Nginx is known for its lightweight, low memory overhead, support for caching, support for reverse proxy, [load balancing] (https://cloud.tencent.com/product/clb?from=10680), and email services. What is less known is that it can also be used as a simple and easy to use forward proxy server. This article briefly describes this forward proxy function and gives a demonstration for your reference.
For Nginx installation, please refer to
Install Nginx in yum mode under CentOS 7Nginx overview and daily managementNginx configures virtual host based on IP, port and domain name
Demo environment
# more /etc/redhat-release
CentOS Linux release 7.2.1511(Core)
Current host name and ip
# hostname
centos7-router
# ip addr|grep -inet|grep global
9: inet 172.24.8.254/24 brd 172.24.8.255 scope global eno16777728
15: inet 192.168.1.175/24 brd 192.168.1.255 scope global dynamic eno33554960
The dns configuration of the current host
# more /etc/resolv.conf
# Generated by NetworkManager
nameserver 192.168.1.1
nginx version
# nginx -v
nginx version: nginx/1.12.2
Nginx forward proxy configuration
# vim /etc/nginx/conf.d/proxy.conf
server {
listen 8080; ##Specify a non-default port to provide proxy services
server_name localhost;
resolver 192.168.1.1; ##Specify DNS server IP
location /{
proxy_pass $scheme://$host$request_uri;
proxy_set_header Host $http_host;
## proxy_pass: Set the protocol and address of the proxy server and the optional URI to which the location should be mapped. Protocol can specify http or https
## proxy_set_header: Redefine the fields with the permission or pass additional request headers to the proxy server
proxy_buffers 256 4k; ## Author : Leshami
proxy_max_temp_file_size 0; ## Blog : http://blog.csdn.net/leshami
## proxy_buffers: Set the number of buffers and buffer size for reading responses from the proxy server for a single connection
## proxy_max_temp_file_size: Disable buffering of responses to temporary files
proxy_connect_timeout 30; ##Agent connection timeout
proxy_cache_valid 200302 10m; ##Set the cache time for different response codes
proxy_cache_valid 301 1h;
proxy_cache_valid any 1m;}}
# systemctl reload nginx.service
# ss -nltp|grep nginx
LISTEN 0128*:8080*:* users:(("nginx",pid=110780,fd=10),("nginx",pid=19774,fd=10))
LISTEN 0128*:80*:* users:(("nginx",pid=110780,fd=6),("nginx",pid=19774,fd=6))
Firewall configuration
# firewall-cmd --add-port=8080/tcp --permanent
# firewall-cmd --reload
Client host name and IP
# hostname
centos7-web.example.com
# ip addr|grep inet|grep global
inet 172.24.8.128/24 brd 172.24.8.255 scope global eno16777728
Temporarily set the current environment variable http_proxy
# export http_proxy=http://172.24.8.254:8080
# curl -I http://www.baidu.com
HTTP/1.1200 OK
Server: nginx/1.12.2
Date: Tue,24 Oct 201714:59:44 GMT
Content-Type: text/html
Content-Length:277
Connection: keep-alive
Last-Modified: Mon,13 Jun 201602:50:26 GMT
ETag:"575e1f72-115"
Cache-Control:private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Accept-Ranges: bytes
Clear http_proxy
# unset http_proxy
Demonstrate that wget directly uses proxy parameters to access the network
# wget -e "http_proxy=http://172.24.8.254:8080" www.baidu.com
- - 2017- 10- 2423:03:48- - http://www.baidu.com/
Connecting to 172.24.8.254:8080... connected.
Proxy request sent, awaiting response...200 OK
Length:2381(2.3K)[text/html]
Saving to: ‘index.html’
Demonstrate that curl directly uses proxy parameters to access the network
# curl -x http://172.24.8.254:8080-I http://www.baidu.com
HTTP/1.1200 OK
Server: nginx/1.12.2
Date: Tue,24 Oct 201715:07:39 GMT
Content-Type: text/html
Content-Length:277
Connection: keep-alive
Last-Modified: Mon,13 Jun 201602:50:26 GMT
ETag:"575e1f72-115"
Cache-Control:private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Accept-Ranges: bytes
If you need a username and password, format
curl -x "http://user:pwd@host:port" www.baidu.com
Configure http_proxy and ftp_proxy to application, such as yum proxy configuration
/etc/yum.Add proxy in conf=proxy_addr:port。
# unset http_proxy
# cp /etc/yum.conf /etc/yum.conf.bk
# echo "proxy=http://172.24.8.254:8080">>/etc/yum.conf
# tail -1/etc/yum.conf
proxy=http://172.24.8.254:8080
# vim /etc/yum.repo.d/nginx.repo
[ nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/7/$basearch/
gpgcheck=0
enabled=1
# yum clean all
# yum repolist
Loaded plugins: fastestmirror, langpacks
nginx |2.9 kB 00:00:00
nginx/x86_64/primary_db |31 kB 00:00:01
Determining fastest mirrors
repo id repo name status
nginx/x86_64 nginx repo 90
repolist:90[root@centos7-web yum.repos.d]# yum makecache
Loaded plugins: fastestmirror, langpacks
nginx |2.9 kB 00:00:00(1/2): nginx/x86_64/other_db |16 kB 00:00:00(2/2): nginx/x86_64/filelists_db |39 kB 00:00:01
Loading mirror speeds from cached hostfile
Metadata Cache Created
Global configuration
# cp /etc/skel/.bash_profile /etc/skel/.bash_profile.bk
# vim /etc/skel/.bash_profile
export http_proxy=http://172.24.8.254:8080export https_proxy=http://172.24.8.254:8080
# source /etc/skel/.bash_profile
# env |grep http
http_proxy=http://172.24.8.254:8080
https_proxy=http://172.24.8.254:8080
Recommended Posts