Squid

Primary tabs

squid

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. It reduces bandwidth and improves response times by caching and reusing frequently-requested web pages. Squid has extensive access controls and makes a great server accelerator.

Installation
Download the latest stable version of Squid

cd /extra/src
wget http://www.squid-cache.org/Versions/v3/3.5/squid-3.5.3.tar.gz 
tar zxf squid-3.5.3.tar.gz
cd squid-3.5.3

Configure Squid as a transparent proxy:

./configure --enable-linux-netfilter --enable-follow-x-forwarded-for
make
make install

Enable the default cache_effective_user, nobody, to access the log directory:

chown nobody:nobody /usr/local/squid/var/logs

Basic Configuration
The default configuration file is /usr/local/squid/etc/squid.conf. If you are going to proxy requests for your internal network, add a localnet directive for your internal network (if there isn't one already):

acl localnet src 192.168.0.0/16

If you don't want to cache any data and only log requests through the Squid proxy, you can use the cache access list to make Squid never cache anything:

cache deny all

Automatic startup
We're going to use daemontools. If you haven't already, install daemontools.

Create a directory for the Squid service:

mkdir -m 1755 /var/service/squid
cd /var/service/squid

Create the /var/service/squid/run script, making sure to change the servername:

#!/bin/sh
rm -f /var/run/squid/squid.pid
exec /usr/local/squid/sbin/squid -N 2>&1

Make the script executable:

chmod 755 run

Our log script comes from John Simpson's:

mkdir -m 755 log
cd log
wget http://qmail.jms1.net/scripts/service-any-log-run 
mv service-any-log-run run
chmod 755 run

Finally, add the service to daemontools by creating the symbolic link in /service

ln -s /var/service/squid /service/squid

Confirm that the service is running:

svstat /service/squid /service/squid/log

Transparent Proxy

iptables -t nat -A PREROUTING -s SQUIDIP -p tcp --dport 80 -j ACCEPT
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 3128
iptables -t nat -A POSTROUTING -j MASQUERADE

Restarting Squid
To reload Squid after making configuration changes:

/usr/local/squid/sbin/squid -k reconfigure

Recent Updates

Apache

2 years 1 day ago
Apache

2 years 1 day ago
lighttpd

2 years 3 days ago

php 8.x
MariaDB

2 years 4 days ago

10.6.7
CentOS

2 years 6 days ago

Drop Centos 5/6 stuff

Recent Links

SquidGuard

SquidGuard is a URL redirector used to use blacklists with the proxysoftware Squid. There are two big advantages to squidguard: it is fast and it is free.
NCurses Disk Usage

A disk usage analyzer with an ncurses interface, aimed to be run on a remote server where you don't have an entire gaphical setup, but have to do with a simple SSH connection. ncdu aims to be fast, simple and easy to use, and should be able to run in any minimal POSIX-like environment with ncurses installed.
WPKG

WPKG is an automated software deployment, upgrade and removal program for Windows.

It can be used to push/pull software packages, such as Service Packs, hotfixes, or program installations from a central server (for example, Samba or Active Directory) to a number of workstations.

It can run as a service to install software in the background (silent install), without user interaction.

It can install MSI, InstallShield, PackagefortheWeb, Inno Setup, Nullsoft, other software installers or .exe packages, .bat and .cmd scripts and similar: no more repackaging to perform software installation.

WPKG is open source software.
opsi

opsi (Open PC Server Integration) the Open Source client management system
Vagrant

Vagrant is a tool for building complete development environments. With an easy-to-use workflow and focus on automation, Vagrant lowers development environment setup time, increases development/production parity, and makes the "works on my machine" excuse a relic of the past.

Main menu

You are here

Squid

Primary tabs

Recent Updates

Recent Links