0x00 目的

因安全原因,开发环境封外网后,作为可审计的代理连接外网下载必要软件;

生产环境需要连接外部接口的应用,在线下测试时可以通过设置线下的代理服务器测试软件代理访问功能是否正常。

0x01 服务器信息

ip 10.57.22.8 端口 3128

10.57.22.219

公用帐号 squid 密码 public

0x02 代理上网的逻辑

图1 Squid代理逻辑

0x03 使用方法(部分适用于Centos系统)

1.全局的代理设置

1
2
3
4
5
6
7
vi /etc/profile
#添加下面内容 (=号两边没有空格,有空格报command no find)

http_proxy=http://10.57.22.8:3128/
https_proxy=http://10.57.22.8:3128/
export http_proxy
export https_proxy

使其生效:

1
source /etc/profile

验证:

1
curl  http://www.baidu.com

2.yum的代理设置

1
2
3
vi /etc/yum.conf
#添加下面内容
proxy=http://10.57.22.8:3128/

或者

1
2
3
4
proxy=http://10.57.22.8:3128
proxy=ftp://10.57.22.8:3128
proxy_username=username
proxy_password=password

3.Wget的代理设置

1
2
3
4
5
6
vi /etc/wgetrc
#添加下面内容
# Proxy

http_proxy=http://10.57.22.8:3128/
https_proxy=http://10.57.22.8:3128/

4.Git的代理设置

1
2
git config --global http.proxy http://10.57.22.8:3128
git config --global https.proxy https://10.57.22.8:3128

git:// 协议代理方式

1
2
3
4
5
6
7
8
9
10
$ sudo yum install socat
$ sudo vi /usr/bin/gitproxy
#!/bin/bash
PROXY=10.57.22.8
PROXYPORT=3128
PROXYAUTH=
exec socat STDIO PROXY:$PROXY:$1:$2,proxyport=$PROXYPORT,proxyauth=$PROXYAUTH

$ sudo chmod +x /usr/bin/gitproxy
$ git config --global core.gitproxy gitproxy

5.apt-get 的代理设置

在/etc/apt/apt.conf文件中加入如下内容(没有的话新建一个):

1
2
3
Acquire::http::proxy "http://10.57.22.8:3128/";
Acquire::ftp::proxy "ftp://10.57.22.8:3128/";
Acquire::https::proxy "https://10.57.22.8:3128/";

6.anaconda的代理设置:

在~/.condarc文件中添加下面内容

1
2
3
proxy_servers:
http: http://10.57.22.8:3128
https: https://10.57.22.8:3128

7.windows代理上网配置

图2 Windows上网代理配置

8.JAVA使用代理

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
package org.apache.http.examples.client;

import org.apache.http.HttpHost;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.CredentialsProvider;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.BasicCredentialsProvider;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;

/**
* A simple example that uses HttpClient to execute an HTTP request
* over a secure connection tunneled through an authenticating proxy.
*/
public class ClientProxyAuthentication {

public static void main(String[] args) throws Exception {
CredentialsProvider credsProvider = new BasicCredentialsProvider();
credsProvider.setCredentials(
new AuthScope("localhost", 8888),
new UsernamePasswordCredentials("squid", "squid"));
credsProvider.setCredentials(
new AuthScope("httpbin.org", 80),
new UsernamePasswordCredentials("user", "passwd"));
CloseableHttpClient httpclient = HttpClients.custom()
.setDefaultCredentialsProvider(credsProvider).build();
try {
HttpHost target = new HttpHost("httpbin.org", 80, "http");
HttpHost proxy = new HttpHost("localhost", 8888);

RequestConfig config = RequestConfig.custom()
.setProxy(proxy)
.build();
HttpGet httpget = new HttpGet("/basic-auth/user/passwd");
httpget.setConfig(config);

System.out.println("Executing request " + httpget.getRequestLine() + " to " + target + " via " + proxy);

CloseableHttpResponse response = httpclient.execute(target, httpget);
try {
System.out.println("----------------------------------------");
System.out.println(response.getStatusLine());
System.out.println(EntityUtils.toString(response.getEntity()));
} finally {
response.close();
}
} finally {
httpclient.close();
}
}
}

9.python使用代理设置

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
#!/user/bin/python
# -*- coding; UTF-8 -*-
import os, sys, urllib2

PROXY_INFO = {
'host': '10.57.22.8',
'port': 3128
}

def load_url(url):
proxy_support = urllib2.ProxyHandler({'http': \
'http://%(host)s:%(port)d' % PROXY_INFO})
opener = urllib2.build_opener(proxy_support, urllib2.HTTPHandler)
urllib2.install_opener(opener)


src = urllib2.urlopen(url)
return src.read()

if __name__ == '__main__':
print load_url("http://www.baidu.com")

10.maven使用代理

编辑~/.m2/settings.xml 在settings标签内增加配置

1
2
3
4
5
6
7
8
9
10
<proxies>
<proxy>
<id>default-proxy</id>
<active>true</active>
<protocol>http</protocol>
<host>10.57.22.8</host>
<port>3128</port>
<nonProxyHosts>maven.fraudmetrix.cn</nonProxyHosts>
</proxy>
</proxies>