Squid proxy server

HOME












Squid proxy has three purposes:

1. Speeding delivery of content
2. Tracking what sites people are visiting
3. limiting the sites people are visiting


Service profile:
service name           : squid
Packages                 : squid
configuration file     : /etc/squid/squid.conf
Default port number: 3128
Log file path            : /var/log/squid/


to install your squid proxy server install the squid packages 

~]#yum install squid*

verify your squid packages are installed or not

 
~]#service squid restart



 now configure allow your network subnet to give access



 provide access to your network subnet edit conf file (line number 2522 (approxmately))


#Allow internal network to access internet using proxy
acl our_networks src 192.168.1.0/24
http_access allow our_networks


# And finally deny all other access to this proxy
http_access allow localhost
http_access deny all


# ACL for blocked clients
acl blocked_clients src 10.45.32.210
http_access deny blocked_clients



now add some URL's to block (search string log_uses_indirect_client)


 as shown above create files 
/etc/squid/blockedurl.acl
/etc/squid/extensiondeny

sample file blockedurl.acl file 
##### Start #####
#.keepvid.com
.facebook.com
.twitter.com
.youtube.com
.orkut.com
.linkedin
.msn.com
.myspace.com
.flickr.com

##### END ###########
 
sample file extensiondeny 
####### start #####
\.torrent$
\.mp3.*$
\.mp4.*$
\.3gp.*$
\.[Aa][Vv][Ii]$
\.[Mm][Pp][Gg]$
\.[Mm][Pp][Ee][Gg]$
\.[Mm][Pp]3$
\.[Ff][Ll][Vv].*$

###### END ########

if you want to change default port number to something unique 
(line number 73 approximately)


 save the configuration file and reload the squid service

~]#service squid reload

then change the proxy address in your browser then try to access the website
IE Settings > Internet options > Connections > Lan Settings > 



provide IP address and port number

Now see the logs watch the squid logs 


/var/log/squid/ log file directory

The logs are a valuable source of information about Squid workloads and performance. The logs record not only access information, but also system configuration errors and resource consumption (eg, memory, disk space). There are several log file maintained by Squid. Some have to be explicitly activated during compile time, others can safely be deactivated during.
  • /var/log/squid/access.log : Most log file analysis program are based on the entries in access.log. You can use this file to find out who is using squid server and what they are doing etc
  • /var/log/squid/cache.log : The cache.log file contains the debug and error messages that Squid generates. If you start your Squid using the default RunCache script, or start it with the -s command line option, a copy of certain messages will go into your syslog facilities. It is a matter of personal preferences to use a separate file for the squid log data.
  • /var/log/squid/store.log : The store.log file covers the objects currently kept on disk or removed ones. As a kind of transaction log it is ususally used for debugging purposes. A definitive statement, whether an object resides on your disks is only possible after analysing the complete log file. The release (deletion) of an object may be logged at a later time than the swap out (save to disk).

How do I view Squid Log files / logs?

You can use standard UNIX / Linux command such as grep / tail to view log files. You must login as root or sudo command to view log files.

Display log files in real time

Use tail command as follows: ~]# tail -f /var/log/squid/access.log
OR
~]$ sudo tail -f /var/log/squid/access.log

Search log files

Use grep command as follows: ~]#grep 'string-to-search' /var/log/squid/access.log

View log files

Finally you can use text editor such as vi to view log files: ~]# vi /var/log/squid/access.log

if you want to change the squid log format you can do that by modifying the log format strings

# ####   Log Format codes: ######
#
#        >a    Client source IP address
#        >A    Client FQDN
#        >p    Client source port
#        <A    Server IP address or peer name
#        la    Local IP address (http_port)
#        lp    Local port number (http_port)
#        ts    Seconds since epoch
#        tu    subsecond time (milliseconds)
#        tl    Local time. Optional strftime format argument
#            default %d/%b/%Y:%H:%M:%S %z
#        tg    GMT time. Optional strftime format argument
#            default %d/%b/%Y:%H:%M:%S %z
#        tr    Response time (milliseconds)
#        >h    Request header. Optional header name argument
#            on the format header[:[separator]element]
#        <h    Reply header. Optional header name argument
#            as for >h
#        un    User name
#        ul    User login
#        ui    User ident
#        us    User SSL
#        ue    User external acl
#        Hs    HTTP status code
#        Ss    Squid request status (TCP_MISS etc)
#        Sh    Squid hierarchy status (DEFAULT_PARENT etc)
#        mt    MIME content type
#        rm    Request method (GET/POST etc)
#        ru    Request URL
#        rv    Request protocol version
#        ea    Log string returned by external acl
#        <st    Reply size including HTTP headers
#        %    a literal % character
#
logformat squid  %tl %>a %>A %un %ul  %ru
 

 Thanks for reading the blog 


Please provide your valuable comments below .................

No comments:

Post a Comment