环境:

亚马逊服务器一台:3.26.80.132

华为云服务器一台:122.59.52.68

客户机一台: Win11

实现的需求:客户机通过设置华为云代理,实现透过亚马逊服务器上网

Squid + Stunnel 配置_服务器

一、亚马逊服务器

1、安装Squid


2、安装 Stunnel

yum install stunnel -y

2、生成自签名证书

cd /etc/stunnel/

# 创建证书
openssl req -new -x509 -days 3650 -nodes -out stunnel.pem -keyout stunnel.pem


# 根据提示,输入国家,省,市,公司,部门,姓名,邮箱
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:Shanghai
Locality Name (eg, city) [Default City]:Shanghai
Organization Name (eg, company) [Default Company Ltd]:MSH
Organizational Unit Name (eg, section) []:IT
Common Name (eg, your name or your server's hostname) []:Tomma
Email Address []:mshxuyi@gmail.com

3、创建配置文件

vim stunnel.conf

setuid = root
setgid = root
pid = /var/run/stunnel.pid

debug = 7
syslog = yes
output = /var/log/stunnel.log


cert = /etc/stunnel/stunnel.pem
CAfile = /etc/stunnel/stunnel.pem
verify = 3

socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
delay = no
sslVersion = all
options = NO_SSLv2

client=no                     # 服务端模式

[squid]
accept = 0.0.0.0:3129         # stunnel监听端口
connect = 3.26.80.132:3128    # 指向squid服务器

4、启动

stunnel /etc/stunnel/stunnel.conf

二、华为云服务器

 1、只需要安装Stunnel

yum install stunnel -y

2、从服务端拷贝证书文件过来

[root@msh stunnel]# ll

-rw-r--r-- 1 root root 3099 Oct  8 14:29 stunnel.pem

 3、创建配置文件

setuid = root
setgid = root
pid = /var/run/stunnel.pid

debug = 7
syslog = yes
output = /var/log/stunnel.log


cert = /etc/stunnel/stunnel.pem
CAfile = /etc/stunnel/stunnel.pem
verify = 3

socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
delay = no
sslVersion = all
options = NO_SSLv2

client=yes    # 客户端模式

[squid]
accept = 0.0.0.0:3129         # 监听端口
connect = 3.26.80.132:3129    # 指向服务端的Stunnel

4、启动

stunnel /etc/stunnel/stunnel.conf

三、客户机代理上网

 

Squid + Stunnel 配置_服务器_02