Cranial Vomit What the Hell another How to... Hope this one works!!! http://home.exetel.com.au/widget/blog
Debian Proxy with Squid
Squid is a caching proxy server that can provide enhanced performance for HTTP, HTTPS and FTP. Squid will cache commonly accessed sites so that it can improve performance by 10-20% for Internet connections.
Squid is compliant to the Harvest Cache architecture and uses the Inter-Cache Protocol (ICP) to transfer data between peer and /parent/child servers. Squid can accelerate traffic from the inside network to the Internet or it can be employed to act as a front-end accelerator for a Web server, increasing access to the web pages on the server.
Here is what Squid can do: 1.Accelerate Internet Connections for Internal Network 2.Protect the Internal Network When Surfing the Internet 3.Create Detailed Information about User Activity on the Internet 4.Prevent Inappropriate Activity by Users on the Internet 5.Enforce Use by Authorized Users Only 6.Filter Sensitive Material 7.Accelerate Web Server Pages
Squid can act both as a proxy working in behalf of a user and as a cache server. When squid works as a proxy and a user makes a request for a web site, squid retrieves the web page and then provides it to the user. The user, in reality never reaches the Internet as the proxy server retrieves and caches all the sites the user makes requests for.
Systems Used
Operating System: Debian 6.0 Software: Squid 2.7
Install Debian package.
apt-get install squid
Because squid is now integrated with upstart the best way to control squid is using these commands.
/etc/init.d/squid stop /etc/init.d/squid start /etc/init.d/squid restart
1 / 5
Cranial Vomit What the Hell another How to... Hope this one works!!! http://home.exetel.com.au/widget/blog
Important Locations
Once you install Squid, you will need to be familiar with these locations that are important for Squid.
/etc/squid config directory /etc/squid/squid.conf squid configuration file /usr/share/doc/squid documentation and examples /usr/lib/squid support files /usr/sbin/squid squid daemon /var/log/squid log directory /var/spool/squid cache directory
Basic Squid Configuration
The complete configuration file is found at /etc/squid/squid.conf. However, since the Squid configuration file has over 4960 lines it is not the easiest to work with. A basic configuration of Squid only needs one modification, if you are using private networks. The hostname is automatically discovered by squid, however if you want to set a specific name you can use
visible hostname. visible_hostname myserver
The only line that must be set is to create a http_access variable that will allow users on the internal network to access the Internet. Uncomment the following line. (Approx line 678). Note! The localhost is configured to work by default. (Line 677)
http_access allow localnet
This is possible because the default settings now include these three private networks.
acl localnet src 10.0.0.0/8 acl localnet src 172.16.0.0/12 acl localnet src 192.168.0.0/16
By default squid is configured to use port 3128 this can easily be changed in the following section (line 11140
# Squid normally listens to port 3128 http_port 8080
2 / 5
Cranial Vomit What the Hell another How to... Hope this one works!!! http://home.exetel.com.au/widget/blog
Now that basic configuration is complete squid will need to be restarted/started with the following command.
/etc/init.d/squid restart
Use the proxy
In order for the proxy to be used the default http port (80) will need to be blocked at
the firewall and the port 3128 (or whatever you configured) will need to be opened.
All client systems will then need to have their browsers configured to use the new proxy server.
Proxy Log files
3 / 5
Cranial Vomit What the Hell another How to... Hope this one works!!! http://home.exetel.com.au/widget/blog
/var/log/squid/ log file directory
The logs are a valuable source of information about Squid workloads and performance. The logs record not only access information, but also system configuration errors and resource consumption (e.g. memory, disk space). There are several log file maintained by Squid. Some have to be explicitly activated during compile time, while others can safely be deactivated during.
/var/log/squid/access.log : Most log file analysis programs are based on the entries in access.log. You can use this file to find out who is using squid server and what they are doing etc
/var/log/squid/cache.log : The cache.log file contains the debug and error messages that Squid generates. If you start your Squid using the default RunCache script, or start it with the -s command line option, a copy of certain messages will go into your syslog facilities. It is a matter of personal preferences to use a separate file for the squid log data.
/var/log/squid/store.log : The store.log file covers the objects currently kept on disk or removed ones. As a kind of transaction log it is usually used for debugging purposes. A definitive statement, whether an object resides on your disks is only possible after analysing the complete log file. The release (deletion) of an object may be logged at a later time than the swap out (save to disk).
How do I view Squid Log files / logs?
You can use standard UNIX / Linux command such as grep / tail to view log files. You must login as root to view log files.
Text editors such as nano or vi can be used to view log files
nano /var/log/squid/access.log
Use the grep command to search log files as follows:
grep 'string-to-search' /var/log/squid/access.log
Use tail command to display log files in real time as follows:
tail -f /var/log/squid/access.log
Other Considerations
User Authentication. Data limits.
4 / 5
Cranial Vomit What the Hell another How to... Hope this one works!!! http://home.exetel.com.au/widget/blog
Filtering.
References
March 13th 2011 - http://www.squid-cache.org/
March 13th 2011 - http://beginlinux.com/blog/2010/04/ubuntu-10-04-squid-proxy/
March 13th 2011 - http://www.cyberciti.biz/faq/howto-linux-unix-view-squid-log-files/
5 / 5
Powered by TCPDF (www.tcpdf.org)
http://www.squid-cache.org/
http://beginlinux.com/blog/2010/04/ubuntu-10-04-squid-proxy/
http://www.cyberciti.biz/faq/howto-linux-unix-view-squid-log-files/
http://www.tcpdf.org