Squid Proxy
Squid is a caching proxy server.
Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. It reduces bandwidth and improves response times by caching and reusing frequently-requested web pages. Squid has extensive access controls and makes a great server accelerator. It runs on most available operating systems, including Windows and is licensed under the GNU GPL.
Read More
Squid is available with major linux distributions like CentOS, Fedora.
To install Squid
yum install squid
To configure Squid.
vi /etc/squid/squid.conf
visible_hostname test.squid
Restart Squid Service
service squid restart
Use your local squid proxy server ip address & port 3128 (squid default port) to configure in internet clients. While accessing internet you’ll get error Access Denied.
To allow internet access to your local lan.
vi /etc/squid/squid.conf
acl myuser src 192.168.1.0/255.255.255.0
http_access allow myuser
To allow all internet sites, blocking few e.g jobs, community.
acl myuser src 192.168.1.0/255.255.255.0
acl deniedsites url_regex “/etc/squid/denied” #list of the sites blocked
http_access deny myuser deniedsites #to block ban sites
http_access allow myuser
To disabled caching for specific sites, you might require to disable caching for few sites e.g intranet site.
acl MYSITES url_regex “/etc/squid/nocache”
no_cache deny MYSITES
Squid with ARP instead ip address.
You may be using DHCP with minimum lease time, in this case you require to filter sites using MAC ADD instead of ip address.
You need to compile Squid from source with –enable-arp-acl (use squid -v & add all existing configuration option.)
acl yahoomailuser arp “/etc/squid/yahoomailuser” #list of the user’s mac add
acl yahoomail url_regex “/etc/squid/yahoomail” #url allowed
http_access allow yahoomailuser yahoomail
Transparent proxy.
vi /etc/squid/squid.con
http_port 192.168.1.1:3128 transparent # squid local ip addressOR
http_port 3128 transparent
Transparent proxy is used when you do not wish to define proxy settings in clients terminal, for that you need to do port redirection using iptables over gateway.
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128
Related posts:
Hi
if you are downloading package from yum on your system it will not get compiled with –enable-arp option better you can download custom rpm package.
Following is the link of squid rpm
http://people.redhat.com/jskala/squid/squid-3.0.STABLE13-1.el5/i386/squid-3.0.STABLE13-1.el5.i386.rpm
[...] online advertising Popular PostsFrench police switch from Windows to Linux (5037)Squid Proxy (294)VirtualBox 3.0 Beta 1 released (289)How To Shrink Your Virtualbox VM (268)Ubuntu USB Boot for [...]
[...] online advertising Popular PostsFrench police switch from Windows to Linux (5037)Squid Proxy (294)VirtualBox 3.0 Beta 1 released (289)How To Shrink Your Virtualbox VM (268)Ubuntu USB Boot for [...]
[...] PostsFrench police switch from Windows to Linux (5049)NConf Installation & Configuration (475)Squid Proxy (435)How To Shrink Your Virtualbox VM (426)Virtualization using Xenserver (350)Citrix XenServer [...]
[...] I have already covered basic configuration for Squid [...]
Intimately, the write-up is genuinely the sweetest on this worthw hile subject. I fit in with your conclusions and will eagerly look forward for your coming updates. Just saying many thanks will not just be adequate, for that wonderful clarity as part of your writing. I am going to promptly grab your rss feed to stay privy of any updates. Very good do the job and a lot success in your company dealings!
[...] Most of the linux admins have used squid over linux. This is one of the best proxy available. [...]