Configuring Squid Proxy Server

Sure Squid server is a popular open source GPLd proxy and web cache. It has a variety of uses, from speeding up a web server by caching repeated requests, to caching web, name server query , and other network lookups for a group of people sharing network resources. It is primarily designed to run on Linux / Unix-like systems. Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools.

1. Check the necessary RPM
#rpm –q squid

if it's not installed first install it
#yum install squid

2. Set the default gateway and the DNS on the proxy server, so it has a direct connection as an internet.
#system-config-network-tui

3. Give the information about your local network on the proxy server.
#nano /etc/squid/squid.conf
Press CTRL + W
Search – our_networks

4. Uncomment this lines
#acl our_networks src 192.168.1.0/24 192.168.2.0/24 //Remove # mark
#http_access allow our_networks //Remove # mark
5. Save (CTRL + O) and Exit (CTRL + X) file

6. Start the proxy service
#service squid start
#chkconfig squid on

Settings up proxy clients

The proxy client is an application that required internet through the proxy server
EX – Internet Explorer, Mozilla Firefox

Fire Fox
Edit --> Preferences --> Advanced --> Network --> Settings --> manually proxy configuration
http proxy : 192.168.2.101 port : 3128 // proxy server IP and port number

Now clients have to access internet through proxy………

Controlling web access through proxy


1. Open the following file
#nano /ect/squid/squid.conf
Press CTRL + W
Search – # http_access deny all

Put all the rules that you want to control web access through proxy under the above comment. All the block rules must come before the allow rules

To block unwanted website
acl blockweb dstdomain .facebook.com .yahoo.com .google.com
http_access deny blockweb

To block unwanted file download
acl blockfile urlpath_regex –i exe$ mp3$ avi$ rar$
http_access deny blockfile

To allow POP3/ SMTP to access mail through proxy server
acl allowmail proto POP3 SMTP
http_access allow allowmail

2. Save (CTRL + O) and exit (CTRL +X) the file

3. Reload squid service
#service squid reload
---------------------------------------------------------
List of acl tags and examples
http://wiki.squid-cache.org
---------------------------------------------------------

15 comments:

  1. Importent one ...Keep it up

    ReplyDelete
  2. As a person who works for Dell I think your article on server application programming is quite impressive. I think server applications can be created by using various programing languages which are used in IT.

    ReplyDelete
  3. Thank you so much for your nice tutorial.

    Recently I setup a Reverse Proxy Server with Squid (server accelerator) and wrote a full detailed tutorial that you can find in:

    http://cosmolinux.no-ip.org/raconetlinux/html/17-squid.html

    where I explain how to configure Squid (version 3.x) as a reverse Proxy Server (server accelerator), providing examples about how to do it using two
    computers (one as a Proxy server and another as a Web Server) or just by using one single computer.

    I also describe how to format the Squid's logs and how to send the logs to a remote computer.
    Also, you can find an explanation of how to deny access to certain files and how to get correct logs in Apache Web Server.

    I wish it is useful to someone.

    ReplyDelete
  4. Your this blog is very informative and interesting. Keep doing this type of great work.
    Mp3skull UK proxy

    ReplyDelete
  5. The information on this blog is very useful and very interesting. If someone needs to know about the just click
    Mp3skull UK proxy

    ReplyDelete
  6. Your detailed blog is very good. Keep doing this work.
    Torrentz UK proxy

    ReplyDelete
  7. Your this information blog is very informative thanks for share this blog.
    Mp3skull UK proxy

    ReplyDelete
  8. This article is very informative and cool. Thanks for share this beautiful article.
    access Bomb-mp3 in UK

    ReplyDelete