This post describes the steps to setup a Squid 3 Proxy Server on CentOS6.3. Squid service plays two main roles which mainly act as a caching proxy server between the user and the web. Second role, squid also regularly used as a content accelerator, or reverse proxy, intercepting requests to a server and using a cached version of the page to serve the request. Follow below steps to install and configure squid.
1. Run yum install :
[root@centos63 ~]# yum install squid -y Loaded plugins: fastestmirror, presto, priorities Loading mirror speeds from cached hostfile * base: centos.ipserverone.com * extras: centos.ipserverone.com * updates: centos.ipserverone.com CentOS6.3-Repository | 4.0 kB 00:00 ... Setting up Install Process Resolving Dependencies --> Running transaction check ---> Package squid.i686 7:3.1.10-9.el6_3 will be installed --> Finished Dependency Resolution Dependencies Resolved ==================================================================================================== Package Arch Version Repository Size ==================================================================================================== Installing: squid i686 7:3.1.10-9.el6_3 updates 1.7 M Transaction Summary ==================================================================================================== Install 1 Package(s) Total download size: 1.7 M Installed size: 5.7 M Downloading Packages: Setting up and reading Presto delta metadata Processing delta metadata Package(s) data still to download: 1.7 M squid-3.1.10-9.el6_3.i686.rpm | 1.7 MB 00:14 Running rpm_check_debug Running Transaction Test Transaction Test Succeeded Running Transaction Installing : 7:squid-3.1.10-9.el6_3.i686 1/1 Verifying : 7:squid-3.1.10-9.el6_3.i686 1/1 Installed: squid.i686 7:3.1.10-9.el6_3 Complete!
2. Configure main squid configuration file. Use vi to edit :
[root@centos63 ~]# vi /etc/squid/squid.conf
3. Add internal network name into the IP networks list where browsing should be allowed. In this example, your internal network name is ehowstuff :
# Example rule allowing access from your local networks. # Adapt to list your (internal) IP networks from where browsing # should be allowed acl localnet src 10.0.0.0/8 # RFC1918 possible internal network acl localnet src 172.16.0.0/12 # RFC1918 possible internal network acl localnet src 192.168.0.0/16 # RFC1918 possible internal network acl localnet src fc00::/7 # RFC 4193 local private network range acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines acl ehowstuff src 192.168.1.0/24 # Your internal network
4. Add ehowstuff network in the ACL section list IP networks where browsing should be allowed :
http_access allow localnet http_access allow localhost http_access allow ehowstuff
5. Make sure squid proxy port is uncomment. You can change the proxy port to any available port here. As an example, other available port is 8080.
# Squid normally listens to port 3128 http_port 3128
6. Start squid service :
[root@centos63 ~]# service squid start Starting squid: [ OK ]
7. Configure at proxy setting at client’s browser as below :
1 Comment
Nice explanation 🙂
http://nexolinux.com/proxy-squid-control-de-accesos-acl-ii-2/