求助squid的配置
现在的环境是:阿里云ecs,两个网卡,一个主网卡一个辅助网卡,各有一个IP,都可以使用squid的代理.
现在辅助网卡又增加了一个弹性IP,绑定ecs成功,能ping通能SSH,
但是这个IP不可以使用squid,其他的两个IP都可以正常使用.请问是什么问题?
172.18.202.98和172.18.202.96都是正常使用的,
只有172.18.202.102这个不能使用
[*]http_port 3030
[*]
[*]cache deny all
[*]hierarchy_stoplist cgi-bin ?
[*]
[*]cache_log /var/log/squid/cache.log
[*]access_log /var/log/squid/access.log
[*]
[*]# access_log none
[*]# cache_store_log none
[*]# cache_log /dev/null
[*]
[*]refresh_pattern ^ftp: 1440 20% 10080
[*]refresh_pattern ^gopher: 1440 0% 1440
[*]refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
[*]refresh_pattern . 0 20% 4320
[*]
[*]acl localhost src 127.0.0.1/32 ::1
[*]acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
[*]acl localnet src 172.18.0.0/16
[*]http_access allow localnet
[*]acl source_172_18_202_102 src 172.18.202.102/32
[*]http_access allow source_172_18_202_102
[*]
[*]acl SSL_ports port 1-65535
[*]acl Safe_ports port 1-65535
[*]acl CONNECT method CONNECT
[*]acl siteblacklist dstdomain "/etc/squid/blacklist.acl"
[*]http_access allow manager localhost
[*]http_access deny manager
[*]
[*]http_access deny !Safe_ports
[*]
[*]http_access deny CONNECT !SSL_ports
[*]http_access deny siteblacklist
[*]auth_param basic program /usr/lib/squid3/basic_ncsa_auth /etc/squid/passwd
[*]
[*]auth_param basic children 5
[*]auth_param basic realm Squid proxy-caching web server
[*]auth_param basic credentialsttl 2 hours
[*]acl password proxy_auth REQUIRED
[*]http_access allow localhost
[*]http_access allow password
[*]http_access deny all
[*]
[*]forwarded_for off
[*]request_header_access Allow allow all
[*]request_header_access Authorization allow all
[*]request_header_access WWW-Authenticate allow all
[*]request_header_access Proxy-Authorization allow all
[*]request_header_access Proxy-Authenticate allow all
[*]request_header_access Cache-Control allow all
[*]request_header_access Content-Encoding allow all
[*]request_header_access Content-Length allow all
[*]request_header_access Content-Type allow all
[*]request_header_access Date allow all
[*]request_header_access Expires allow all
[*]request_header_access Host allow all
[*]request_header_access If-Modified-Since allow all
[*]request_header_access Last-Modified allow all
[*]request_header_access Location allow all
[*]request_header_access Pragma allow all
[*]request_header_access Accept allow all
[*]request_header_access Accept-Charset allow all
[*]request_header_access Accept-Encoding allow all
[*]request_header_access Accept-Language allow all
[*]request_header_access Content-Language allow all
[*]request_header_access Mime-Version allow all
[*]request_header_access Retry-After allow all
[*]request_header_access Title allow all
[*]request_header_access Connection allow all
[*]request_header_access Proxy-Connection allow all
[*]request_header_access User-Agent allow all
[*]request_header_access Cookie allow all
[*]request_header_access All deny all
[*]
[*]
[*]
[*]acl proxy_ip_172_18_202_96 myip 172.18.202.96
[*]tcp_outgoing_address 172.18.202.96 proxy_ip_172_18_202_96
[*]
[*]acl proxy_ip_172_18_202_98 myip 172.18.202.98
[*]tcp_outgoing_address 172.18.202.98 proxy_ip_172_18_202_98
[*]
[*]acl proxy_ip_172_18_202_102 myip 172.18.202.102
[*]tcp_outgoing_address 172.18.202.102 proxy_ip_172_18_202_102复制代码
这是配置文件的内容,前两个没问题,只有172.18.202.102这个不能使用
路由表:
[*]ip route show
[*]default via 172.18.207.253 dev eth1 proto static
[*]default via 172.18.207.253 dev eth0 proto dhcp src 172.18.202.96 metric 100
[*]default via 172.18.207.253 dev eth1 proto dhcp src 172.18.202.98 metric 200
[*]172.18.192.0/20 dev eth0 proto kernel scope link src 172.18.202.96 metric 100
[*]172.18.192.0/20 dev eth1 proto kernel scope link src 172.18.202.98 metric 200
[*]172.18.207.253 dev eth0 proto dhcp scope link src 172.18.202.96 metric 100
[*]172.18.207.253 dev eth1 proto dhcp scope link src 172.18.202.98 metric 200
[*]复制代码
ip addr show
[*]ip route show
[*]default via 172.18.207.253 dev eth1 proto static
[*]default via 172.18.207.253 dev eth0 proto dhcp src 172.18.202.96 metric 100
[*]default via 172.18.207.253 dev eth1 proto dhcp src 172.18.202.98 metric 200
[*]172.18.192.0/20 dev eth0 proto kernel scope link src 172.18.202.96 metric 100
[*]172.18.192.0/20 dev eth1 proto kernel scope link src 172.18.202.98 metric 200
[*]172.18.207.253 dev eth0 proto dhcp scope link src 172.18.202.96 metric 100
[*]172.18.207.253 dev eth1 proto dhcp scope link src 172.18.202.98 metric 200
[*]root@iZwz96t5lrt7slg2n3cqctZ:~# ^C
[*]root@iZwz96t5lrt7slg2n3cqctZ:~# ip addr show
[*]1: lo:mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
[*] link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
[*] inet 127.0.0.1/8 scope host lo
[*] valid_lft forever preferred_lft forever
[*] inet6 ::1/128 scope host
[*] valid_lft forever preferred_lft forever
[*]2: eth0:
mtu 1500 qdisc fq_codel state UP group default qlen 1000
[*] link/ether 00:16:3e:0c:36:4c brd ff:ff:ff:ff:ff:ff
[*] inet 172.18.202.96/20 metric 100 brd 172.18.207.255 scope global dynamic eth0
[*] valid_lft 315358791sec preferred_lft 315358791sec
[*] inet6 fe80::216:3eff:fe0c:364c/64 scope link
[*] valid_lft forever preferred_lft forever
[*]3: eth1:
mtu 1500 qdisc fq_codel state UP group default qlen 1000
[*] link/ether 00:16:3e:20:d9:28 brd ff:ff:ff:ff:ff:ff
[*] inet 172.18.202.98/20 metric 200 brd 172.18.207.255 scope global dynamic eth1
[*] valid_lft 315358791sec preferred_lft 315358791sec
[*] inet 172.18.202.102/20 brd 172.18.207.255 scope global secondary eth1
[*] valid_lft forever preferred_lft forever
[*] inet6 fe80::216:3eff:fe20:d928/64 scope link
[*] valid_lft forever preferred_lft forever
[*]复制代码
大佬们帮帮我,解决给两包华子,我去吃个宵夜,回来回复
static/image/smiley/default/cry.gif
吃完饭回来了没人回
页:
[1]