Mar 14, 2020

Squid: How to setup a proxy...


If you are limited on bandwidth and you want to setup several machines, using a caching proxy will speed up your installation process significantly.



What is a caching proxy:
https://en.wikipedia.org/wiki/Proxy_server#Improving_performance

But proxies have some issues, that you should be aware of:
https://en.wikipedia.org/wiki/Proxy_server#Content-control_software

If you are sure, to use a proxy, just enter these commands:

root@zerberus:~# apt install squid
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following additional packages will be installed:
  libdbi-perl libecap3 squid-common squid-langpack
Suggested packages:
  libmldbm-perl libnet-daemon-perl libsql-statement-perl squidclient squid-cgi
  squid-purge resolvconf smbclient winbindd
[....]

Unpacking squid (3.5.27-1ubuntu1.5) ...
Setting up libecap3:amd64 (1.0.1-3.2) ...
Setting up squid-langpack (20170901-1) ...
Setting up squid-common (3.5.27-1ubuntu1.5) ...
Setting up libdbi-perl (1.640-1) ...
Setting up squid (3.5.27-1ubuntu1.5) ...
[....]
To check the default configuration you can use this command:
(to suppress the documentation and comments)

root@zerberus:/etc/squid# cat squid.conf |grep -v \# |grep -v -e "^$"

acl SSL_ports port 443
acl CONNECT method CONNECT
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
http_access allow localhost
http_access deny all
http_port 3128
coredump_dir /var/spool/squid
refresh_pattern ^ftp:        1440    20%    10080
refresh_pattern ^gopher:    1440    0%    1440
refresh_pattern -i (/cgi-bin/|\?) 0    0%    0
refresh_pattern (Release|Packages(.gz)*)$      0       20%     2880
refresh_pattern .        0    20%    4320

After the installation the squid process should be visible and listening to its default port 3128. Check this with
netstat -lntup
and you will find the following lines in the output:

tcp6       0      0 :::3128                 :::*                    LISTEN      25638/(squid-1)     
udp        0      0 0.0.0.0:45167           0.0.0.0:*                           25638/(squid-1)     
udp6       0      0 :::45347                :::*                                25638/(squid-1)     

To use this proxy just enter the proxy settings inside your system settings:


After that all of your connections are made over your proxy. You can check this via the file /var/log/squid/access.log and /var/log/squid/cache.log.

No comments:

Post a Comment