How to setup squid proxy server

This note provides how to setup squid proxy service.

Install squid proxy

yum -y install squid

Allow access

sed -i -e '/http_access allow/a #Allow access for localnet\nhttp_access allow localnet' /etc/squid/squid.conf

Change port to 8080

sed -i -e '/http_port/ s/3128/8080/g' /etc/squid/squid.conf

Other tuning parameters

cat >> /etc/squid/squid.conf <<EOF
request_header_access Referer deny all
request_header_access X-Forwarded-For deny all
request_header_access Via deny all
request_header_access Cache-Control deny all
visible_hostname webproxy.infotheater.net
forwarded_for on
EOF

Open firewall

sed -i -e '/#Add custom rules below/a #Squid proxy\n-A INPUT -m state --state NEW -p tcp --dport 8080 -j ALLOWED_IPS' /etc/sysconfig/iptables
service iptables reload

Make sure service start upon system startup

chkconfig squid on
service squid start

Install squid report-lightsquid service

yum -y install lightsquid lightsquid-apache

Open firewall for lightsquid

sed -i -e '/#Add custom rules below/a #Squid proxy\n-A INPUT -p tcp --dport 80 -j ALLOWED_IPS' /etc/sysconfig/iptables
service iptables reload

Generate report

/usr/sbin/lightparser.pl

Configure authentication for report portal

cat > /usr/share/lightsquid/cgi/.htaccess <<EOF
AuthUserFile /usr/share/lightsquid/cgi/.htpasswd
AuthName "Authorization Required"
AuthType Basic

require user squidadmin
EOF

htpasswd -cb /usr/share/lightsquid/cgi/.htpasswd squidadmin squidpasswd

sed -i -e '/AllowOverride/ s/None/AuthConfig/g' /etc/httpd/conf.d/lightsquid.conf

chkconfig httpd on
service httpd start

Search This Blog

CT's Tech Notes

How to setup squid proxy server

Comments

Post a Comment