Nginx是一款以轻量级、低内存开销、支持缓存、支持反向代理,负载均衡,电子邮件服务而著称。对于鲜为人知的是,它还可以作为一个简单易用的正向代理服务器。本文简要描述这个正向代理功能并给出演示,供大家参考。
有关Nginx的安装请参考
CentOS 7下yum方式安装Nginx
Nginx 概述及日常管理
Nginx基于IP,端口,域名配置虚拟主机
一、配置nginx正向代理服务端配置
演示环境
# more /etc/redhat-release
CentOS Linux release 7.2.1511 (Core)
当前主机名称及ip
# hostname
centos7-router
# ip addr|grep -inet|grep global
9: inet 172.24.8.254/24 brd 172.24.8.255 scope global eno16777728
15: inet 192.168.1.175/24 brd 192.168.1.255 scope global dynamic eno33554960
当前主机的dns配置
# more /etc/resolv.conf
# Generated by NetworkManager
nameserver 192.168.1.1
nginx版本
# nginx -v
nginx version: nginx/1.12.2
nginx正向代理配置
# vim /etc/nginx/conf.d/proxy.conf
server {
listen 8080; ##指定一个非缺省端口用于提供代理服务
server_name localhost;
resolver 192.168.1.1; ##指定DNS服务器IP
location / {
proxy_pass $scheme://$host$request_uri;
proxy_set_header Host $http_host;
##proxy_pass:设置代理服务器的协议和地址以及位置应映射到的可选URI。协议可指定http或https
##proxy_set_header:与许字段重新定义或附加请求标头传递给代理服务器
proxy_buffers 256 4k; ## Author : Leshami
proxy_max_temp_file_size 0; ## Blog : http://blog.csdn.net/leshami
##proxy_buffers:为单个连接设置用于从代理服务器读取响应的缓冲区个数和缓冲区大小
##proxy_max_temp_file_size:禁用缓冲对临时文件的响应
proxy_connect_timeout 30; ##代理连接超时时间
proxy_cache_valid 200 302 10m; ##为不同的响应代码设置缓存时间
proxy_cache_valid 301 1h;
proxy_cache_valid any 1m;
}
}
# systemctl reload nginx.service
# ss -nltp|grep nginx
LISTEN 0 128 *:8080 *:* users:(("nginx",pid=110780,fd=10),("nginx",pid=19774,fd=10))
LISTEN 0 128 *:80 *:* users:(("nginx",pid=110780,fd=6),("nginx",pid=19774,fd=6))
防火墙配置
# firewall-cmd --add-port=8080/tcp --permanent
# firewall-cmd --reload二、客户端配置
客户端主机名及IP
# hostname
centos7-web.example.com
# ip addr|grep inet|grep global
inet 172.24.8.128/24 brd 172.24.8.255 scope global eno16777728
临时设置当前环境变量http_proxy
# export http_proxy=http://172.24.8.254:8080
# curl -I http://www.baidu.com
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Tue, 24 Oct 2017 14:59:44 GMT
Content-Type: text/html
Content-Length: 277
Connection: keep-alive
Last-Modified: Mon, 13 Jun 2016 02:50:26 GMT
ETag: "575e1f72-115"
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Accept-Ranges: bytes
清除http_proxy
# unset http_proxy
演示wget直接使用代理参数方式访问网络
# wget -e "http_proxy=http://172.24.8.254:8080" www.baidu.com
--2017-10-24 23:03:48-- http://www.baidu.com/
Connecting to 172.24.8.254:8080... connected.
Proxy request sent, awaiting response... 200 OK
Length: 2381 (2.3K) [text/html]
Saving to: ‘index.html’
演示curl直接使用代理参数方式访问网络
# curl -x http://172.24.8.254:8080 -I http://www.baidu.com
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Tue, 24 Oct 2017 15:07:39 GMT
Content-Type: text/html
Content-Length: 277
Connection: keep-alive
Last-Modified: Mon, 13 Jun 2016 02:50:26 GMT
ETag: "575e1f72-115"
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Accept-Ranges: bytes
如果需要用户名密码,格式
curl -x "http://user:pwd@host:port" www.baidu.com
配置http_proxy以及ftp_proxy到应用程序,如yum代理配置
/etc/yum.conf里面增加proxy=proxy_addr:port。
# unset http_proxy
# cp /etc/yum.conf /etc/yum.conf.bk
# echo "proxy=http://172.24.8.254:8080">>/etc/yum.conf
# tail -1 /etc/yum.conf
proxy=http://172.24.8.254:8080
# vim /etc/yum.repo.d/nginx.repo
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/7/$basearch/
gpgcheck=0
enabled=1
# yum clean all
# yum repolist
Loaded plugins: fastestmirror, langpacks
nginx | 2.9 kB 00:00:00
nginx/x86_64/primary_db | 31 kB 00:00:01
Determining fastest mirrors
repo id repo name status
nginx/x86_64 nginx repo 90
repolist: 90
[root@centos7-web yum.repos.d]# yum makecache
Loaded plugins: fastestmirror, langpacks
nginx | 2.9 kB 00:00:00
(1/2): nginx/x86_64/other_db | 16 kB 00:00:00
(2/2): nginx/x86_64/filelists_db | 39 kB 00:00:01
Loading mirror speeds from cached hostfile
Metadata Cache Created
全局配置
# cp /etc/skel/.bash_profile /etc/skel/.bash_profile.bk
# vim /etc/skel/.bash_profile
export http_proxy=http://172.24.8.254:8080
export https_proxy=http://172.24.8.254:8080
# source /etc/skel/.bash_profile
# env |grep http
http_proxy=http://172.24.8.254:8080
https_proxy=http://172.24.8.254:8080
