first
This commit is contained in:
Nikita
parent
380a1f39cf
commit
71224e09ec
|
|
@ -0,0 +1,34 @@
|
|||
if [[ "$(whoami)" != "root" ]]
|
||||
then
|
||||
echo "use sudo"
|
||||
exit
|
||||
fi
|
||||
while true; do
|
||||
read -p "Do you want to install with icap? (Yy/Nn) " yn
|
||||
case $yn in
|
||||
[Yy]* ) read -p "Enter server ip: " serv
|
||||
echo "icap_enable on icap_service service_req reqmod_precache bypass=1 icap://$serv/request adaptation_access service_req allow all icap_send_client_ip on icap_send_client_username on"\
|
||||
>>squid.conf
|
||||
break;;
|
||||
[Nn]* ) break;;
|
||||
* ) echo "Please answer Y/y or N/n.";;
|
||||
esac
|
||||
done
|
||||
apt-get update -y > /dev/null
|
||||
dpkg -i *.deb > /dev/null
|
||||
apt install -f -y
|
||||
dpkg -i *.deb > /dev/null
|
||||
rm /etc/squid/squid.conf
|
||||
cp squid.conf /etc/squid/squid.conf
|
||||
openssl req -new -newkey rsa:2048 -days 3650 -nodes -x509 -keyout /etc/squid/squid.pem -out /etc/squid/squid.pem
|
||||
chown proxy:proxy /etc/squid/squid.pem
|
||||
chmod 640 /etc/squid/squid.pem
|
||||
openssl x509 -outform der -in /etc/squid/squid.pem -out /etc/squid/squid.crt
|
||||
/usr/lib/squid/security_file_certgen -c -s /var/lib/ssl_db -M 4MB
|
||||
chown proxy:proxy -R /var/lib/ssl_db
|
||||
squid -k reconfigure
|
||||
systemctl restart squid
|
||||
|
||||
|
||||
|
||||
|
||||
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
|
@ -0,0 +1,6 @@
|
|||
http_access allow all
|
||||
http_port 3128 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/etc/squid/squid.pem
|
||||
acl step1 at_step SslBump1
|
||||
ssl_bump peek step1
|
||||
ssl_bump bump all
|
||||
sslcrtd_program /usr/lib/squid/security_file_certgen -s /var/lib/ssl_db -M 4MB
|
||||
Binary file not shown.
Binary file not shown.
Loading…
Reference in New Issue