1) Need to check in linux Squid install or not fist....
In terminal type: "rpm -q squid"
2) If not install software, please get rpm file from http://rpmfind.net and search "squid" and get the file "squid-2.5.STABLE6-3.i386.rpm" for Redhat ES4 & save to /opt then cd /opt
3)Install squid in cd /opt: "rpm -ivh squid-2.5.STABLE6-3.i386.rpm"
4) After install success need to edit squid.conf like below:
vi /etc/squid.conf
=================================================
http_port 192.168.0.1:3128
heirarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 32 # use 32MB of memory only
cache_swap_low 80 # set cache sensitivity
cache_swap_high 100 # set cache sensitivity
maximum_object_size 1024 KB # if objects are too large, dont cache
cache_dir ufs /var/spool/squid 512 16 256 # use 512mb disk space for cache only
cache_access_log /var/log/squid/access.log (none in Future) # disable logs access
cache_log none # disable the object cache logs
cache_store_log none # disable the store cache logs
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
half_closed_clients off # don't monitor browser status
acl all src 0.0.0.0/0.0.0.0
acl full_host src 192.168.0.0/255.255.255.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow full_host
http_access deny all
http_reply_access allow all
# Transparent Proxy setting
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on /for tran.should be on add that four lines
=================================================
save the file: Esc, Shift+:wq (save and quit)
5) After squid configure need to add command in IPtables:
"iptables –t nat –A PREROUTING –p tcp –m tcp --dport 80 –j DNAT --to–destination 192.168.0.1:3128"
6) Save in Iptables : "iptables-save > /etc/sysconfig/iptables"
7) Need to start squid service: "service squid start"
8) Squid start auto during boot service: Go to "ntsysv" check 'squid' option and OK
9) You can interactively see the squid logs using the
command: "tail –f /var/log/squid/access.log"
10) If not working....restart services "Network / Squid / iptables"
service network restart / service squid restart / service iptables restart
Credits: nsharif.blogspot.com
In terminal type: "rpm -q squid"
2) If not install software, please get rpm file from http://rpmfind.net and search "squid" and get the file "squid-2.5.STABLE6-3.i386.rpm" for Redhat ES4 & save to /opt then cd /opt
3)Install squid in cd /opt: "rpm -ivh squid-2.5.STABLE6-3.i386.rpm"
4) After install success need to edit squid.conf like below:
vi /etc/squid.conf
=================================================
http_port 192.168.0.1:3128
heirarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 32 # use 32MB of memory only
cache_swap_low 80 # set cache sensitivity
cache_swap_high 100 # set cache sensitivity
maximum_object_size 1024 KB # if objects are too large, dont cache
cache_dir ufs /var/spool/squid 512 16 256 # use 512mb disk space for cache only
cache_access_log /var/log/squid/access.log (none in Future) # disable logs access
cache_log none # disable the object cache logs
cache_store_log none # disable the store cache logs
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
half_closed_clients off # don't monitor browser status
acl all src 0.0.0.0/0.0.0.0
acl full_host src 192.168.0.0/255.255.255.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow full_host
http_access deny all
http_reply_access allow all
# Transparent Proxy setting
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on /for tran.should be on add that four lines
=================================================
save the file: Esc, Shift+:wq (save and quit)
5) After squid configure need to add command in IPtables:
"iptables –t nat –A PREROUTING –p tcp –m tcp --dport 80 –j DNAT --to–destination 192.168.0.1:3128"
6) Save in Iptables : "iptables-save > /etc/sysconfig/iptables"
7) Need to start squid service: "service squid start"
8) Squid start auto during boot service: Go to "ntsysv" check 'squid' option and OK
9) You can interactively see the squid logs using the
command: "tail –f /var/log/squid/access.log"
10) If not working....restart services "Network / Squid / iptables"
service network restart / service squid restart / service iptables restart
Credits: nsharif.blogspot.com
Comments (0)
Post a Comment