Thursday, April 30, 2009

Setting up Squid as your caching HTTP/FTP proxy

Squid is a proxy caching server for HTTP/FTP requests. It caches data off
the net on your local network. So the next time the same data is being
accessed, whether it is html or a gif, it gets served up from the local
server rather than over the Internet -- saving you significant bandwidth.

Lets use the most commonly available proxy server for Linux and the most
stable one around, Squid. Installing and configuring it is a breeze as
you'll soon find out. To make things simpler I would suggest that you get
the Squid RPM from any of the download on the net for your distro.The
latest Stable release of Squid is squid-2.3.STABLE1-5.i386.rpm. If you are
not able to find it on your distro's CD then i would suggest you try out After having downloaded the RPM install it with the
following command.

Assuming you have downloaded the squid-2.3.STABLE1-5.i386.rpm release
the installation command is as follows.

bash# rpm -ivh squid-2.3.STABLE1-5.i386.rpm

And please do note that "bash#" stands for the shell prompt and you do not

need to replicate it in your command.

Having installed Squid sucessfully, now open the file /etc/squid.conf
using your favourite text editor. Some distributions put this file in
/etc/squid/. This is where it gets interesting and confusing too so read

Scroll down till you come to the line

#http_port 3128

This option sets your HTTP proxy port to 3128 which is the default port
that squid runs on. You can uncomment this line and set it to whatever
port you want. It is advisable to avoid port 80 since, if you are running
a Web Server on the Linux machine Apache would be listening on that port.

Scroll down till you come to the line

#cache_mem 8 MB

This option sets a limit on the amount of memory that squid may make use
of to store it's transient and cached objects temporarily in memory. This
limit that you may impose on squid is the soft limit and at any given
point of time Squid may double or triple the size of occupied memory all
depending on the size and the requirement of in-transient cached objects.
Uncomment this line and change the size of your Memory cache from 8 MB to
what ever size you want it too be. Keep in mind the amount of RAM that you
have on your machine when you allocate memory to SQUID. But for your
knowledge this occupancy of the specified Memory Limit is dynamic.

Scroll down until you come to the following lines


The following options are relative to setting up and tuning your web
cache. So lets get gunning pals. Here the first and most important one.

#cache_dir /var/squid/cache 100 16 256

Isn't this getting a little confusing, one parameter and three values to
it! C'mon let's demystify the whole thing. The values given here are the
values the Squid will use by default. So if the 'cache_dir' option isn't
implicitly mentioned then Squid resolves to maintaining the cache in
/var/squid/cache. Uncomment this option 'cache_dir' if you want to
customize the parameters.

The first parameter '/var/squid/cache' is the path to the cache files. You
may change this to suit whatever you want too, but remember whatever path
you may mention out here make sure that those directories exist because
Squid will never create the directories on it's own. Also a point to be
noted is that the directories should be writable by the Squid process. If
you are a novice and all of this is sounding too geekish then I suggest
you stick to the default values.

The next value '100' is the amount of space in MegaBytes(MB) that Squid
can utilize to store the cache contents. Modify this to whatever you think
is appropriate to suit your needs.

The next value referred to as 'Level-1' is the number of sub-directories
that Squid can create under the current Cache directory. I suggest that
for starters leave this as it is.

The next option is referred to as 'Level-2' is the number of Second Level
directories that Squid can create under each 'Level-1' directory. The
default is fine for the moment.

Scroll down till you come to the line:

# -----------------------------------------------------------------------------

The following lines define Access Control Lists for your Network. Squid
allows you to define various kinds of ACL's out here. So make it a point
to read this whole section of Access Controls carefully.

In this "ACCESS CONTROLS" section scroll down till you come to the
following lines.

#Default configuration:
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny all

What you need to do out here, is to setup your own ACL's (Access Control
Lists), else just comment out the last line as shown above and put the
following line in.

http_access allow all

So now your rule section should look like this.


#http_access deny all
http_access allow all

Three cheers and your proxy has been setup. Now you only need to make sure
that Squid starts every time your Linux box boots.

If your using RedHat then you can start in the following manner. Login as
Admin or "su" to root & use the "setup" command. Now enter the System
Services sub menu and enable Squid.

If your using SuSE then start YaST and go to "System Administration", then
go to "Change config File", then scroll down till you come to "START
SQUID" & just enable it from "NO" to "YES".

The next time you reboot your machine your Proxy will start automatically.

Before you start using squid you need to create the swap directories. Do
this by

/usr/sbin/squid -z

This just has to be done the first time.

To start Squid right now use the following command

bash#/etc/rc.d/init.t/squid start

There, you have setup, configured and started your proxy. Just make sure
your client's web browsers have the http proxy port setup as the same port
in your /etc/squid.conf file.

No comments: