Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Squid Proxy ====== **General Information** Squid is "a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. It reduces bandwidth and improves response times by caching and reusing frequently-requested web pages." Links: * Official Site: http://www.squid-cache.org/ * Squid Logs: http://wiki.squid-cache.org/SquidFaq/SquidLogs **Checklist** * Distro(s): Enterprise Linux 6 ---- ====== Install Squid ====== Squid is available in CentOS base repos. <code bash> yum install squid </code> * Main Config: /etc/squid/squid.conf * Log file: /var/log/squid/access.log ---- ====== Configure ====== Config: /etc/squid/squid.conf Modify "localnet" acl lines to only the networks you want talking to Squid <code bash> acl localnet src 10.1.2.0/24 # my network </code> Delete/Add to the "Safe_Ports" acl to only accept certain types of traffic <code bash> acl SSL_ports port 443 acl Safe_ports port 80 acl Safe_ports port 443 </code> Change Squid listening port (if needed) <code bash> # Default Squid listen port 3128 http_port 3128 </code> Uncomment the "cache_dir" line to create a space on disk to cache files <code bash> cache_dir ufs /var/spool/squid 512 16 256 </code> * The "512" means use 512 MB of space for cached content. This can be increased for busier proxies. (default is 100MB) ---- ====== Run Squid ====== Start squid <code bash> service squid start </code> Enable on boot <code bash> chkconfig squid on </code> View Access Log for proxy TCP Hits and Misses <code bash> tail -f /var/log/squid/access.log </code> ---- ====== Point Clients to Squid ====== You can configure web browsers to go through Squid to take advantage of cached content. * Firefox * Options > Preferences > Advanced > Network tab > Connection Settings * Select "Manual proxy configuration" * HTTP Proxy: <server-ip> * Port: <squid-listening-port> * Click Ok ---- ====== Web Filter ====== Squid can also be used as a web filter. ===== Block Domains ===== - Create a file of sites to reference - <code bash>vim /etc/squid/blocked-sites.conf # Blocked Websites www.google.com</code> - Create a new acl in the main squid config - <code bash>vim /etc/squid/squid.conf ## Blocked Sites ## acl blockedsites dstdomain "/etc/squid/blocked-sites.conf" http_access deny blockedsites</code> - Reload Squid for changes to take affect - <code bash>service squid reload</code> ===== Block Key Words ===== * Create file of key words * <code bash>vim /etc/squid/blocked-keywords.conf # Blocked key words gaming</code> * Create a new ACL in the main squid config * <code bash>vim /etc/squid/squid.conf ## Block keywords ## acl blockedkeywords url_regex -i "/etc/squid/blocked-keywords.conf" http_access deny blockedkeywords</code> ---- linux_wiki/squid_proxy.txt Last modified: 2019/05/25 23:50(external edit)