From Annvix

Squid

Squid is a robust, enterprise class, caching proxy server. Bluntly put, if you need a proxy, it is probably one of the best solutions available.

It is not, however, the most simple tool you can work with.

If you get dizzy and feel faint at the thought of configuring Apache through configuration files, managing sendmail with m4 and sendmail.mc or managing permissions with pam, then this is not the tutorial for you.

Note that there are a lot of good tutorials out there, but the complexity of the task in comparison to the detail of this tutorial means that reading and understanding documentation elsewhere will be absolutely required.

Install squid, probably something like
```
apt-get install squid
```
Spend some time getting to know the configuration file at /etc/squid.conf
Add squid to services
- srv --add squid
I wish I thought this was an optional step
Figure out what you did wrong by examining /var/log/service/squid/current
Eventually get started and observe logs generated in /var/log/squid/access.log

Tips

You can create password files for the access control lists with htpasswd
If you want to do transparent proxying, you will need to use the keyword transparent in addition to the directions you will find in most places. You should also look at the Router documentation.

The line numbers are added for reference, but my testing squid.conf looks like this:

1       http_port 3128 transparent
2       httpd_accel_host virtual
3       httpd_accel_port 80
4       httpd_accel_with_proxy on
5       httpd_accel_uses_host_header on
6       hierarchy_stoplist cgi-bin ?
7       acl QUERY urlpath_regex cgi-bin \?
8       cache deny QUERY
9       acl apache rep_header Server ^Apache
10      broken_vary_encoding allow apache
11      access_log /var/log/squid/access.log squid
12      refresh_pattern ^ftp:           1440    20%     10080
13      refresh_pattern ^gopher:        1440    0%      1440
14      refresh_pattern .               0       20%     4320
15      acl all src 0.0.0.0/0.0.0.0
16      acl manager proto cache_object
17      acl localhost src 127.0.0.0/8
18      acl localhost src 192.168.0.0/24
19      acl localhost src 10.0.0.3/32
20      acl to_localhost dst 127.0.0.0/8
21      acl whitelist dstdomain "/etc/squid/whitelist"
22      acl SSL_ports port 443 563
23      acl Safe_ports port 80          # http
24      acl Safe_ports port 21          # ftp
25      acl Safe_ports port 443 563     # https, snews
26      acl Safe_ports port 70          # gopher
27      acl Safe_ports port 210         # wais
28      acl Safe_ports port 1025-65535  # unregistered ports
29      acl Safe_ports port 280         # http-mgmt
30      acl Safe_ports port 488         # gss-http
31      acl Safe_ports port 591         # filemaker
32      acl Safe_ports port 777         # multiling http
33      acl CONNECT method CONNECT
34      http_access allow localhost
35      http_access deny !Safe_ports
36      http_access deny CONNECT !SSL_ports
37      http_reply_access allow all
38      icp_access allow all
39      cache_mgr youremail@youraddress.com
40      coredump_dir /var/spool/squid

Retrieved from "http://annvix.org/Documentation/Squid"

Personal tools

Search

Toolbox

From Annvix

Squid

Tips

Views

Home Recent changes Donations Page Index About Annvix Project Goals Development Team News Developer's Blog Resources User Guide Documentation Release Notes Changelog Mailing Lists Download Annvix Development Tools View Subversion CIA Project Page Ohloh Project Page Search Toolbox What links here Related changes Upload file Special pages Printable version	/Documentation/Squid From Annvix Squid Squid is a robust, enterprise class, caching proxy server. Bluntly put, if you need a proxy, it is probably one of the best solutions available. It is not, however, the most simple tool you can work with. If you get dizzy and feel faint at the thought of configuring Apache through configuration files, managing sendmail with m4 and sendmail.mc or managing permissions with pam, then this is not the tutorial for you. Note that there are a lot of good tutorials out there, but the complexity of the task in comparison to the detail of this tutorial means that reading and understanding documentation elsewhere will be absolutely required. Install squid, probably something like apt-get install squid Spend some time getting to know the configuration file at /etc/squid.conf Add squid to services srv --add squid I wish I thought this was an optional step Figure out what you did wrong by examining /var/log/service/squid/current Eventually get started and observe logs generated in /var/log/squid/access.log Tips You can create password files for the access control lists with htpasswd If you want to do transparent proxying, you will need to use the keyword transparent in addition to the directions you will find in most places. You should also look at the Router documentation. The line numbers are added for reference, but my testing squid.conf looks like this: 1 http_port 3128 transparent 2 httpd_accel_host virtual 3 httpd_accel_port 80 4 httpd_accel_with_proxy on 5 httpd_accel_uses_host_header on 6 hierarchy_stoplist cgi-bin ? 7 acl QUERY urlpath_regex cgi-bin \? 8 cache deny QUERY 9 acl apache rep_header Server ^Apache 10 broken_vary_encoding allow apache 11 access_log /var/log/squid/access.log squid 12 refresh_pattern ^ftp: 1440 20% 10080 13 refresh_pattern ^gopher: 1440 0% 1440 14 refresh_pattern . 0 20% 4320 15 acl all src 0.0.0.0/0.0.0.0 16 acl manager proto cache_object 17 acl localhost src 127.0.0.0/8 18 acl localhost src 192.168.0.0/24 19 acl localhost src 10.0.0.3/32 20 acl to_localhost dst 127.0.0.0/8 21 acl whitelist dstdomain "/etc/squid/whitelist" 22 acl SSL_ports port 443 563 23 acl Safe_ports port 80 # http 24 acl Safe_ports port 21 # ftp 25 acl Safe_ports port 443 563 # https, snews 26 acl Safe_ports port 70 # gopher 27 acl Safe_ports port 210 # wais 28 acl Safe_ports port 1025-65535 # unregistered ports 29 acl Safe_ports port 280 # http-mgmt 30 acl Safe_ports port 488 # gss-http 31 acl Safe_ports port 591 # filemaker 32 acl Safe_ports port 777 # multiling http 33 acl CONNECT method CONNECT 34 http_access allow localhost 35 http_access deny !Safe_ports 36 http_access deny CONNECT !SSL_ports 37 http_reply_access allow all 38 icp_access allow all 39 cache_mgr youremail@youraddress.com 40 coredump_dir /var/spool/squid Retrieved from "http://annvix.org/Documentation/Squid"
	Views Page Discussion View source History This page was last modified 20:58, 3 March 2007. About Annvix Disclaimers Sponsors: Loans - Mortgages - Phoenix Landscaping - Phoenix Landscaping