{"id":293021,"date":"2024-09-17T04:02:42","date_gmt":"2024-09-16T20:02:42","guid":{"rendered":"https:\/\/lrxjmw.cn\/rhrgsijfnwfw.html"},"modified":"2024-09-17T04:02:42","modified_gmt":"2024-09-16T20:02:42","slug":"rhrgsijfnwfw","status":"publish","type":"post","link":"https:\/\/lrxjmw.cn\/rhrgsijfnwfw.html","title":{"rendered":"\u5982\u4f55\u8ba9\u516c\u53f8 IDC \u673a\u623f\u5185\u7f51\u670d\u52a1\u5668\u5b9e\u73b0\u5bf9\u5916\u8bbf\u95ee\u5e76\u652f\u6301 http \u548c https \u8bf7\u6c42"},"content":{"rendered":"

$ubuntu\u7cfb\u7edf\u4ee3\u7406\u8bbe\u7f6e_ubuntu\u7ec8\u7aef\u8d70\u4ee3\u7406_ubuntu \u4ee3\u7406\u4e0a\u7f51$ <\/p>\n

\u9700\u6c42\u8bf4\u660e\uff1a\u516c\u53f8IDC\u673a\u623f\u6709\u4e00\u53f0\u670d\u52a1\u5668A\uff0c\u53ea\u6709\u5916\u7f51\u73af\u5883\uff1a192.168.1.150\u73b0\u4eca\u987b\u8981\u8ba9\u8fd9\u53f0\u670d\u52a1\u5668\u80fd\u5bf9\u5916\u8bbf\u95ee\uff0c\u80fd\u6b63\u5e38\u8bbf\u95eehttp\u548chttps\u6073\u6c42\uff08\u537380\u7aef\u53e3\u548c443\u7aef\u53e3\uff09<\/p>\n

$ubuntu \u4ee3\u7406\u4e0a\u7f51_ubuntu\u7cfb\u7edf\u4ee3\u7406\u8bbe\u7f6e_ubuntu\u7ec8\u7aef\u8d70\u4ee3\u7406$ <\/p>\n

\u64cd\u4f5c\u601d\u8def\uff1a\u5728IDC\u673a\u623f\u91cc\u53e6\u627e\u5176\u4ed6\u4e24\u53f0\u6709\u7f51\u6bb5\u73af\u5883\u7684\u670d\u52a1\u5668B\uff0858.68.250.8\/192.168.1.8\uff09\u548c\u670d\u52a1\u5668C\uff0858.68.250.5\/192.168.1.5\uff09ubuntu \u4ee3\u7406\u4e0a\u7f51<\/strong>\uff0c\u4e14\u8fd9\u4e24\u53f0\u670d\u52a1\u5668\u548c\u5916\u7f51\u73af\u5883\u7684\u670d\u52a1\u5668A\u80fd\u4e92\u76f8ping\u901a\u3002\uff08\u5176\u5b9e\u4e5f\u53ef\u4ee5\u5c06\u4e0b\u8fb9B\u7684http\u548cC\u673a\u5668\u7684https\u4ee3\u7406\u73af\u5883\u7f6e\u4e8e\u4e00\u53f0\u673a\u5668\u4e0a\u5e03\u7f72\uff09\u5176\u4e2d\uff1a<\/p>\n

\u5728\u670d\u52a1\u5668B\u4e0a\u5e03\u7f72squid\u7684http\u4ee3\u7406linux\u5220\u9664\u547d\u4ee4\uff0c\u8ba9\u670d\u52a1\u5668C\u901a\u8fc7\u5b83\u7684squid\u4ee3\u7406\u4e0a\u7f51ubuntu \u4ee3\u7406\u4e0a\u7f51<\/strong>\uff0c\u80fd\u6210\u529f\u8bbf\u95eehttp<\/p>\n

$ubuntu \u4ee3\u7406\u4e0a\u7f51_ubuntu\u7cfb\u7edf\u4ee3\u7406\u8bbe\u7f6e_ubuntu\u7ec8\u7aef\u8d70\u4ee3\u7406$ <\/p>\n

\u5728\u670d\u52a1\u5668C\u4e0a\u5e03\u7f72squid\u7684https\u4ee3\u7406LINUX \u5220\u9664\u76ee\u5f55\uff0c\u8ba9\u670d\u52a1\u5668C\u901a\u8fc7\u5b83\u7684squid\u4ee3\u7406\u4e0a\u7f51\uff0c\u80fd\u6210\u529f\u8bbf\u95eehttps[\u987b\u8981\u5728\u987e\u5ba2\u7aef\u5b89\u88c5stunnel]<\/p>\n

\u4e00\u3001\u670d\u52a1\u5668B\u4e0a\u7684\u64cd\u4f5c\u8bb0\u5f55\uff08http\u4ee3\u7406\uff09<\/p>\n

$ubuntu\u7cfb\u7edf\u4ee3\u7406\u8bbe\u7f6e_ubuntu\u7ec8\u7aef\u8d70\u4ee3\u7406_ubuntu \u4ee3\u7406\u4e0a\u7f51$ <\/p>\n

1<\/span>\uff09\u5b89\u88c5squid<\/span><\/code>yum\u547d\u4ee4\u76f4\u63a5\u5728\u7ebf\u5b89\u88c5squid<\/span><\/code>[root@openstack ~]# yum install -y gcc openssl openssl-devel #\u4f9d\u8d56\u8f6f\u4ef6\u8981\u5148\u63d0\u524d\u5b89\u88c5<\/span><\/span><\/code>[root@openstack ~]# yum install squid<\/span><\/span><\/code> <\/span><\/code>\u5b89\u88c5\u5b8c\u6210\u540e\uff0c\u4fee\u6539squid.conf \u6587\u4ef6\u4e2d\u7684\u5185\u5bb9\uff0c\u4fee\u6539\u4e4b\u524d\u53ef\u4ee5\u5148\u5907\u4efd\u8be5\u6587\u4ef6<\/span><\/code>[root@openstack ~]# cd \/etc\/squid\/<\/span><\/span><\/code>[root@openstack squid]# cp squid.conf squid.conf_bak<\/span><\/span><\/code>[root@openstack squid]# vim squid.conf<\/span><\/span><\/code>http_access allow all                                                   #\u4fee\u6539deny\u4e3aallow<\/span><\/span><\/code>http_port 192.168<\/span>.1.8<\/span>:3128<\/span><\/span><\/code>cache_dir ufs \/var\/spool\/squid 100<\/span> 16<\/span> 256<\/span>                    #\u6253\u5f00\u8fd9\u4e2a\u6ce8\u91ca\uff0c\u4fdd\u8bc1\/var\/spool\/squid\u8fd9\u4e2a\u7f13\u5b58\u76ee\u5f55\u5b58\u5728<\/span><\/span><\/code> <\/span><\/code>2<\/span>\uff09\u542f\u52a8squid\uff0c\u542f\u52a8\u524d\u8fdb\u884c\u6d4b\u8bd5\u548c\u521d\u59cb\u5316<\/span><\/code>[root@openstack squid]# squid -k parse                    #\u6d4b\u8bd5<\/span><\/span><\/code>2016<\/span>\/08\/09 13<\/span>:35<\/span>:04<\/span>| Processing Configuration File: \/etc\/squid<\/span>\/squid.conf (depth 0)<\/span><\/span><\/code>2016\/<\/span>08\/09 13<\/span>:35<\/span>:04<\/span>| Processing: acl manager proto cache_object<\/span><\/code>..............<\/span><\/code>..............<\/span><\/code>2016<\/span>\/08\/09 13<\/span>:35<\/span>:04<\/span>| Processing: refresh_pattern . 0<\/span> 20<\/span>% 4320<\/span><\/span><\/code>2016<\/span>\/08\/09 13<\/span>:35<\/span>:04<\/span>| Initializing https proxy context<\/span><\/code> <\/span><\/code>[root@openstack squid]# squid -z                            #\u521d\u59cb\u5316<\/span><\/span><\/code>2016<\/span>\/08\/09 13<\/span>:35<\/span>:12<\/span>| Creating Swap Directories<\/span><\/code> <\/span><\/code>[root@openstack squid]# \/etc\/init.d\/squid start<\/span><\/span><\/code>Starting squid: . [ OK ]<\/span><\/code> <\/span><\/code>-------------------------------------------------------------------------------------------<\/span><\/code>\u5982\u679c\u5f00\u542f\u4e86\u9632\u706b\u5899iptables\u89c4\u5219\uff0c\u5219\u8fd8\u9700\u8981\u5728\/etc\/sysconfig\/iptables\u91cc\u6dfb\u52a0\u4e0b\u9762\u4e00\u884c\uff0c\u5373\u5141\u8bb83128<\/span>\u7aef\u53e3\u8bbf\u95ee\uff1a<\/span><\/code>-A INPUT -s<\/span> 192.168<\/span>.1.0<\/span>\/24<\/span> -p tcp -m<\/span> state<\/span> --state<\/span> NEW -m<\/span> tcp --dport 3128<\/span> -j ACCEPT<\/span><\/code>--------------------------------------------------------------------------------------------<\/span><\/code> <\/span><\/code>\u7136\u540e\u91cd\u542fiptables\u670d\u52a1<\/span><\/code>
<\/span><\/code>[root@openstack squid]# \/etc\/init.d\/iptables restart<\/span><\/span><\/code><\/pre>\n<\/p>\n\u4e8c\u3001\u670d\u52a1\u5668C\u4e0a\u7684\u7684\u64cd\u4f5c\u8bb0\u5f55\uff08https\u4ee3\u7406\uff09<\/p>\n
\n
1\uff09\u5b89\u88c5squid<\/span><\/code>yum\u547d\u4ee4\u76f4\u63a5\u5728\u7ebf\u5b89\u88c5squid<\/span><\/code>[root@openstack ~]# yum install -y gcc openssl openssl-devel #\u4f9d\u8d56\u8f6f\u4ef6\u8981\u5148\u63d0\u524d\u5b89\u88c5<\/span><\/span><\/code>[root@openstack ~]# yum install squid<\/span><\/span><\/code>[root@openstack ~]# cd \/etc\/squid\/<\/span><\/span><\/code>[root@openstack squid]# cp squid.conf squid.conf_bak<\/span><\/span><\/code> <\/span><\/code>2\uff09\u73b0\u5728\u5f00\u59cb\u751f\u6210\u52a0\u5bc6\u4ee3\u7406\u8bc1\u4e66:<\/span><\/code>[root@bastion-IDC squid]# pwd<\/span><\/span><\/code>\/etc\/squid<\/span><\/code>[root@bastion-IDC squid]# openssl req -new > lidongbest5.csr<\/span><\/span><\/code>Generating a 2048 bit RSA private key<\/span><\/code>..........................................................................+++<\/span><\/code>.........................................................................................................+++<\/span><\/code>writing new private key to 'privkey.pem'<\/span><\/code>Enter PEM pass phrase:                                                                   #\u8f93\u5165\u5bc6\u7801\uff0c\u540e\u9762\u4f1a\u7528\u5230\uff0c\u6bd4\u5982\u8fd9\u91cc\u8f93\u5165123456<\/span><\/span><\/code>Verifying - Enter PEM pass phrase:<\/span><\/code>-----<\/span><\/span><\/code>You are about to be asked to enter information that will be incorporated<\/span><\/code>into your certificate request.<\/span><\/code>What you are about to enter is what is called a Distinguished Name or a DN.<\/span><\/code>There are quite a few fields but you can leave some blank<\/span><\/code>For some fields there will be a default value,<\/span><\/code>If you enter '.', the field will be left blank.<\/span><\/code>-----<\/span><\/span><\/code>Country Name (2 letter code) [XX]:cn                                                  #\u56fd\u5bb6<\/span><\/span><\/code>State or Province Name (full name) []:beijing                                       #\u7701\u4efd<\/span><\/span><\/code>Locality Name (eg, city) [Default City]:beijing                                      #\u5730\u533a\u540d\u5b57<\/span><\/span><\/code>Organization Name (eg, company) [Default Company Ltd]:huanqiu        #\u516c\u53f8\u540d<\/span><\/span><\/code>Organizational Unit Name (eg, section) []:Technology                            #\u90e8\u95e8<\/span><\/span><\/code>Common Name (eg, your name or your server's hostname) []:huanqiu    #CA\u4e3b\u673a\u540d<\/span><\/span><\/code>Email Address []:wangshibo@xqshijie.cn                                              #\u90ae\u7bb1<\/span><\/span><\/code> <\/span><\/code>Please enter the following 'extra' attributes<\/span><\/code>to be sent with<\/span> your certificate request<\/span><\/code>A challenge password<\/span> []:123456<\/span>                                                         #\u8bc1\u4e66\u8bf7\u6c42\u5bc6\u94a5\uff0cCA\u8bfb\u53d6\u8bc1\u4e66\u7684\u65f6\u5019\u9700\u8981\u8f93\u5165\u5bc6\u7801<\/span><\/span><\/code>An optional company name<\/span> []:huanqiu                                                #-\u516c\u53f8\u540d\u79f0\uff0cCA\u8bfb\u53d6\u8bc1\u4e66\u7684\u65f6\u5019\u9700\u8981\u8f93\u5165\u540d\u79f0<\/span><\/span><\/code> <\/span><\/code>[root@bastion-IDC squid]# openssl rsa -in privkey.pem -out lidongbest5.key<\/span><\/span><\/code>Enter pass phrase for<\/span> privkey.pem:                                                     #\u8f93\u5165\u4e0a\u9762\u8bbe\u7f6e\u7684\u5bc6\u7801123456<\/span><\/span><\/code>writing RSA key<\/span><\/span><\/code> <\/span><\/code>[root@bastion-IDC squid]# openssl x509 -in lidongbest5.csr -out lidongbest5.crt -req -signkey lidongbest5.key -days 3650<\/span><\/span><\/code>Signature ok<\/span><\/code>subject=\/C=cn\/ST=beijing\/L=beijing\/O=huanqiu\/OU=Technology\/CN=huanqiu\/emailAddress=wangshibo@xqshijie.cn<\/span><\/code>Getting Private<\/span> key<\/span><\/span><\/code> <\/span><\/code>\u4fee\u6539squid.conf\u914d\u7f6e\u6587\u4ef6<\/span><\/code>[root@bastion-IDC squid]# vim squid.conf<\/span><\/span><\/code>http_access allow<\/span> all<\/span> #deny\u4fee\u6539\u4e3aallow<\/span><\/span><\/code>#http_port 3128                                                                    #\u6ce8\u91ca\u6389<\/span><\/span><\/code>https_port 192.168<\/span>.1<\/span>.5<\/span>:443<\/span> cert=\/etc\/squid\/lidongbest5.crt key<\/span>=\/etc\/squid\/lidongbest5.key            #\u6dfb\u52a0\u8fd9\u4e00\u884c<\/span><\/span><\/code>cache_dir ufs \/var<\/span>\/spool\/squid 100<\/span> 16<\/span> 256<\/span>                             #\u6253\u5f00\u8fd9\u4e2a\u6ce8\u91ca\uff0c\u4fdd\u8bc1\/var\/spool\/squid\u8fd9\u4e2a\u7f13\u5b58\u76ee\u5f55\u5b58\u5728<\/span><\/span><\/code> <\/span><\/code>3<\/span>\uff09\u91cd\u542fsquid\u670d\u52a1<\/span><\/code>[root@bastion-IDC squid]# squid -k parse<\/span><\/span><\/code>[root@bastion-IDC squid]# squid -z<\/span><\/span><\/code>[root@bastion-IDC squid]# squid reload<\/span><\/span><\/code>[root@bastion-IDC squid]# \/etc\/init.d\/squid restart<\/span><\/span><\/code> <\/span><\/code>-------------------------------------------------------------------------------------------<\/span><\/span><\/code>\u5982\u679c\u5f00\u542f\u4e86\u9632\u706b\u5899iptables\u89c4\u5219\uff0c\u5219\u8fd8\u9700\u8981\u5728\/etc\/sysconfig\/iptables\u91cc\u6dfb\u52a0\u4e0b\u9762\u4e00\u884c\uff0c\u5373\u5141\u8bb8443<\/span>\u7aef\u53e3\u8bbf\u95ee\uff1a<\/span><\/code>-A INPUT<\/span> -s 192.168<\/span>.1<\/span>.0<\/span>\/24<\/span> -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT<\/span><\/span><\/code>-------------------------------------------------------------------------------------------<\/span><\/span><\/code> <\/span><\/code>\u7136\u540e\u91cd\u542fiptables\u670d\u52a1<\/span><\/code>[root@bastion-IDC squid]# \/etc\/init.d\/iptables restart<\/span><\/span><\/code><\/pre>\n<\/p>\n\u4e09\u3001\u670d\u52a1\u5668A\uff08\u5373\u987e\u5ba2\u7aef\uff09\u4e0a\u7684\u64cd\u4f5c\u8bb0\u5f55<\/p>\n
<\/p>\n
\n
1<\/span>\uff09\u5b89\u88c5\u914d\u7f6estunnel<\/span><\/code>\u5173\u95ed\u5ba2\u6237\u7aef\u7684iptables\u9632\u706b\u5899<\/span><\/code>[root@dev<\/span>-new<\/span>-test1 ~]# \/etc\/init.d\/iptables stop<\/span><\/code> <\/span><\/code>[root@dev<\/span>-new<\/span>-test1 ~]# cd \/usr\/local\/src\/<\/span><\/code>[root@dev<\/span>-new<\/span>-test1 src]# pwd<\/span><\/code>\/usr\/local\/src<\/span><\/code> <\/span><\/code> <\/span><\/code>\u5b98\u7f51\u4e0b\u8f7d\uff1ahttp:\/\/www.stunnel.org\/downloads.html<\/span><\/span><\/code>\u767e\u5ea6\u4e91\u76d8\u4e0b\u8f7d\uff1ahttps:\/\/pan.baidu.com\/s\/1JXqfB7yc6H2GY9qtBVO4iw     \u63d0\u53d6\u5bc6\u7801\uff1a4kt8<\/span><\/span><\/code>[root@dev<\/span>-new<\/span>-test1 ~]#yum install -y openssl openssl-devel gcc<\/span><\/code> <\/span><\/code>[root@dev<\/span>-new<\/span>-test1 src]# ls<\/span><\/code>stunnel-5.45<\/span>.tar.gz<\/span><\/code>[root@dev<\/span>-new<\/span>-test1 src]# tar -zvxf stunnel-5.45<\/span>.tar.gz<\/span><\/code>[root@dev<\/span>-new<\/span>-test1 src]# ls<\/span><\/code>stunnel-5.45<\/span> stunnel-5.45<\/span>.tar.gz<\/span><\/code>[root@dev<\/span>-new<\/span>-test1 src]# cd stunnel-5.45<\/span><\/span><\/code>[root@dev<\/span>-new<\/span>-test1 stunnel-5.45<\/span>]# .\/configure<\/span><\/code>[root@dev<\/span>-new<\/span>-test1 stunnel-5.45<\/span>]# make && make install<\/span><\/code> <\/span><\/code>\u5b89\u88c5\u5b8c\u6210\u540e\uff0c\u914d\u7f6estunnel.conf<\/span><\/code>[root@dev<\/span>-new<\/span>-test1 stunnel-5.45<\/span>]# cd \/usr\/local\/etc\/stunnel\/<\/span><\/code>[root@dev<\/span>-new<\/span>-test1 stunnel]# ls<\/span><\/code>stunnel.conf-sample<\/span><\/code>[root@dev<\/span>-new<\/span>-test1 stunnel]# cp stunnel.conf-sample stunnel.conf<\/span><\/code>[root@dev<\/span>-new<\/span>-test1 stunnel]# ls<\/span><\/code>stunnel.conf stunnel.conf-sample<\/span><\/code>[root@dev<\/span>-new<\/span>-test1 stunnel]# cat stunnel.conf              #\u628a\u539f\u6765\u5185\u5bb9\u6e05\u7a7a\uff0c\u5199\u5165\uff1a<\/span><\/code>client = yes<\/span><\/code>[https]<\/span><\/code>accept = 127.0<\/span>.0<\/span>.1<\/span>:8088<\/span><\/span><\/code>connect = 192.168<\/span>.1<\/span>.5<\/span>:443<\/span>                               #\u8fd0\u884c\u672c\u673astunnel\u7aef\u53e38088<\/span>\u8fde\u63a5squid\u670d\u52a1\u7aef192.168<\/span>.1<\/span>.5<\/span>\u7684443<\/span>\u7aef\u53e3\uff0c\u7136\u540e\u5728\/etc\/profile\u91cc\u914d\u7f6e\u672c\u673a8088<\/span>\u7aef\u53e3\u4ee3\u7406\uff08\u5982\u4e0b\uff09<\/span><\/code> <\/span><\/code>2<\/span>\uff09\u542f\u52a8stunnel\u670d\u52a1<\/span><\/code>[root@dev<\/span>-new<\/span>-test1 stunnel]# \/usr\/local\/bin\/stunnel \/usr\/local\/etc\/stunnel\/stunnel.conf<\/span><\/code>[root@dev<\/span>-new<\/span>-test1 stunnel]# ps -ef|grep stunnel<\/span><\/code>root 20281<\/span> 1<\/span> 0<\/span> 02<\/span>:23<\/span> ? 00<\/span>:00<\/span>:00<\/span> \/usr\/local\/bin\/stunnel \/usr\/local\/etc\/stunnel\/stunnel.conf<\/span><\/code>root 20283<\/span> 13002<\/span> 0<\/span> 02<\/span>:23<\/span> pts\/0<\/span> 00<\/span>:00<\/span>:00<\/span> grep --color stunnel<\/span><\/code>[root@dev<\/span>-new<\/span>-test1 stunnel]# lsof -i:8088<\/span><\/span><\/code>COMMAND PID USER FD TYPE DEVICE SIZE\/OFF NODE NAME<\/span><\/code>stunnel 20281<\/span> root 7<\/span>u IPv4 745475<\/span> 0<\/span>t0 TCP localhost:radan-http (LISTEN)<\/span><\/code> <\/span><\/code>3<\/span>\uff09\u914d\u7f6e\/etc\/profile\u7cfb\u7edf\u73af\u5883\u53d8\u91cf<\/span><\/code>\u5e95\u90e8\u6dfb\u52a0\u4e0b\u9762\u4e24\u884c<\/span><\/code>[root@dev<\/span>-new<\/span>-test1 stunnel]# vim \/etc\/profile<\/span><\/code>...............<\/span><\/code>export<\/span> http_proxy=http:\/\/192.168.1.8:3128                          #\u8fd9\u4e2a\u662f\u901a\u8fc7\u670d\u52a1\u7aefA\u673a\u5668\u76843128\u7aef\u53e3\u7684squid\u4e0a\u7f51\uff08http\u4ee3\u7406\uff09<\/span><\/span><\/code>export<\/span> https_proxy=http:\/\/127.0.0.1:8088                            #\u8fd9\u4e2a\u662f\u901a\u8fc7\u670d\u52a1\u7aefB\u673a\u5668\u7684443\u7aef\u53e3\u7684squid\u4e0a\u7f51\uff08https\u4ee3\u7406\uff09<\/span><\/span><\/code> <\/span><\/code>[root@dev<\/span>-new<\/span>-test1 stunnel]# source \/etc\/profile                   #\u914d\u7f6e\u751f\u6548<\/span><\/code> <\/span><\/code>4<\/span>\uff09\u6d4b\u8bd5\uff1a<\/span><\/code>[root@dev<\/span>-new<\/span>-test1 stunnel]# curl http:\/\/www.baidu.com                           #\u8bbf\u95ee80\u7aef\u53e3ok<\/span><\/span><\/code>[root@dev<\/span>-new<\/span>-test1 stunnel]# curl https:\/\/www.xqshijie.com                      #\u8bbf\u95ee443\u7aef\u53e3ok<\/span><\/span><\/code>[root@dev<\/span>-new<\/span>-test1 stunnel]# yum list                                                     #yum\u53ef\u4ee5\u6b63\u5e38\u4f7f\u7528<\/span><\/code>[root@dev<\/span>-new<\/span>-test1 stunnel]# wget http:\/\/www.autohome.com.cn\/3442      #wget\u6b63\u5e38\u4e0b\u8f7d<\/span><\/span><\/code><\/pre>\n<\/p>\n+++++++++++++++++++++++++++++++++++++++++++++++++++<\/p>\n
\n
\u5982\u679c\u5ba2\u6237\u673a\u662fubuntu\u7cfb\u7edf\uff0c\u5219\u5b89\u88c5\u914d\u7f6estunnel\u8bb0\u5f55\u5982\u4e0b\uff1a<\/span><\/code>root@kevin-KVM:~# apt-get install stunnel4<\/span><\/span><\/code>root@kevin-KVM:~# cd \/etc\/stunnel\/<\/span><\/span><\/code>root@kevin-KVM:\/etc\/stunnel<\/span># ls<\/span><\/span><\/code>README<\/span><\/code>root@kevin-KVM:\/etc\/stunnel<\/span># vim stunnel.conf    #\u624b\u52a8\u521b\u5efa\u8be5\u914d\u7f6e\u6587\u4ef6<\/span><\/span><\/code>client = yes<\/span><\/code>[https]<\/span><\/code>accept<\/span> = 127.0<\/span>.0<\/span>.1<\/span>:8088<\/span><\/span><\/code>connect<\/span> = 192.168<\/span>.1.8<\/span>:443<\/span><\/span><\/code> <\/span><\/code>root@kevin-KVM:\/etc\/stunnel<\/span># vim \/etc\/default\/stunnel4<\/span><\/span><\/code>......<\/span><\/code>ENABLED=1<\/span>          #\u9ed8\u8ba4\u4e3a0<\/span><\/span><\/code> <\/span><\/code>=========================================================<\/span><\/code>\u6ce8\u610f\uff1a<\/span><\/code>\u4e0a\u9762\u7684ENABLED\u4e00\u5b9a\u8981\u4fee\u6539\u4e3a1<\/span>\uff0c\u5426\u5219\u542f\u52a8stunne\u670d\u52a1\u65f6\u4f1a\u5931\u8d25\uff0c\u901a\u8fc7status\u67e5\u770b\u62a5\u9519\u4e3a\uff1a<\/span><\/code>5<\/span>\u6708 27<\/span> 00<\/span>:45<\/span>:56<\/span> kevin-KVM systemd[1<\/span>]: Starting LSB: Start or<\/span> stop stunnel 4<\/span>.x (SSL tunnel for<\/span> network daemons)...<\/span><\/code>5<\/span>\u6708 27<\/span> 00<\/span>:45<\/span>:56<\/span> kevin-KVM stunnel4[23356<\/span>]: SSL tunnels disabled, see \/etc\/default\/stunnel4<\/span><\/code>5<\/span>\u6708 27<\/span> 00<\/span>:45<\/span>:56<\/span> kevin-KVM systemd[1<\/span>]: Started LSB: Start or<\/span> stop stunnel 4<\/span>.x (SSL tunnel for<\/span> network daemons).<\/span><\/code>=========================================================<\/span><\/code> <\/span><\/code>\u63a5\u7740\u542f\u52a8stunne\u670d\u52a1<\/span><\/code>root@kevin-KVM:~# \/etc\/init.d\/stunnel4 start <\/span><\/span><\/code>root@kevin-KVM:~# \/etc\/init.d\/stunnel4 restart<\/span><\/span><\/code>root@kevin-KVM:\/etc\/stunnel<\/span># lsof -i:8088<\/span><\/span><\/code>COMMAND    PID USER   FD   TYPE DEVICE SIZE\/OFF NODE NAME<\/span><\/code>stunnel4 23625<\/span> root    7<\/span>u  IPv4 138476<\/span>      0t0<\/span>  TCP localhost:omniorb (LISTEN)<\/span><\/code> <\/span><\/code>\u7136\u540e\u8fdb\u884c\u4ee3\u7406\u7684\u73af\u5883\u53d8\u91cf\u914d\u7f6e<\/span><\/code>root@kevin-KVM:~# cat \/etc\/profile<\/span><\/span><\/code>......<\/span><\/code>export http_proxy=http:\/\/<\/span>192.168<\/span>.1.8<\/span>:3128<\/span><\/span><\/code>export https_proxy=http:\/\/<\/span>127.0<\/span>.0<\/span>.1<\/span>:8088<\/span><\/span><\/code> <\/span><\/code>root@kevin-KVM:~# source \/etc\/profile<\/span><\/span><\/code> <\/span><\/code>\u6d4b\u8bd5\u4e0a\u7f51\uff1a<\/span><\/code>root@kevin-KVM:~# curl http:\/\/www.baidu.com<\/span><\/span><\/code>root@kevin-KVM:~# curl https:\/\/www.baidu.com<\/span><\/span><\/code><\/pre><\/p>\n","protected":false},"excerpt":{"rendered":"\uff08\u5f53\u7136\u4e5f\u53ef\u4ee5\u5c06\u4e0b\u9762B\u7684http\u548cC\u673a\u5668\u7684https\u4ee3\u7406\u73af\u5883\u653e\u5728\u4e00\u53f0\u673a\u5668\u4e0a\u90e8\u7f72\uff09\u5176\u4e2d\uff1a\u5728\u670d\u52a1\u5668B\u4e0a\u90e8\u7f72squid\u7684http\u4ee3\u7406\uff0c\u8ba9\u670d\u52a1\u5668C\u901a\u8fc7\u5b83\u7684squid\u4ee3\u7406\u4e0a\u7f51\uff0c\u80fd\u6210\u529f\u8bbf\u95eehttp\u4e00\u3001\u670d\u52a1\u5668B\u4e0a\u7684\u64cd\u4f5c\u8bb0\u5f55\uff08http\u4ee3\u7406\uff09\u4e8c\u3001\u670d\u52a1\u5668C\u4e0a\u7684\u7684\u64cd\u4f5c\u8bb0\u5f55\uff08https\u4ee3\u7406\uff09<\/p>\n","protected":false},"author":1,"featured_media":293022,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[988],"tags":[1436,3037,1686,1881],"class_list":["post-293021","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-tougao","tag-wb","tag-bq","tag-sb-2","tag-qq"],"acf":[],"_links":{"self":[{"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/posts\/293021","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/comments?post=293021"}],"version-history":[{"count":0,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/posts\/293021\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/media\/293022"}],"wp:attachment":[{"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/media?parent=293021"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/categories?post=293021"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/tags?post=293021"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}