0% found this document useful (0 votes)

194 views3 pages

Install Squid Proxy Server On CentOS

This document provides instructions for installing and configuring the Squid proxy server on CentOS/RHEL 5. It describes using yum to install Squid, editing the squid.conf file to define ACLs for allowed internal networks, starting the squid service, and configuring iptables firewall rules to allow access to port 3128. Basic client configuration is also outlined.

Uploaded by

Bablu Son

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as DOCX, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

194 views3 pages

Install Squid Proxy Server On CentOS

Uploaded by

Bablu Son

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as DOCX, PDF, TXT or read online on Scribd

You are on page 1/ 3

Install Squid Proxy Server on CentOS / Redhat enterprise Linux 5

by Vivek Gite on August 30, 2007 55 comments Last updated February 24, 2008 I've already wrote about setting up a Linux transparent squid proxy system. However I'm getting lots of questions about Squid basic installation and configuration: How do I install Squid Proxy server on CentOS 5 Liinux server? Sure Squid server is a popular open source GPLd proxy and web cache. It has a variety of uses, from speeding up a web server by caching repeated requests, to caching web, name server query , and other network lookups for a group of people sharing network resources. It is primarily designed to run on Linux / Unix-like systems. Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports nonblocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools.

Install Squid on CentOS / RHEL 5

Use yum command as follows:
# yum install squid

Output:
Loading "installonlyn" plugin Setting up Install Process Setting up repositories Reading repository metadata in from local files Parsing package install arguments Resolving Dependencies --> Populating transaction set with selected packages. Please wait. ---> Package squid.i386 7:2.6.STABLE6-4.el5 set to be updated --> Running transaction check Dependencies Resolved ============================================================================= Package Arch Version Repository Size ============================================================================= Installing: squid i386 7:2.6.STABLE6-4.el5 updates 1.2 M Transaction Summary ============================================================================= Install 1 Package(s) Update 0 Package(s) Remove 0 Package(s)

Total download size: 1.2 M Is this ok [y/N]: y Downloading Packages: Running Transaction Test Finished Transaction Test Transaction Test Succeeded Running Transaction Installing: squid Installed: squid.i386 7:2.6.STABLE6-4.el5 Complete!

######################### [1/1]

Squid Basic Configuration

Squid configuration file located at /etc/squid/squid.conf. Open file using a text editor:
# vi /etc/squid/squid.conf

At least you need to define ACL (access control list) to work with squid. The defaults port is TCP 3128. Following example ACL allowing access from your local networks 192.168.1.0/24 and 192.168.2.0/24. Make sure you adapt to list your internal IP networks from where browsing should be allowed:
acl our_networks src 192.168.1.0/24 192.168.2.0/24 http_access allow our_networks

Save and close the file. Start squid proxy server:

# chkconfig squid on # /etc/init.d/squid start

Output:
init_cache_dir /var/spool/squid... Starting squid: . [ OK ]

Verify port 3128 is open:

# netstat -tulpn | grep 3128

Output:
tcp LISTEN 0 0 0.0.0.0:3128 20653/(squid) 0.0.0.0:*

Open TCP port 3128

Finally make sure iptables is allowing to access squid proxy server. Just open /etc/sysconfig/iptables file:
# vi /etc/sysconfig/iptables

Append configuration:
-A RH-Firewall-1-INPUT -m state --state NEW,ESTABLISHED,RELATED -m tcp -p tcp --dport 3128 -j ACCEPT

Restart iptables based firewall:

# /etc/init.d/iptables restart

Output:
Flushing firewall rules: Setting chains to policy ACCEPT: filter [ [ OK OK ] ]

Unloading iptables modules: [ Applying iptables firewall rules: [ Loading additional iptables modules: ip_conntrack_netbios_n[

OK OK OK

] ] ]

Client configuration
Open a webbrowser > Tools > Internet option > Network settings > and setup Squid server IP address and port # 3128.

See also
You may find our previous squid tips useful:

Squid Security and blocking content Related Tips

Squid content filtering: Block / download of music MP3, mpg, mpeg, exec files Squid deny users accessing a website Squid Proxy Server Limit the number of simultaneous Web connections from a client with maxconn ACL

Squid Authentication Related Tips

Howto: Squid proxy authentication using ncsa_auth helper Squid NTLM authentication configuration using ntlm_auth Configure squid for LDAP authentication using squid_ldap_auth helper

Squid Other Tips

Linux: Setup a transparent proxy with Squid in three easy steps Linux Iptables allow SQUID proxy incoming client request Enable permissive mode for SELinux troubleshooting purpose Benchmarking squid and other caching proxy servers