Professional Documents
Culture Documents
Configuration ( Part 1)
LinuxTechLab.com
Hello Linux-Fanatics. In this tutorial we will be discussing Squid Proxy Server, which is a widely used
Open Source web proxy.
But before we dig deep into it, lets discuss what is a Web proxy server & what are the benefits of
using a web proxy.
Web Proxy
A proxy is an intermediary/middle-agent between computer/computers & other resources, mostly
internet. It seeks requests from client & transfer them to internet.
Scenario Setup
Firstly, to test or create a squid proxy setup, we will need a squid server & a client machine.
Squid server Clients Machine
OS : Centos/RHEL 6 or 7 OS: Centos/RHEL 6 or 7
Hostname : server.test.com Hostname: client1.test.com
IP Address :192.168.1.100 IP Address : 192.168.1.101
LinuxTechLab.com
Important
Configuration file /etc/squid/squid.conf
Default port 3128
Installation
In order to install, use following command
Configuration
We need to create an ACL rule (Access Control List), which is the list or rule with list of access control
entries.Some acl rules are already written in configuration file by default in the configuration file,
So, this is what an acl rule look like. Lets see what these means,
firstly,acl this is declaring that a new acl is starting
then,localhost is the name of acl created
src is used in case acl is for local Ipadress , srcdomain is used for declaring Localdomain, dst for
public IP & dstdomain for publlic domain name
and lastly,127.0.01/32 declares the IP Address on which the acl is to be applied, in this case its
localhost or 127.0.0.1
Note ts always wise to have a backup of original configuration file when starting to make changes. So,
create a backup a backup of before starting.
tail -f /var/log/squid/access.log
and it should show you all the received requests from client to server.
Note Also set http_access deny all to http_access allow all , otherwise we wont be able to access
internet.
Now, restart your squid proxy server to apply changes or we can also use squid -k reconfigure to
implement changes to server without restarting the server.
then, we will access clients machine and open Facebook but you wont be able to access it at all. As for
other websites you can access them just fine.
So, this completes part 1 of the tutorial. In part 2 of tutorial ,we will discuss how to block multiple
websites, creating time based acl & also using cache to speed up browsing.
LinuxTechLab.com
Squid proxy server- Installation &
Configuration (Part 2)
Welcome back Linux-fanatics. In our part 1 of the tutorial, we discussed installation & configuration
of Squid proxy server, configuration on clients machine & blocking a single website.
Now,we will proceed further & discuss how to block multiple website with single acl, creating a time
based acl & also speeding up our browsing by enabling cache.
( Also Read : Setting up SQUID AUTHENTICATION )
vi /etc/squid/blacksites
and add the websites we need blocked & save the file
.facebook.com
.youtube.com
.twitter.com
vi /etc/squid/squid.conf
Note you can also use squid -k reconfigure to apply changes to server without actually restarting the
server.
LinuxTechLab.com
Time based acl
Sometimes, we might require access to a blocked website for a certain period of time or we might need
to block certain websites for certain time. This can be achieved using a time based acl
Firstly, open configuration file
vi /etc/squid/squid.conf
lastly, restart your server to implement changes. & we now have access of blocked sites on Monday,
Tuesday & Wednesday between 10:30AM to 11:30AM .
vi /etc/squid/squid.conf
and, 16 is number of 1st level sub-directories & 256 is 2nd level sub directories in cache folder.
So this concludes our tutorial, hope it simple enough to follow. In next tutorial we will discuss SARG ,
which analyze all the proxy logs & present them in nice, easy to understand HTML format.
LinuxTechLab.com