Squid Proxy Server

From Kathmann Labs

Contents 1 Squid Proxy Server 1.1 Hardware 1.2 Software 1.3 Web Links 1.4 How-tos 1.5 VMWare Virtual Appliances

[edit] Squid Proxy Server

A proxy server provides several benefits when serving internet access to a LAN such as:

• Speeds up Internet Browsing (for sites already visited)
• Reduces the load on your internet link
• Control access to the internet for networks, IP addresses, users, groups, sites, etc

• Reduces firewall overhead in sites that do restrict certain network or IP addresses, but allow others

• Anti-virus packages can be installed to protect users from downloading viruses
• Content Management packages can be installed to restrict access to certain content, such as in the Open Source Web Content Filtering Project
• Can provide an application level gateway (helps keep users from tunneling unapproved protocols through the HTTP & HTTPS ports)

---

LAN without a proxy - every request from every computer is fetched directly from the web server

LAN with proxy server - duplicate requests are cached locally in the proxy server, and only first time or updated requests are fetched from the web server

[edit] Hardware

Dell Poweredge SC440 (virtualized on VMWare Server)

[edit] Software

linux

Squid cache

SARG

[edit] Web Links

Squid Cache Web Page

Squid Cache Users Guide

[edit] How-tos

Squid-Cache Proxy Server on Red Hat (CentOS) Distributions

add anti-virus to the above project

add logging to the above project with SARG

Squid-Cache Proxy Server on Debian (Ubuntu) Distributions

add anti-virus to the above project

add logging to the above project with SARG

• make changes to the proxy settings on the client machines

• To help speed up the DNS resolutions you can also add Bind to cache DNS requests locally. Follow the instructions in the Bind DNS Internet Caching Server Project to add this.

• You will then need to change the nameservers on your local machine to point to itself.
• vi /etc/resolv.conf

• Change the first nameserver statement to nameserver 127.0.0.1

[edit] VMWare Virtual Appliances

CentOS / Squid / SARG VMWare Virtual Appliance - you will need to run "netconfig" on the VM once it's opened at the command line as the MAC address will have changed. The username is root, password kl-cent-squidproxy.

• Setup now for 1 CPU, 256MB RAM (can be lower), 4GB HD (SCSI LSI Logic, can also be lower)
• Cent OS 4.4 (2.6.9-42.0.10
• Squid 2.5.STABLE6-3
• SARG 2.2.1-1
• Also running nptd and Bind and Apache