How to Install and Configure Squid Proxy Server on Linux

LinuxserverHTTP

In this article, we will learn how to install and configure the Squid proxy server. A Squid proxy server is an open source and GPLD proxy with web cache. The Squid proxy server has various uses as we can speed up the web server by caching the repeated requests from the clients and we can use it for name server query. We can use it for looking at the network or a group of people for sharing the network resources.

Squid proxy is a high-performance proxy caching server for Web clients which supports FTP, gopher, and HTTP data objects. Squid can handle all the requests in a single and non-blocking I/O driven process. Squid keeps the meta data and the hot objects in the RAM, and caches the DNS lookups, and it also supports non-blocking DNS lookups.

Installing the Squid

# yum install squid
Loaded plugins: fastestmirror, security
Setting up Install Process
Loading mirror speeds from cached hostfile
epel/metalink | 5.2 kB 00:00
* base: ftp.iitm.ac.in
* epel: mirror.premi.st
* extras: ftp.iitm.ac.in
* updates: mirrors.nwsuaf.edu.cn
base | 3.7 kB 00:00
epel | 4.3 kB 00:00
epel/primary_db | 5.9 MB 00:00
extras | 3.4 kB 00:00
updates/primary_db | 5.2 MB 00:00
Resolving Dependencies
--> Running transaction check
---> Package squid.x86_64 7:3.1.23-9.el6 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
==================================================================================================
Package       Arch       Version          Repository Size
==================================================================================================
Installing:
squid x86_64 7:3.1.23-9.el6 base 1.8 M
Transaction Summary
==================================================================================================
Install 1 Package(s)
Total download size: 1.8 M
Installed size: 6.3 M
Is this ok [y/N]: y
Downloading Packages:
squid-3.1.23-9.el6.x86_64.rpm | 1.8 MB 00:00
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : 7:squid-3.1.23-9.el6.x86_64 1/1
Verifying : 7:squid-3.1.23-9.el6.x86_64 1/1
Installed:
squid.x86_64 7:3.1.23-9.el6
Completed

Configure the Squid Proxy

Once the Installation is completed, we needed to edit the configuration file such that, it will allow the client to use it as a proxy server. We needed to define ACL (Access control list) to work with the squid. The default port on the proxy server is TCP 3128.

Below is the example for ACL, To provide access from the local network clients 192.168.87.0/24 and 192.168.88.0/24.

Make sure that this network is active where the browsing will be allowed.

Open the configuration file which is located in /etc/squid/squid.conf

# vi /etc/squid/squid.conf

Once you open the file, remove all the src networks by default the network are shown with possible internal networks

acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl localnet src fc00::/7 # RFC 4193 local private network range
acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines

Add the local address of the network here I am using 192.168.8X.X series in the local environment.

acl our_networks src 192.168.87.0/24 192.168.88.0/24
http_access allow our_networks

Save and close the configuration file and then restart or start the squid proxy server.

# chkconfig squid on
# /etc/init.d/squid start
Starting squid: . [ OK ]

To Verify the Squid Services Running

# netstat -ntlp | grep squid
or
# netstat -ntlp | grep 3128
tcp 0 0 :::3128 :::* LISTEN 2180/(squid)

Client Configuration to Use the Squid Proxy Server

Open the browsers on the client machine and in Tools -> Internet Options -> Network settings -> add the Squid proxy server IP address and use the port No 3128

After this setup and configuration we can able to share internet or cache the web server so that the web pages are loaded to the client as quickly as possible and we can also a single connection to another client in the environment.

raja
Published on 17-Jan-2020 16:44:36
Advertisements