• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content




Squid[Linux-based Web Proxy Server]

Squid[Linux-based Web Proxy Server]



Total Views
Views on SlideShare
Embed Views



0 Embeds 0

No embeds



Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.


11 of 1 previous next

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

    Squid Squid Presentation Transcript

    • PRESENTED BY: Javeria 11-arid-3303 MIT-3University Institute of Information Technology , Rawalpindi(UIIT,UAAR) Pakistan
    • Topics to be covered: What is Web Proxy?? Purpose of using Proxy Squid Installation & Configuration Of Squid Demo
    • Web ProxyA web proxy is a is a server (a computer system or anapplication) that acts as an intermediary for requests fromclients seeking resources from other servers. internet browser Web proxy server
    • Main purpose of using proxies Improve Performance o Caching o Bandwidth control Provides detailed logs of user activity Filter Requests Surfing Anonymously Security
    • Some proxies – Microsoft Proxy Server – Nginx – Ccproxy – Squid
    • SQUIDSquid is a free, open source, mostly used proxy cachingserverInternet Service Providers (ISPs) have used Squid proxyservers since the early 1990s to provide faster downloadspeeds for delivering rich media and streaming video.Website operators frequently put a Squid proxy server as acontent accelerator, caching frequently viewed content andeasing loads on Web servers, to improve the experience ofviewers, load balancing and handling traffic spikes forpopular content.
    • Squid as Proxy Cache Squid acts as a proxy cache. It behaves like an agent that receives requests from clients (web browsers) and passes them to the specified server. When the requested objects arrive at the agent, it stores a copy in a disk cache. When different clients request the same objects: these are served directly from the disk cache, much faster than obtaining them from the Internet. This results in less network traffic and thus saves bandwidth.
    • Squid provides a number of great features useful for administrative purpose such as: allow/ deny access to specific sites allow/ deny access to specific clients/ users block URL(s) with specific word deny some port numbers Squid support the use of a database such as mySQL for storing the access control list
    •  limit the number of connections from a client allow some clients/users to use the cache at specific times customize, or make your own error messages. use proxy-authentication. In this scheme, you assign usernames and passwords to individuals. When they first use the proxy they are asked to authenticate themselves by entering their username and password. Maintain user log
    •  sudo gedit /var/log/squid3/access.log You can use this file to find out who is using squid server and what they are doing etc
    • (Access Control Lists) Define ACLs in configuration file and apply rules on them. ACLs have many options to restrict access based on source ip address, destination ip address, source domain, and destination domain. A properly configured set of ACLs can do things like: ○ restrict access to websites by IP address, ○ limit or block websites by name, ○ restrict web access by time and day, or ○ regular expression matches, such as .exe files or “game” in URL names.
    • Syntax to create and implement ACL: ○ acl aclname acltype argument ... ○ aclelement allow(/deny) aclname Examples: ○ acl blocked_websites dstdomain .reddit.com .twitter.com ○ http_access deny blocked_websites ○ acl badURL url_regex valentine ○ http_access deny badURL ○ acl pm_work time MTWHF 15:00-17:00 ○ http_access deny pm_work
    • ACL TYPES AVAILABLE Squid knows about almost 25 types of ACL. Some of them are:  src: source (client) IP addresses  dst: destination (server) IP addresses  srcdomain: source (client) domain name  dstdomain: destination (server) domain name  time: time of day, and day of week  url_regex: URL regular expression pattern matching  maxconn: a limit on the maximum number of connections from a single client IP address  max_user_ip: a limit on the maximum number of IP addresses one user can login from
    • ACCESS LISTS ELEMENTS AVAILABLE There are a number of different access lists elements. Some are:  http_access: Allows HTTP clients (browsers) to access the HTTP port. This is the primary access control list.  cache: Defines responses that should not be cached.  url_rewrite_access: Controls which requests are sent through the redirector pool.  always_direct: Controls which requests should always be forwarded directly to origin servers.  never_direct: Controls which requests should never be forwarded directly to origin servers.  delay_access: Controls which requests are handled by what delay pool  log_access: Controls which requests are logged. This is global and overrides specific file access lists appended to access_log directives.
    •  Official web site: http://www.squid-cache.org/  Contains:  FAQ  Lots of great information!
    • HARDWARE REQUIREMENTS FOR INSTALLING SQUID LINUX operating system 128MB RAM minimum recommended Disk  512MB to 1GB for small user counts  16GB to 24GB for large user counts
    • DOWNLOAD AND INSTALL In Ubuntu: sudo apt-get install squid[APT stands for “Advanced Packaging Tool”] In Redhat / CentOS yum install squid[YUM stands for “Yellowdog Updater, Modified”]
    • EDIT CONFIGURATION FILE Command to Open conf file: sudo gedit /etc/squid3/squid.conf Make these changes in conf file:  http_access deny all > change it to http_access allow all  acl blocked_websites dstdomain .twitter.com  http_access deny blocked_websites Save and close conf file Restart squid sudo service squid restart
    • CONNECT TO PROXY SERVEROpen Web BrowserGo to: Connection Settings Internet Properties LAN Settings Manual proxy configuration  Http proxy: ip address of proxy server  Port : 3128 (default port for Squid proxy server)
    • UNINSTALLING SQUID In Ubuntu: sudo apt-get remove squid In Redhat / CentOS yum remove squid
    • THANK YOU! Javeria (11-arid-3303)