Scribd
Upload
23 views6 pages

34 Proxy Server

Squid is a high-performance web proxy server that caches content to improve bandwidth efficiency and response times, supporting various protocols like FTP and HTTP. It can be configured as a simple proxy, caching server, or firewall, with extensive access controls and logging capabilities. Installation and configuration involve setting up the squid package, adjusting the main configuration file, and managing access through ACLs and web browser settings.

Uploaded by

Sudarshan Gawande
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
23 views6 pages

34 Proxy Server

Squid is a high-performance web proxy server that caches content to improve bandwidth efficiency and response times, supporting various protocols like FTP and HTTP. It can be configured as a simple proxy, caching server, or firewall, with extensive access controls and logging capabilities. Installation and configuration involve setting up the squid package, adjusting the main configuration file, and managing access through ACLs and web browser settings.

Uploaded by

Sudarshan Gawande
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 6

GETTING STARTED

WITH
SQUID WEB PROXY
LINUX ADMIN
Mr. RAM

 SQUID WEB PROXY:

 Squid is a proxy server that caches content to reduce bandwidth and load
web pages more quickly.
 Squid is a high-performance proxy caching server for web clients,
supporting FTP, Gopher, and HTTP data objects. It reduces bandwidth and
improves response times by caching and reusing frequently-requested web
pages.
 Squid has extensive access controls and makes a great server accelerator. It
runs on the most available operating systems, including Windows and is
licensed under the GNU GPL.
 In RHEL, the squid package provides the Squid Caching Proxy.
 A Proxy server can be configured as:
 Simple proxy server : To share the internet connection.
 Caching web server : Store web pages locally to improve performance.
 Firewall : To control access to the internet.

WEB PROXY ARCHITECTURE:


 Proxy sits between the client and web server that the user is trying to
connect to. Many times, these devices are used when you want to control
access to the internet (Think web filtering).
LINUX ADMIN
Mr. RAM

 SQUID INSTALLATION AND CONFIGURATION:


PRE-REQUISITES:

Package name : squid


Main config file : /etc/squid/squid.conf
Startup options for config file : /etc/sysconfig/squid
Cache Location : /var/spool/squid
Log File Location : /var/log/squid
Log File : access.log & cache.log
Service / Daemon : squid
Ports : SQUID – 3128

CONFIGURATION OPTIONS:

http_port : Specifies the port to listen on

visable_hostname : Identifies name of the squid server

access_log : Keeps track of the web page

acl : Access control List

http_access : Which system or network have access

 Installing squid package:


#dnf install squid -y
 Reload the systemd manager configuration:
#systemctl daemon-reload
 Start and enable the squid service:
#systemctl start squid
#systemctl enable squid
LINUX ADMIN
Mr. RAM

 Verify the status of the squid:


#systemctl status squid
 Verify the port number of squid:
#netstat -pantl
#netstat -pantl | grep -i squid

SQUID AS PROXY SERVER:

 A proxy server is a system or router that provides a gateway between users


and the internet.
 It improves privacy, security, and possibly performance in the process.

 Edit squid main configuration file:


#vim /etc/squid/squid.conf

acl mynetwork src 192.168.10.0/24


http_access allow mynetwork

#### Squid normally listens to port 3128


http_port 3128

 Restart the squid service:


#systemctl restart squid

WEB BROWSER SETTINGS:


Go to web browser, in settingsNetwork SettingsUnder manual Proxy
Configuration Add:
HTTP Proxy: 192.168.10.254 Port: 3128
Now we can access Shared Internet
LINUX ADMIN
Mr. RAM

SQUID AS CACHING SERVER:

 Squid is a proxy server that caches content to reduce bandwidth and load
web pages more quickly.

 Edit squid main configuration file:


#vim /etc/squid/squid.conf

cache_dir ufs /var/spool/squid 100 16 256

#### Above settings are ###


Squid uses the ufs cache type.
Squid stores its cache in the /var/spool/squid/ directory.
The cache grows up to 100 MB.
Squid creates 16 level-1 sub-directories in the /var/spool/squid.
Squid creates 256 sub-directories in each level-1 directory.

 Restart the squid service:


#systemctl restart squid
 Now go and verify /var/spool/squid directory:
#cd /var/spool/squid
#ls

SQUID AS FIREWALL SERVER:

 Many times, these devices are used when you want to control access to the
internet (Think web filtering).
 Squid is a caching proxy for the web. We can also configure it to filter and
block internet traffic on a client.

 Edit squid main configuration file:


#vim /etc/squid/squid.conf
LINUX ADMIN
Mr. RAM

acl badsite url_regex .facebook.com


acl badsites url_regex "/etc/squid/badsites_list"
acl badtime time 00:00-06:00
acl badhost src 192.168.10.10

http_access deny badhost


http_access deny badtime
http_access deny badsites
http_access deny badsite

 Create a fiel for badsites list:


#vim /etc/squid/badsites_list
.facebook.com
.youtube.com ## add more bad sites here
 Restart the squid service:
#systemctl restart squid
 Now verify the blocked web sites: http://www.youtube.com
ERROR: The requested URL could not be retrieved

WEB SITE REDIRECTION SETTING:

acl blocksite dstdomain .yahoo.com


deny_info http://www.ibm.com all
http_reply_access deny blocksite all

 Now Restart squid and verify the web site: http://www.yahoo.com


NOTE: The output would be www.ibm.com

LOG FILES:
 The logs are a valuable source of information about Squid workloads and
performance. By default log files are: /var/log/squid
#tail -f access.log and #tail -f cache.log

You might also like