- To install Squid :
1.1 Type the following command in a terminal :
sudo aptitude install squid2. Configuration of Squid is done by editing the following file: /etc/squid/squid.conf
sudo nano /etc/squid/squid.conf
2.1.Naming the proxy
It is important that Squid knows the name of the machine. To do this, locate the line : visible_hostname.
Changed to
visible_hostname <machine name>
Note: you can find the machine name in /etc/hostname file in linux :
sudo vi /etc/hostname
2.2 Choosing the Port
By default, the proxy server will use port 3128. To choose another port, locate the line:
http_port 3128
and change the port number, if we want to listen on custom port :
http_port 3177
2.3.Choosing the interface
By default the proxy server will listen on all interfaces. For security reasons, its better to put it on your local network only.
For Example : If the network card connected to your LAN has IP 172.16.1.1, change the line:
http_port 172.16.1.1:3177
2.4. Setting access rights and priorities :
By default, nobody else is allowed to connect to the proxy server. A list of permissions must be created.
For example, we will define a group encompassing the local network.
acl lanhome src 172.16.0.0/255.255.0.0
‘lanhome’ can be any name which we want to specify in squid config file for the private domain
2.5. Authorizing access to group :
Now that the group is defined, we will authorise it to use the proxy.
Locate the line http_access allow ... and add below (before the line http_access deny all):
http_access allow lanhome
Note : Allow the use of non-standard ports
By default, Squid allows HTTP traffic only on specific ports (e.g. 80). This can cause problems for websites using other ports.
To avoid this deadlock,
find the line
http_access deny! Safe_ports
and then edit it to:
# http_access deny! Safe_ports
3.Starting the Proxy
Restart the proxy to apply the modifications you made. Type:
sudo /etc/init.d/squid restart
4. Server logs
There are three types of logs are generated by squid.Found in the /var/log/squid.
- accesslog
Most log file analysis program are based on the entries in access.log.
Squid allow the administrators to configure their logfile format and log output method with great flexibility. Previous versions offered a much more limited functionality.
- cache.log
- store.log
No comments:
Post a Comment