Squid HTTP Proxy auf Ubuntu Server einrichten

Squid ist ein Open-Source Proxyserver. Das heißt Daten, die aus dem Internet angefordert werden, speichert Squid lokal in einem Cache und lädt diese bei Bedarf aus dem Zwischenspeicher nach. Dadurch ist der Datentransfer effizienter, weil weniger Netzbelastung durch große Datenmengen erzeugt wird. Aber man kann durch den Einsatz von Filtern auch die Sicherheit des Netzes erhöhen.

Aus der Wikipedia: “Squid zeichnet sich vor allem durch seine gute Skalierbarkeit aus. Squid unterstützt die Netzwerkprotokolle HTTP/HTTPS, FTP über HTTP und Gopher. Er kann sowohl für sehr kleine Netze (5-10 User), als auch für sehr große Proxyverbünde in Weitverkehrsnetzen mit mehreren hunderttausend Benutzern eingesetzt werden.”

Quelle: http://wiki.ubuntuusers.de/Squid

 

1.Installing the proxy

http://en.kioskea.net/faq/804-installing-an-http-proxy-server-squid

To install Squid type the following command in a terminal:

2.Configuring the proxy

Configuration of Squid is done by editing the following file: /etc/squid/squid.conf
To edit this file enter the following command:

2.1.Naming the proxy

Its important that Squid knows the name of the machine. To do this, locate the line visible_hostname.
For example, if the machine is called ubuntu insert:

 2.2 Choosing the Port

By default, the proxy server will use port 3128. To choose another port, locate the line:

and change the port number, for example:

 2.3.Choosing the interface

By default the proxy server will listen on all interfaces. For security reasons, its better to put it on your local network only. For example, if the network card connected to your LAN has IP 10.0.0.1, change the line:

2.4. Allow the use non-standard ports

By default, Squid allows HTTP traffic only on specific ports (e.g. 80). This can cause problems on websites using other ports.

To avoid this deadlock, find the line http_access deny! Safe_ports and the edit it to: # http_access deny! Safe_ports

2.5 Authentification

http://www.ubuntugeek.com/how-to-setup-transparent-squid-proxy-server-in-ubuntu.html

If you wish to use authentication with your proxy you will need to install apache2 utilities

sudo aptitude install squid squid-common apache2-utils

To add your first user you will need to specify -c

sudo htpasswd -c /etc/squid.passwd first_user

Thereafter you add new users with

sudo htpasswd /etc/squid.passwd another_user

Edit the squid config file

sudo vi /etc/squid/squid.conf

Set the the authentication parameters and the acl

auth_param basic program /usr/lib/squid3/ncsa_auth /etc/squid.passwd
auth_param basic children 5
auth_param basic realm NFYE Squid proxy-caching web server
auth_param basic credentialsttl 3 hours
auth_param basic casesensitive off

acl users proxy_auth REQUIRED

acl sectionx proxy_auth REQUIRED

http_access allow users

3.Starting the Proxy

Restart the proxy to apply the modifications you made. Type:
sudo /etc/init.d/squid restart

Miscellaneous

Server logs

The proxy logs are located in: /var/log/squid/access.log

Changing the size of the cache

  • The Squid cache is enabled by default, which helps accelerate the loading of some pages.
  • The default allocated size is 100 MB (found in /var/spool/squid)
  • To change its size, edit the /etc/squid/squid.conf file.
  • Find the line: # cache_dir ufs /var/spool/squid 100 16 256
  • Edit it. You can change the value 100 to whatever you want (e.g. 200 for 200 MB): cache_dir ufs /var/spool/squid 200 16 256