Wednesday, July 9, 2008

Squid Proxy quick and easy

the Squid config file can be quite daunting as it has over 4000 lines.

here's how to get squid up and running quickly.

Before activating squid you need to add three lines to the config file.
You need to add the hostname of your squid server. To do this add the following line to your
/etc/squid/squid.conf file , add it near the associated comment in the file.
were hostname.domainname.com is the host name of your squid proxy server.

visible_hostname hostname.domainname.com

Next you need to add the following basic access lists, so that your machines will be able to connect to squid.
acl our_networks src 192.168.0.0/24
http_access allow our_networks

were 192.168.0.0/24 is the address's of the machines that will be accessing your proxy server. You can add as many address ranges as you want. eg
acl our_networks 192.168.0.0/24 172.16.0.0/24 10.0.0.0/24
etc etc. save your changes and exit.
Make sure that you allow port 3128 on your firewall, as that is the default port that squid uses. You can change this port to anything you want like 8080 by editing the default port stanza in your /etc/squid/squid.conf file

type squid -z
this will create the squid swap directories.

Make sure that squid starts up on start up by typing
chkconfig squid on this will insure it starts on run levels 3 and 5

and then start squid by typing /etc/init.d/squid start

Done, squid should be up and running and caching webpages for your users.

Squid is a high performance very flexible and powerful caching proxy server
with many configurable options , for example, you can set up
password protected web browsing authentication for your users,
so that you can monitor web usage associated to login name, not only IP address. This is useful in an environment were more than one user uses the same machine. You can also restrict access to websites at certain times of the day for certain users.A comprehensive user guide on squid is available at http://euler.aero.iitb.ac.in/docs/web/squid/html/book1.html

No comments: