{"id":3200,"date":"2012-06-04T23:26:51","date_gmt":"2012-06-04T15:26:51","guid":{"rendered":"https:\/\/webhostinggeeks.com\/howto\/?p=3200"},"modified":"2023-07-04T15:23:50","modified_gmt":"2023-07-04T15:23:50","slug":"how-to-install-and-configure-squid-proxy-server-on-fedora-16","status":"publish","type":"post","link":"https:\/\/webhostinggeeks.com\/howto\/how-to-install-and-configure-squid-proxy-server-on-fedora-16\/","title":{"rendered":"How to Install and Configure Squid Proxy Server on Fedora 16"},"content":{"rendered":"

One of the tools that can help achieve efficient and secure data transfer is a proxy server<\/a>. A proxy server acts as an intermediary between the user and the web, enhancing security, improving performance, and allowing for content control and caching.<\/p>\n

Squid<\/a> is one of the most popular proxy servers for linux environments. It is is a caching proxy server that supports HTTP, HTTPS, FTP, and more. It significantly improves the performance by caching repeated requests, reducing bandwidth, and improving response times.<\/p>\n

This tutorial will guide you through the process of installing and configuring the Squid proxy server on Fedora 16.<\/p>\n

Step 1: Install Squid Proxy Server<\/h2>\n

The first step is to install the Squid proxy server on your Fedora 16 system. This can be done using the yum command as follows:<\/p>\n

\r\n[root@fedora16 ~]# yum install squid -y\r\n<\/pre>\n
This command will install the Squid proxy server and all its dependencies.<\/p>\n
Examples:<\/p>\n
\r\n[root@fedora16 ~]# yum install squid -y\r\nFedora16-Repository                                                          | 3.7 kB     00:00 ...\r\nSetting up Install Process\r\nResolving Dependencies\r\n--> Running transaction check\r\n---> Package squid.i686 7:3.2.0.16-1.fc16 will be installed\r\n--> Processing Dependency: libecap.so.2 for package: 7:squid-3.2.0.16-1.fc16.i686\r\n--> Running transaction check\r\n---> Package libecap.i686 0:0.2.0-2.fc16 will be installed\r\n--> Finished Dependency Resolution\r\n\r\nDependencies Resolved\r\n\r\n====================================================================================================\r\n Package              Arch              Version                          Repository            Size\r\n====================================================================================================\r\nInstalling:\r\n squid                i686              7:3.2.0.16-1.fc16                updates              2.3 M\r\nInstalling for dependencies:\r\n libecap              i686              0.2.0-2.fc16                     updates               18 k\r\n\r\nTransaction Summary\r\n====================================================================================================\r\nInstall       2 Packages\r\n\r\nTotal download size: 2.3 M\r\nInstalled size: 7.7 M\r\nDownloading Packages:\r\n(1\/2): libecap-0.2.0-2.fc16.i686.rpm                                         |  18 kB     00:00\r\n(2\/2): squid-3.2.0.16-1.fc16.i686.rpm                                        | 2.3 MB     00:27\r\n----------------------------------------------------------------------------------------------------\r\nTotal                                                                81 kB\/s | 2.3 MB     00:28\r\nRunning Transaction Check\r\nRunning Transaction Test\r\nTransaction Test Succeeded\r\nRunning Transaction\r\n  Installing : libecap-0.2.0-2.fc16.i686                                                        1\/2\r\n  Installing : 7:squid-3.2.0.16-1.fc16.i686                                                     2\/2\r\n\r\nInstalled:\r\n  squid.i686 7:3.2.0.16-1.fc16\r\n\r\nDependency Installed:\r\n  libecap.i686 0:0.2.0-2.fc16\r\n\r\nComplete!\r\n<\/pre>\n
Step 2: Configure Server Hosts File<\/h2>\n
Next, you need to configure the server hosts file. This can be done using the vi editor as follows:<\/p>\n
\r\n[root@fedora16 ~]# vi \/etc\/hosts\r\n<\/pre>\n
In the hosts file, you should have entries similar to the following:<\/p>\n
\r\n127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4\r\n::1         localhost localhost.localdomain localhost6 localhost6.localdomain6\r\n\r\n192.168.1.47   fedora16.geeks.local\r\n<\/pre>\n
Step 3: Configure Main Squid Configuration File<\/h2>\n
The next step is to configure the main Squid configuration file. This can be done using the vi editor as follows:<\/p>\n
\r\n[root@fedora16 ~]# vi \/etc\/squid\/squid.conf\r\n<\/pre>\n
In the configuration file, you need to add your internal network name into the IP networks list where browsing should be allowed. For example, if your internal network name is geeks, you would add the following entry:<\/p>\n
\r\nacl geeks src 192.168.1.0\/24 # geeks network\r\n<\/pre>\n
You also need to add geeks to the http_access allow section as follows:<\/p>\n
\r\nhttp_access allow geeks\r\n<\/pre>\n
Examples:<\/p>\n
\r\n# Example rule allowing access from your local networks.\r\n# Adapt to list your (internal) IP networks from where browsing\r\n# should be allowed\r\nacl localnet src 10.0.0.0\/8     # RFC1918 possible internal network\r\nacl localnet src 172.16.0.0\/12  # RFC1918 possible internal network\r\nacl localnet src 192.168.0.0\/16 # RFC1918 possible internal network\r\nacl localnet src fc00::\/7       # RFC 4193 local private network range\r\nacl localnet src fe80::\/10      # RFC 4291 link-local (directly plugged) machines\r\nacl geeks src 192.168.1.0\/24    # geeks network\r\n<\/pre>\n
\r\n# Example rule allowing access from your local networks.\r\n# Adapt localnet in the ACL section to list your (internal) IP networks\r\n# from where browsing should be allowed\r\nhttp_access allow localnet\r\nhttp_access allow localhost\r\n<\/pre>\n
Add geeks to http_access allow as below :<\/p>\n
\r\n# Example rule allowing access from your local networks.\r\n# Adapt localnet in the ACL section to list your (internal) IP networks\r\n# from where browsing should be allowed\r\nhttp_access allow localnet\r\nhttp_access allow localhost\r\nhttp_access allow geeks\r\n<\/pre>\n
Finally, make sure the Squid proxy port is uncommented. The default Squid port is 3128, but you can change it to any available port. For example, you can change it to 8080 as follows:<\/p>\n
\r\nhttp_port 8080\r\n<\/pre>\n
Step 4: Configure Auto Start at Boot for Squid Service<\/h2>\n
To ensure that the Squid service starts automatically at boot, you can use the chkconfig command as follows:<\/p>\n
\r\n[root@fedora16 ~]# chkconfig squid on\r\n<\/pre>\n
Step 5: Start and Stop Squid Service<\/h2>\n
To start the Squid service, use the following command:<\/p>\n
\r\n[root@fedora16 ~]# service squid restart\r\n<\/pre>\n
To stop the Squid service, use the following command:<\/p>\n
\r\n[root@fedora16 ~]# service squid stop\r\n<\/pre>\n
Step 6: Configure Firewall<\/h2>\n
Next, you need to add the Squid port to bypass the iptables firewall. Alternatively, you can disable the iptables, but it is recommended to implement iptables on the server. To stop the iptables service, use the following commands:<\/p>\n
\r\n[root@fedora16 ~]# service iptables stop\r\n[root@fedora16 ~]# service ip6tables stop\r\n<\/pre>\n
Step 7: Configure Client Browser<\/h2>\n
Finally, you need to configure the client browser to use the Squid proxy server. The specific steps for this will depend on the browser you are using.<\/p>\n
Full Squid 3 Configuration:<\/p>\n
\r\n#\r\n# Recommended minimum configuration:\r\n#\r\n\r\n# Example rule allowing access from your local networks.\r\n# Adapt to list your (internal) IP networks from where browsing\r\n# should be allowed\r\nacl localnet src 10.0.0.0\/8     # RFC1918 possible internal network\r\nacl localnet src 172.16.0.0\/12  # RFC1918 possible internal network\r\nacl localnet src 192.168.0.0\/16 # RFC1918 possible internal network\r\nacl localnet src fc00::\/7       # RFC 4193 local private network range\r\nacl localnet src fe80::\/10      # RFC 4291 link-local (directly plugged) machines\r\nacl geeks src 192.168.1.0\/24    # geeks network\r\n\r\nacl SSL_ports port 443\r\nacl Safe_ports port 80          # http\r\nacl Safe_ports port 21          # ftp\r\nacl Safe_ports port 443         # https\r\nacl Safe_ports port 70          # gopher\r\nacl Safe_ports port 210         # wais\r\nacl Safe_ports port 1025-65535  # unregistered ports\r\nacl Safe_ports port 280         # http-mgmt\r\nacl Safe_ports port 488         # gss-http\r\nacl Safe_ports port 591         # filemaker\r\nacl Safe_ports port 777         # multiling http\r\nacl CONNECT method CONNECT\r\n\r\n#\r\n# Recommended minimum Access Permission configuration:\r\n#\r\n# Only allow cachemgr access from localhost\r\nhttp_access allow localhost manager\r\nhttp_access deny manager\r\n\r\n# Deny requests to certain unsafe ports\r\nhttp_access deny !Safe_ports\r\n\r\n# Deny CONNECT to other than secure SSL ports\r\nhttp_access deny CONNECT !SSL_ports\r\n\r\n# We strongly recommend the following be uncommented to protect innocent\r\n# web applications running on the proxy server who think the only\r\n# one who can access services on \"localhost\" is a local user\r\n#http_access deny to_localhost\r\n\r\n#\r\n# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS\r\n#\r\n\r\n# Example rule allowing access from your local networks.\r\n# Adapt localnet in the ACL section to list your (internal) IP networks\r\n# from where browsing should be allowed\r\nhttp_access allow localnet\r\nhttp_access allow localhost\r\nhttp_access allow geeks\r\n\r\n# And finally deny all other access to this proxy\r\nhttp_access deny all\r\n\r\n# Squid normally listens to port 3128\r\nhttp_port 3128\r\n\r\n# Uncomment and adjust the following to add a disk cache directory.\r\n#cache_dir ufs \/var\/spool\/squid 100 16 256\r\n\r\n# Leave coredumps in the first cache dir\r\ncoredump_dir \/var\/spool\/squid\r\n\r\n# Add any of your own refresh_pattern entries above these.\r\nrefresh_pattern ^ftp:           1440    20%     10080\r\nrefresh_pattern ^gopher:        1440    0%      1440\r\nrefresh_pattern -i (\/cgi-bin\/|\\?) 0     0%      0\r\nrefresh_pattern .               0       20%     4320\r\n<\/pre>\n
Conclusion<\/h2>\n
In this tutorial, we have walked through the steps of installing and configuring the Squid proxy server on Fedora 16. By following these steps, you can set up a secure and efficient proxy server that can improve your network’s performance and security.<\/p>\n
Remember, Squid is just one of the many proxy servers available. To choose the best one for your needs, you might want to compare different proxy servers. Check out this link<\/a> for a comparison of the best proxy servers.<\/p>\n
If you’re interested in learning more about different types of web servers, such as Apache, Nginx, LiteSpeed, and more, or if you want to understand more about different hosting options like dedicated server hosting, VPS hosting, cloud hosting, and shared hosting, visit the following links:<\/p>\n
Feel free to leave a comment if you have any questions or need further clarification on any of the steps.<\/p>\n","protected":false},"excerpt":{"rendered":"
One of the tools that can help achieve efficient and secure data transfer is a proxy server. A proxy server acts as an intermediary between the user and the web,…<\/p>\n","protected":false},"author":6,"featured_media":2471,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"wds_primary_category":0,"footnotes":""},"categories":[2057,1057],"tags":[2089,1371,1975,1536,1546,1678,1793],"class_list":["post-3200","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-fedora","category-squid-server","tag-configuration","tag-fedora-16","tag-install","tag-linux","tag-linux-utilities","tag-proxy","tag-squid"],"_links":{"self":[{"href":"https:\/\/webhostinggeeks.com\/howto\/wp-json\/wp\/v2\/posts\/3200","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/webhostinggeeks.com\/howto\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/webhostinggeeks.com\/howto\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/webhostinggeeks.com\/howto\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/webhostinggeeks.com\/howto\/wp-json\/wp\/v2\/comments?post=3200"}],"version-history":[{"count":0,"href":"https:\/\/webhostinggeeks.com\/howto\/wp-json\/wp\/v2\/posts\/3200\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/webhostinggeeks.com\/howto\/wp-json\/wp\/v2\/media\/2471"}],"wp:attachment":[{"href":"https:\/\/webhostinggeeks.com\/howto\/wp-json\/wp\/v2\/media?parent=3200"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/webhostinggeeks.com\/howto\/wp-json\/wp\/v2\/categories?post=3200"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/webhostinggeeks.com\/howto\/wp-json\/wp\/v2\/tags?post=3200"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}