General Information
Squid is “a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. It reduces bandwidth and improves response times by caching and reusing frequently-requested web pages.”
Links:
Checklist
Squid is available in CentOS base repos.
yum install squid
Config: /etc/squid/squid.conf
Modify “localnet” acl lines to only the networks you want talking to Squid
acl localnet src 10.1.2.0/24 # my network
Delete/Add to the “Safe_Ports” acl to only accept certain types of traffic
acl SSL_ports port 443 acl Safe_ports port 80 acl Safe_ports port 443
Change Squid listening port (if needed)
# Default Squid listen port 3128 http_port 3128
Uncomment the “cache_dir” line to create a space on disk to cache files
cache_dir ufs /var/spool/squid 512 16 256
Start squid
service squid start
Enable on boot
chkconfig squid on
View Access Log for proxy TCP Hits and Misses
tail -f /var/log/squid/access.log
You can configure web browsers to go through Squid to take advantage of cached content.
Squid can also be used as a web filter.
vim /etc/squid/blocked-sites.conf # Blocked Websites www.google.com
vim /etc/squid/squid.conf ## Blocked Sites ## acl blockedsites dstdomain "/etc/squid/blocked-sites.conf" http_access deny blockedsites
service squid reload
vim /etc/squid/blocked-keywords.conf # Blocked key words gaming
vim /etc/squid/squid.conf ## Block keywords ## acl blockedkeywords url_regex -i "/etc/squid/blocked-keywords.conf" http_access deny blockedkeywords