Configure and Setup Squid Cache Proxy Server On Fedora Core
Configure and Setup Squid Cache Proxy Server On Fedora Core
Configure and Setup Squid Cache Proxy Server On Fedora Core
The article below show the step by step to setup and configure SQUID proxy serve on
Fedora core with screenshot and SQUID configuration example.
To configure squid proxy server for local network client to access the internet.
This server have two network card using internal IP address and external IP address
Configure the Squid Cache Proxy to listen for proxy request from different network client
on internal IP address.
Configure Squid cache proxy server to listen request only from specific IP address
10.2.0.5 (internal IP card) on Port 8080.
Best Practice: before edit or make any changes to any config file, it's recommended that
you backup the file first.
Warning: If you don't need to change the default configuration on squid.conf file, you
shouldn't uncomment the line and leave it like it is.
2. Fist of all, we need to setup on which port Squid should listen for client proxy
request. By default Squid will listen on port 3128 on all IP address on the machine
On this project, we setup (configure) our Squid proxy to bind with the internal Ethernet
card which is using internal IP 10.2.0.5 and listen on port 8080 on that internal IP
address. With this configuration, Squid should only visible and listen to our internal
address only.
Customize the socket address where your Squid proxy should listen for HTTP client
request: Change the address to fit your network layout.
# NETWORK OPTIONS
........................
#Default:
# http_port 3128
http_port 10.2.0.5:8080
3. Scroll down the page and find # TAG: cache_mem (bytes), To increase the Squid
cache memory capacity, edit the default setting and put the appropriate memory size base
on your system capabilities. The example below show that the Squid cache memory
setting increase up to 256 MB. Take note that, before you change this setting make sure
your hardware can support the size of memory that you specify here.
4. Then find tag # TAG: cache_dir, then increase the size of cache directory to 2000
MB, also make sure that you have enough disk space before you change the size value.
# LOGFILE PATHNAMES AND CACHE DIRECTORIES
# -----------------------------------------------------------------------------
# TAG: cache_dir
# Usage:
#
# cache_dir Type Directory-Name Fs-specific-data [options]
#
------- +++++ ---------------------------
#
#Default:
# cache_dir ufs /var/spool/squid 100 16 256
cache_dir ufs /var/spool/squid 2000 16 256
# TAG: dns_nameservers
# Use this if you want to specify a list of DNS name servers
# (IP addresses) to use instead of those given in your
# /etc/resolv.conf file.
# On Windows platforms, if no value is specified here or in
# the /etc/resolv.conf file, the list of DNS name servers are
# taken from the Windows registry, both static and dynamic DHCP
# configurations are supported.
#
# Example: dns_nameservers 10.0.0.1 192.172.0.4
#
#Default:
# none
dns_nameservers 203.106.93.91 161.142.227.17 192.228.128.16 201.188.0.16
# ACCESS CONTROLS
# ---------------------------
----------- **** +++++
#Examples:
#acl macaddress arp 09:00:2b:23:45:67
#acl myexample dst_as 1241
#acl password proxy_auth REQUIRED
#acl fileupload req_mime_type -i ^multipart/form-data$
#acl javascript rep_mime_type -i ^application/x-javascript$
#
#Recommended minimum configuration:
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 2083 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 2083 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
==========================================
other example for Squid acl:
# TAG: always_direct
# Usage: always_direct allow|deny [!]aclname ...
#
# Here you can use ACL elements to specify requests which should
# ALWAYS be forwarded by Squid to the origin servers without using
# any peers. For example, to always directly forward requests for
# local servers ignoring any parents or siblings you may have use
# something like:
#
# acl local-servers dstdomain my.domain.net
# always_direct allow local-servers
#
# To always forward FTP requests directly, use
#
# acl FTP proto FTP
# always_direct allow FTP
+++++++++++++++++++++
#
#Default:
# none
acl FTP proto FTP
always_direct allow FTP
DONE
RECHECK THE CONFIGURATION SETTING.
SAVE THE SQUID CONFIGURATION FILE (squid.conf)
2. Then test run your Squid cache proxy by running Squid in debug-mode
Try access any web page trough the debug mode squid proxy
Press Ctrl+c key to end the debug mode testing
3. In case of a problem of starting your Squid cache proxy try read the Squid log file in
these following directory:
To make sure Squid automatic start after the system reboot, use the chkconfig command
to On Squid on runlevel 3 and 5. (Setting of automatic start on runlevel 3 and 5)
Note: The IP 10.2.0.5 using Port 8080 is the IP address used in this Squid cache proxy
project. Adjust that IP address and Port to fits your Proxy configuration.
The example of the squid configuration on this project aim to make Squid cache proxy
working to support the internal client with the most basic configuration, you can
customize and adding more option to squid by edit the config file /etc/squid/squid.conf .
Good Luck...
Related article:
Configure Squid proxy to Block client to access specific web URL.
Check hard disk size.
Keywords: how to configure squid, proxy server, configure squid proxy, setup squid,
setup proxy, setup proxy server, fedora core proxy, free proxy server, Squid cache proxy
server, Linux Fedora Core, step by step proxy setup, setup squid proxy, squid, browser
proxy, using squid proxy server.