DISCLAIMER : Please note that blog owner takes no responsibility of any kind for any type of data loss or damage by trying any of the command/method mentioned in this blog. You may use the commands/method/scripts on your own responsibility.If you find something useful, a comment would be appreciated to let other viewers also know that the solution/method work(ed) for you.


Install and configure Squid proxy server on Linux

A proxy server is a computer that acts as an intermediary between a desktop computer and the internet and allows a client machine to make an indirect connection to network servers and services. There are many reasons why you might want to include a proxy server on your network:

  1. To share internet connection on a LAN
  2. To speed up internet surfing
  3. To hide the IP address of the client computer for anonymous surfing
  4. To implement internet access control
  5. To scan outbound content
  6. To circumvent regional restrictions
Clearly some of the above reasons are perfectly fitting for a business and some, well, may not fall in line with your best practices. Regardless, knowing how to install and configure a proxy server is a must-have skill for a network administrator. So, let's take care of that. 

1. Install Squid


Squid can be easily install using yum command line tool.
# yum install squid

2. Setup Port and Start Service


Squid by default run on port 3128. If you want to start squid on different port, Edit squid configuration file and change http_port value. For example we are changing squid to run on port 8080.
# vim /etc/squid/squid.conf
http_port 8080
Start/Restart Squid service.
# service squid restart

3. Configure SQUID to Block Specific Website


Add below rules to block specific website before any allow all rules. Below example will block yahoo.com and www.rediff.com.
acl blocksite1 dstdomain yahoo.com
acl blocksite2 dstdomain www.rediff.com
http_access deny blocksite1
http_access deny blocksite2
If you have a long list of domain names, Create a file /etc/squid/blockwebsites.lst and put domain names one per line and add below rule in squid configuration file.
acl blocksitelist dstdomain "/etc/squid/blockwebsites.lst"
http_access deny blocksitelist
blockwebsites.lst file content example:
# cat /etc/squid/blockwebsites.lst
yahoo.com
www.rediff.com

4. Configure Squid to Block Specific Keyword


Add below rules to block specific website before any allow all rules. Below example will block all pages having keyword yahoo or gmail.
acl blockkeyword1 url_regex yahoo
acl blockkeyword2 url_regex gmail
http_access deny blockkeyword1
http_access deny blockkeyword2
If you have a long list of keywords, Create a file /etc/squid/blockkeywords.lst and put keywords one per line and add below rule in squid configuration file.
acl blockkeywordlist url_regex "/etc/squid/blockkeywords.lst"
http_access deny blockkeywordlist
blockkeywords.lst file content example:
# cat /etc/squid/blockkeywords.lst
yahoo
gmail
facebook
Congratulation’s you have successfully installed and configured Squid proxy server

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.