Squid

PRESENTED BY:

Javeria
11-arid-3303
MIT-3
University Institute of Information Technology ,
Rawalpindi(UIIT,UAAR)
Pakistan

Topics to be covered:
 What is Web Proxy??
 Purpose of using Proxy
 Squid
 Installation & Configuration Of Squid
 Demo

Web Proxy

A web proxy is a is a server (a computer system or an
application) that acts as an intermediary for requests from
clients seeking resources from other servers.

internet

browser Web proxy
server

Main purpose of using proxies
 Improve Performance

o Caching

o Bandwidth control

 Provides detailed logs of user activity

 Filter Requests

 Surfing Anonymously

 Security

Some proxies
– Microsoft Proxy Server
– Nginx
– Ccproxy
– Squid

SQUID
Squid is a free, open source, mostly used proxy caching
server

Internet Service Providers (ISPs) have used Squid proxy
servers since the early 1990s to provide faster download
speeds for delivering rich media and streaming video.

Website operators frequently put a Squid proxy server as a
content accelerator, caching frequently viewed content and
easing loads on Web servers, to improve the experience of
viewers, load balancing and handling traffic spikes for
popular content.

Squid as Proxy Cache
 Squid acts as a proxy cache. It behaves like an agent
that receives requests from clients (web browsers) and
passes them to the specified server.
 When the requested objects arrive at the agent, it stores
a copy in a disk cache.
 When different clients request the same objects: these
are served directly from the disk cache, much faster
than obtaining them from the Internet.
 This results in less network traffic and thus saves
bandwidth.

Squid provides a number of great features useful
for administrative purpose such as:

 allow/ deny access to specific sites

 allow/ deny access to specific clients/ users

 block URL(s) with specific word

 deny some port numbers
 Squid support the use of a database such as mySQL for
storing the access control list

 limit the number of connections from a client

 allow some clients/users to use the cache at specific times

 customize, or make your own error messages.

 use proxy-authentication. In this scheme, you assign
usernames and passwords to individuals. When they first use
the proxy they are asked to authenticate themselves by
entering their username and password.

 Maintain user log

 sudo gedit /var/log/squid3/access.log

 You can use this file to find out who is using
squid server and what they are doing etc

(Access Control Lists)

 Define ACLs in configuration file and apply rules
on them.
 ACLs have many options to restrict access based
on source ip address, destination ip address, source
domain, and destination domain. A properly
configured set of ACLs can do things like:
○ restrict access to websites by IP address,
○ limit or block websites by name,
○ restrict web access by time and day, or
○ regular expression matches, such as .exe files or “game” in
URL names.

Syntax to create and implement ACL:
○ acl aclname acltype argument ...
○ aclelement allow(/deny) aclname

 Examples:
○ acl blocked_websites dstdomain .reddit.com .twitter.com
○ http_access deny blocked_websites

○ acl badURL url_regex valentine
○ http_access deny badURL

○ acl pm_work time MTWHF 15:00-17:00
○ http_access deny pm_work

ACL TYPES AVAILABLE
 Squid knows about almost 25 types of ACL. Some of them
are:
 src: source (client) IP addresses
 dst: destination (server) IP addresses
 srcdomain: source (client) domain name
 dstdomain: destination (server) domain name
 time: time of day, and day of week
 url_regex: URL regular expression pattern matching
 maxconn: a limit on the maximum number of connections from a
single client IP address
 max_user_ip: a limit on the maximum number of IP addresses one
user can login from

ACCESS LISTS ELEMENTS AVAILABLE
 There are a number of different access lists elements. Some are:
 http_access: Allows HTTP clients (browsers) to access the HTTP
port. This is the primary access control list.
 cache: Defines responses that should not be cached.
 url_rewrite_access: Controls which requests are sent through the
redirector pool.
 always_direct: Controls which requests should always be
forwarded directly to origin servers.
 never_direct: Controls which requests should never be forwarded
directly to origin servers.
 delay_access: Controls which requests are handled by what delay
pool
 log_access: Controls which requests are logged. This is global and
overrides specific file access lists appended
to access_log directives.

 Official web site:
http://www.squid-cache.org/

 Contains:
 FAQ
 Lots of great information!

HARDWARE REQUIREMENTS
FOR INSTALLING SQUID

 LINUX operating system
 128MB RAM minimum recommended
 Disk
 512MB to 1GB for small user counts
 16GB to 24GB for large user counts

DOWNLOAD AND INSTALL

 In Ubuntu:
sudo apt-get install squid
[APT stands for “Advanced Packaging Tool”]

 In Redhat / CentOS
yum install squid
[YUM stands for “Yellowdog Updater, Modified”]

EDIT CONFIGURATION FILE
 Command to Open conf file:
sudo gedit /etc/squid3/squid.conf

 Make these changes in conf file:
 http_access deny all > change it to http_access allow all
 acl blocked_websites dstdomain .twitter.com
 http_access deny blocked_websites

 Save and close conf file

 Restart squid
sudo service squid restart

CONNECT TO PROXY SERVER
Open Web Browser
Go to:
 Connection Settings
 Internet Properties
 LAN Settings
 Manual proxy configuration
 Http proxy: ip address of proxy server
 Port : 3128 (default port for Squid proxy server)

UNINSTALLING SQUID

 In Ubuntu:
sudo apt-get remove squid

 In Redhat / CentOS
yum remove squid

THANK YOU!

Javeria
(11-arid-3303)

Squid

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (20)

Similar to Squid

Similar to Squid (20)

More from Syeda Javeria

More from Syeda Javeria (15)

Recently uploaded

Recently uploaded (20)

Squid