Sunday, August 26, 2007

SQUID PROXY - Configuration

If someone asks me for putting up a proxy server for small network/office to control their internet usage, i will opt for implementing the squid proxy as my first choice.Squid server actually lots of options like content control, speed, cache option and so on. Squid can be implemented and managed with ease. So this article gonna give you the quick start for installing and configuring squid proxy server.
Installing squid
Check for existence
#rpm -qa | grep squid
Installing the package
#rpm -ivh squid* or #yum install squid
Starting service and runlevel service status
#/etc/init.d/squid restart or #service squid restart
#chkconfig --levels 345 squid on

Configuring squid.conf
Source file path

Please add the following lines appropriately

Under access control section
acl SSL_ports port 443 563
acl safeports port 80
acl safeports port 21
acl safeports port 443 563
acl safeports port 70
acl safeports port 210
acl safeports port 280
acl safeports port 488 591 777
acl safeports port 5269 5222 5223
acl blacklist dstdomain
acl noexe url_regex -i exe$
acl nodown url_regex -i \.rar$ \.zip$ \.mp3$ \.wmv$
acl noporn url_regex -i sex dating porn
acl internal src

Calling constructed acl - Under Http access section
http_access deny !safeports
http_access deny Connect !SSL_ports
http_access deny blacklist
http_access deny noexe
http_access deny nodown
http_access deny noporn
http_access deny !internal
http_access allow all

and then save the file and restart the service. Here we go , open your browser set the internet connection setting to correct proxy server address and port number. try out the different combination to check whether applied set of acl works.

This article will just give you the basic stuff, apart from the above configuration lots are there to be considered.

Please do post / comment if you any queastions.


No comments: