Configuring Srewquid Proxy Server
Configuring Srewquid Proxy Server
Sure Squid server is a popular open source GPLd proxy and web cache. It has a variety of uses, from speeding up a web server by caching repeated requests, to caching web, name server query , and other network lookups for a group of people sharing network resources. It is primarily designed to run on Linux / Unix-like systems. Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports nonblocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools.
2. Set the default gateway and the DNS on the proxy server, so it has a direct connection as an internet. #system-config-network-tui
3. Give the information about your local network on the proxy server. #nano /etc/squid/squid.conf Press CTRL + W Search our_networks
4. Uncomment this lines #acl our_networks src 192.168.1.0/24 192.168.2.0/24 //Remove # mark #http_access allow our_networks //Remove # mark 5. Save (CTRL + O) and Exit (CTRL + X) file
The proxy client is an application that required internet through the proxy server EX Internet Explorer, Mozilla Firefox
Fire Fox Edit --> Preferences --> Advanced --> Network --> Settings --> manually proxy configuration http proxy : 192.168.2.101 port : 3128 // proxy server IP and port number
1. Open the following file #nano /ect/squid/squid.conf Press CTRL + W Search # http_access deny all
Put all the rules that you want to control web access through proxy under the above comment. All the block rules must come before the allow rules
To block unwanted website acl blockweb dstdomain .facebook.com .yahoo.com .google.com http_access deny blockweb
To block unwanted file download acl blockfile urlpath_regex i exe$ mp3$ avi$ rar$ http_access deny blockfile
To allow POP3/ SMTP to access mail through proxy server acl allowmail proto POP3 SMTP http_access allow allowmail
02. Start the FTP service [root@daddylinux~]#service vsftpd start [root@daddylinux~]#chkconfig vsftpd on
03. The FTP service will be automatically configured in the following two different ways Public FTP - No username or password necessary Private FTP A valid username and password is necessary Public FTP If you need any body to access files from your FTP server without given username and password, you will have copy all the files that other people need to download in to /var/ftp folder.
Go to the web browser and enter the your FTP address (http://ftp.server.lk) Private FTP
Create a user account on the ftp server and use that account login in to the FTP server through the web server. You will be automatically log in to the users home folder. [root@daddylinux~]#useradd uddika [root@daddylinux~]#passwd uddika
anonymous-enable = YES Change to anonymous-enable = NO How to restrict unnecessary users through FTP
01. Edit the configuration file [root@daddylinux~]#nano /etc/vsftpd/ftpusers ------------------------------------------------------------------------------------------------------------Uddika // Enter the username