[我是Google Cloud的新手,所以我可能会解释不准确。\我在Google Cloud Platform上安装了具有Ubuntu 18.04的VM,并在其上安装了Squid 3代理服务器。代理已经配置好了。
http_port 3128 transparent
auth_param basic program /usr/lib/squid3/basic_ncsa_auth /etc/squid/passwd
auth_param basic children 2
auth_param basic realm My Proxy Server
auth_param basic credentialsttl 24 hours
auth_params basic casesensitive off
#add acl rules
acl users proxy_auth REQUIRED
#http access rules
http_access deny !users
http_access allow users
在Google控制台中,我可以看到服务器的外部IP地址,但是它不能通过它使用。
ifconfig命令显示下一个
ens4: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1460
inet 10.156.0.3 netmask 255.255.255.255 broadcast 0.0.0.0
inet6 fe80::4001:aff:fe9c:3 prefixlen 64 scopeid 0x20<link>
ether 42:01:0a:9c:00:03 txqueuelen 1000 (Ethernet)
RX packets 104399 bytes 83418274 (83.4 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 93840 bytes 12598292 (12.5 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 16697 bytes 1149429 (1.1 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 16697 bytes 1149429 (1.1 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
其中inet 10.156.0.3表示我的内部IP。我想我不了解Google平台或代理配置的一些简单工作规则。
您可以告诉我我哪里错了吗?谢谢。
要解决您的问题,您需要使用nmap检查VM上哪些端口已打开,如果3128已关闭,请为VM设置Network tag
并添加防火墙规则以允许对其进行访问。
我试图在我的测试虚拟机上复制您的问题:
检查Squid是否正在运行:
$ sudo systemctl status squid
● squid.service - LSB: Squid HTTP Proxy version 3.x
Loaded: loaded (/etc/init.d/squid; generated)
**Active: active (running)** since Wed 2020-02-19 11:47:50 UTC; 26s ago
使用nmap检查Squid的可访问性:
$ nmap -Pn 35.XXX.155.XXX
Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-19 12:53 CET
...
Host is up (0.023s latency).
Not shown: 996 filtered ports
PORT STATE SERVICE
22/tcp open ssh
3389/tcp closed ms-wbt-server
8000/tcp closed http-alt
8081/tcp closed blackice-icecap
乌贼不可用
编辑VM并设置Network tag
proxy-server
添加防火墙规则以使用Network tag
启用到Squid的连接:
$ gcloud compute --project=test-prj firewall-rules create proxy-server-rule --direction=INGRESS --priority=999 --network=default --action=ALLOW --rules=tcp:3128 --source-ranges=0.0.0.0/0 --target-tags=proxy-server
再次使用nmap检查Squid的可访问性
$ nmap -Pn 35.XXX.155.XXX
Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-19 12:53 CET
...
Host is up (0.022s latency).
Not shown: 995 filtered ports
PORT STATE SERVICE
22/tcp open ssh
3128/tcp open squid-http
3389/tcp closed ms-wbt-server
8000/tcp closed http-alt
8081/tcp closed blackice-icecap
现在鱿鱼可以使用了。