 25 10.0.0.158 TCP_TUNNEL/200 3248 CONNECT rhui.ap-northeast-1.aws.ce.redhat.com:443 - HIER_DIRECT/3.115.250.18 -
1719662271.565 33 10.0.0.158 TCP_TUNNEL/200 7380 CONNECT rhui.ap-northeast-1.aws.ce.redhat.com:443 - HIER_DIRECT/3.115.250.18 -
1719662271.991 423 10.0.0.158 TCP_TUNNEL/200 20744366 CONNECT rhui.ap-northeast-1.aws.ce.redhat.com:443 - HIER_DIRECT/3.115.250.18 -
1719662271.991 423 10.0.0.158 TCP_TUNNEL/200 4086815 CONNECT rhui.ap-northeast-1.aws.ce.redhat.com:443 - HIER_DIRECT/3.115.250.18 -
1719662271.991 423 10.0.0.158 TCP_TUNNEL/200 981277 CONNECT rhui.ap-northeast-1.aws.ce.redhat.com:443 - HIER_DIRECT/3.115.250.18 -
1719662276.326 25 10.0.0.158 TCP_TUNNEL/200 3258 CONNECT rhui.ap-northeast-1.aws.ce.redhat.com:443 - HIER_DIRECT/3.115.250.18 -
1719662276.355 28 10.0.0.158 TCP_TUNNEL/200 4772 CONNECT rhui.ap-northeast-1.aws.ce.redhat.com:443 - HIER_DIRECT/3.115.250.18 -
1719662276.400 44 10.0.0.158 TCP_TUNNEL/200 5309 CONNECT rhui.ap-northeast-1.aws.ce.redhat.com:443 - HIER_DIRECT/3.115.250.18 -
1719662276.401 44 10.0.0.158 TCP_TUNNEL/200 4227 CONNECT rhui.ap-northeast-1.aws.ce.redhat.com:443 - HIER_DIRECT/3.115.250.18 -
1719662278.185 25 10.0.0.158 TCP_TUNNEL/200 3248 CONNECT rhui.ap-northeast-1.aws.ce.redhat.com:443 - HIER_DIRECT/3.115.250.18 -
1719662278.211 24 10.0.0.158 TCP_TUNNEL/200 3251 CONNECT rhui.ap-northeast-1.aws.ce.redhat.com:443 - HIER_DIRECT/3.115.250.18 -
1719662278.236 23 10.0.0.158 TCP_TUNNEL/200 3258 CONNECT rhui.ap-northeast-1.aws.ce.redhat.com:443 - HIER_DIRECT/3.115.250.18 -
1719662280.001 1763 10.0.0.158 TCP_TUNNEL/200 40783943 CONNECT rhui.ap-northeast-1.aws.ce.redhat.com:443 - HIER_DIRECT/3.115.250.18 -
1719662280.001 1763 10.0.0.158 TCP_TUNNEL/200 46820813 CONNECT rhui.ap-northeast-1.aws.ce.redhat.com:443 - HIER_DIRECT/3.115.250.18 -
[root@ip-10-0-100-246 squid]#