Escolar Documentos
Profissional Documentos
Cultura Documentos
NRCFOSS 1
Introduction
• Squid proxy server is designed to cache web content as
clients requests,it checks for presence of local copy of
request, if found servers it directly.This not only saves
bandwidth usage but accelerates web speed.
• Duane Wessels of the National Laboratory for Applied
Network Research (funded by the National Science
Foundation) leads code development.
• Squid is free, licensed under the GNU Public License.
Squid runs on nearly all flavors of Unix, including Linux.
NRCFOSS 2
Internet object caching
NRCFOSS 3
Supported OS
• Linux • IRIX
• FreeBSD • SunOS/Solaris
• NetBSD • NeXTStep
• OpenBSD • SCO Unix
• BSDI • AIX
• Mac OS/X • HP-UX
• OSF/Digital Unix/Tru64 • OS/2
NRCFOSS 4
System Requirements
• A web proxy cache requires a generous amount of memory
and a fast disk I/O subsystem.
• Memory is needed to maintain lists of cached objects, and
disks must be capable of keeping up with a steady flood of
random reads and writes.
• Typically processor speed is not a limiting factor, and a
modest processor can make a satisfactory proxy server
given the appropriate I/O and memory configuration.
NRCFOSS 5
Downloading Squid
• You must download a source archive file of the form
squid-x.y.z-src.tar.gz (eg, squid-1.1.6-src.tar.gz) from the
following sites,
• ftp://ftp.squid-cache.org/pub/
• http://www.squid-cache.org/mirrors.html
• Patch programs are available from the GNU FTP site
ftp://ftp.gnu.org/gnu/patch for upgrading to new versions.
NRCFOSS 6
Compiling Squid
• To compile Squid, you will need an ANSI C compiler.
Almost all modern Unix systems come with pre-installed
compilers which work just fine.
• The old SunOS compilers do not have support for ANSI C,
and the Sun compiler for Solaris is a product which must
be purchased separately.
• If you are uncertain about your system's C compiler, The
GNU C compiler is available at the GNU FTP site
ftp://ftp.gnu.org/gnu/gcc
• In addition to gcc, you may also want or need to install the
binutils package.
• You will need Perl installed on your system.
NRCFOSS 7
Compiling Squid
• For Squid-1.0 and Squid-1.1 versions, you can just type
make from the top-level directory after unpacking the
source files. For example:
% tar xzf squid-1.1.21-src.tar.gz
% cd squid-1.1.21
% make
NRCFOSS 8
Compiling Squid
• For Squid-2 you must run the configure script yourself
before running make:
% tar xzf squid-2.0.RELEASE-src.tar.gz
% cd squid-2.0.RELEASE
% ./configure
% make
NRCFOSS 9
Configuring Squid
• The configure script can take numerous options. The most
useful is --prefix to install it in a different directory. The
default installation directory is /usr/local/squid/. To change
the default, you could do:
% cd squid-x.y.z
% ./configure --prefix=/some/other/directory/squid
• To see all available options, type
NRCFOSS 10
Configuring Squid
• If there is a mismatch between the header files and DNS
library that Squid has found. There are a couple of things
you can try.
• First, try adding -lbind to XTRA_LIBS in src/Makefile.
• If -lresolv is already there, remove it.
NRCFOSS 11
Configuring Squid
• If that doesn't seem to work, edit your arpa/inet.h file and
comment out the following:
#define inet_addr __inet_addr
#define inet_aton __inet_aton
#define inet_lnaof __inet_lnaof
#define inet_makeaddr __inet_makeaddr
#define inet_neta __inet_neta
#define inet_netof __inet_netof
#define inet_network __inet_network
#define inet_net_ntop __inet_net_ntop
#define inet_net_pton __inet_net_pton
#define inet_ntoa __inet_ntoa
#define inet_pton __inet_pton
#define inet_ntop __inet_ntop
#define inet_nsap_addr __inet_nsap_addr
NRCFOSS
#define inet_nsap_ntoa __inet_nsap_ntoa 12
Installing Squid
• After compiling Squid, you can install it with this simple
command:
• If you have enabled the ICMP features then you will also
want to type
• After installing, you will want to edit and customize the
squid.conf file. By default, this file is located at
/usr/local/squid/etc/squid.conf.
NRCFOSS 13
Basic Configuration
• Some basic Configuration is to be done in Configuration
file. By default this file is in the following path
"usr/local/squid/etc/squid.conf". In the configuration file
uncomment and edit the following lines.
cache_dir
Set cache_dir to an area that has a large amount of hard
disk space in order to devote to caching.
Cache_dir ufs /usr/local/squid/cache 100 16 256 is
common.
http_port
Check http_port, 3128 is a default.
NRCFOSS 14
Basic Configuration
http_access
By default http_access is denied to all. You have to set
ACL rules as per your requirements. This is important
because it prevents people from stealing your network
resources
NRCFOSS 15
Configuring squid for proxy
• By default, squid is configured in proxy mode. In order to
cache web traffic and to use the squid system as a proxy,
you have to configure your browser, which needs at least
two pieces of information:
• the proxy server's host name
• the port that the proxy server is accepting requests on
NRCFOSS 16
Configuring squid for transparency
NRCFOSS 17
Configuring squid for transparency
NRCFOSS 18
Configuring squid for transparency
• For BSD-based systems, you probably have to configure
squid with the --enable-ipf-transparent option, and you
have to configure squid as:
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
http_port 80
httpd_accel_host visolve.com
httpd_accel_port 81
httpd_accel_single_host on
httpd_accel_with_proxy on
NRCFOSS 20
Configuring squid for Reverse Proxy
http_port 80
httpd_accel_host virtual
httpd_accel_port 81
httpd_accel_with_proxy on
httpd_accel_single_host off
NRCFOSS 21
Verification of Config. file
• To verify your configuration file you can use the -k parse
option
% /usr/local/squid/sbin/squid -k parse
• If this outputs any errors then these are syntax errors or
other fatal misconfigurations and needs to be corrected
before you continue.
• If it is silent and immediately gives back the command
prompt then your squid.conf is syntactically correct and
could be understood by Squid.
NRCFOSS 22
Starting Squid
• After you've finished editing the configuration file, you
can start Squid for the first time. First, you must create the
swap directories. Do this by running Squid with the -z
option:
/usr/local/squid/sbin/squid -z
• NOTE: If you run Squid as root then you may need to first create
/usr/local/squid/var/logs and your cache_dir directories and assign
ownership of these to the cache_effective_user configured in your
squid.conf.
NRCFOSS 23
Starting Squid
• Once that completes, you can start Squid and try it out.
Probably the best thing to do is run it from your terminal
and watch the debugging output. Use this command:
/usr/local/squid/sbin/squid -NCd1
NRCFOSS 24
Starting Squid
• If you want to run squid in the background, as a daemon
process, just leave off all options:
/usr/local/squid/sbin/squid
NRCFOSS 25
Checking the run status of Squid
• You can use the squidclient program:
% squidclient http://www.netscape.com/ > test
• There are other command-line HTTP client programs
available as well. Two that you may find useful are wget
and echoping.
• Another way is to use Squid itself to see if it can signal a
running Squid process:
% squid -k check
And then check the shell's exit status variable.
• Also, check the log files, most importantly the access.log
and cache.log files.
NRCFOSS 26
References
• http://www.squid-cache.org/Doc/FAQ/
• http://librenix.com/?inode=4483
• http://squid.visolve.com/squid/sqguide.htm
NRCFOSS 27