Nginx是一款以輕量級、低內存開銷、支持緩存、支持反向代理，負載均衡，電子郵件服務而著稱。對于鮮為人知的是，它還可以作為一個簡單易用的正向代理服務器。本文簡要描述這個正向代理功能并給出演示，供大家參考。

有關Nginx的安裝請參考
CentOS 7下yum方式安裝Nginx
Nginx 概述及日常管理
Nginx基于IP，端口，域名配置虛擬主機

一、配置nginx正向代理服務端配置

演示環境
# more /etc/redhat-release 
CentOS Linux release 7.2.1511 (Core) 當前主機名稱及ip
# hostname
centos7-router# ip addr|grep -inet|grep global
9: inet 172.24.8.254/24 brd 172.24.8.255 scope global eno16777728
15: inet 192.168.1.175/24 brd 192.168.1.255 scope global dynamic eno33554960當前主機的dns配置
# more /etc/resolv.conf
# Generated by NetworkManager
nameserver 192.168.1.1nginx版本
# nginx -v
nginx version: nginx/1.12.2nginx正向代理配置
# vim /etc/nginx/conf.d/proxy.conf
server {listen 8080;            ##指定一個非缺省端口用于提供代理服務server_name localhost;resolver 192.168.1.1;    ##指定DNS服務器IPlocation / {      proxy_pass $scheme://$host$request_uri;proxy_set_header Host $http_host;##proxy_pass：設置代理服務器的協議和地址以及位置應映射到的可選URI。協議可指定http或https##proxy_set_header：與許字段重新定義或附加請求標頭傳遞給代理服務器proxy_buffers 256 4k;          ## Author : Leshamiproxy_max_temp_file_size 0;    ## Blog  : http://blog.csdn.net/leshami##proxy_buffers：為單個連接設置用于從代理服務器讀取響應的緩沖區個數和緩沖區大小##proxy_max_temp_file_size：禁用緩沖對臨時文件的響應proxy_connect_timeout 30;        ##代理連接超時時間proxy_cache_valid 200 302 10m;  ##為不同的響應代碼設置緩存時間proxy_cache_valid 301 1h;proxy_cache_valid any 1m;}
}# systemctl reload nginx.service
# ss -nltp|grep nginx
LISTEN 0 128 *:8080 *:* users:(("nginx",pid=110780,fd=10),("nginx",pid=19774,fd=10))
LISTEN 0 128 *:80 *:* users:(("nginx",pid=110780,fd=6),("nginx",pid=19774,fd=6))防火墻配置
# firewall-cmd --add-port=8080/tcp --permanent
# firewall-cmd --reload

二、客戶端配置

客戶端主機名及IP# hostnamecentos7-web.example.com# ip addr|grep inet|grep globalinet 172.24.8.128/24 brd 172.24.8.255 scope global eno16777728臨時設置當前環境變量http_proxy# export http_proxy=http://172.24.8.254:8080# curl -I http://www.baidu.comHTTP/1.1 200 OKServer: nginx/1.12.2Date: Tue, 24 Oct 2017 14:59:44 GMTContent-Type: text/htmlContent-Length: 277Connection: keep-aliveLast-Modified: Mon, 13 Jun 2016 02:50:26 GMTETag: "575e1f72-115"Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transformPragma: no-cacheAccept-Ranges: bytes清除http_proxy# unset http_proxy演示wget直接使用代理參數方式訪問網絡# wget -e "http_proxy=http://172.24.8.254:8080" www.baidu.com--2017-10-24 23:03:48-- http://www.baidu.com/Connecting to 172.24.8.254:8080... connected.Proxy request sent, awaiting response... 200 OKLength: 2381 (2.3K) [text/html]Saving to: ‘index.html’演示curl直接使用代理參數方式訪問網絡# curl -x http://172.24.8.254:8080 -I http://www.baidu.comHTTP/1.1 200 OKServer: nginx/1.12.2Date: Tue, 24 Oct 2017 15:07:39 GMTContent-Type: text/htmlContent-Length: 277Connection: keep-aliveLast-Modified: Mon, 13 Jun 2016 02:50:26 GMTETag: "575e1f72-115"Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transformPragma: no-cacheAccept-Ranges: bytes如果需要用戶名密碼，格式curl -x "http://user:pwd@host:port" www.baidu.com配置http_proxy以及ftp_proxy到應用程序，如yum代理配置
/etc/yum.conf里面增加proxy=proxy_addr:port。# unset http_proxy# cp /etc/yum.conf /etc/yum.conf.bk# echo "proxy=http://172.24.8.254:8080">>/etc/yum.conf# tail -1 /etc/yum.confproxy=http://172.24.8.254:8080# vim /etc/yum.repo.d/nginx.repo[nginx]name=nginx repobaseurl=http://nginx.org/packages/centos/7/$basearch/gpgcheck=0enabled=1# yum clean all# yum repolistLoaded plugins: fastestmirror, langpacksnginx | 2.9 kB 00:00:00nginx/x86_64/primary_db | 31 kB 00:00:01Determining fastest mirrorsrepo id repo name statusnginx/x86_64 nginx repo 90repolist: 90[root@centos7-web yum.repos.d]# yum makecacheLoaded plugins: fastestmirror, langpacksnginx | 2.9 kB 00:00:00(1/2): nginx/x86_64/other_db | 16 kB 00:00:00(2/2): nginx/x86_64/filelists_db | 39 kB 00:00:01Loading mirror speeds from cached hostfileMetadata Cache Created全局配置# cp /etc/skel/.bash_profile /etc/skel/.bash_profile.bk# vim /etc/skel/.bash_profileexport http_proxy=http://172.24.8.254:8080export https_proxy=http://172.24.8.254:8080# source /etc/skel/.bash_profile# env |grep httphttp_proxy=http://172.24.8.254:8080https_proxy=http://172.24.8.254:8080