Squid is a proxy server and web cache daemon. It has a wide variety of uses: caching web, filtering traffic, caching DNS and other computer network lookups for a group of people sharing network resources.
Squid is primarily designed to run on Unix-like systems but it also runs on Windows-based systems. In this tutorial I’ll show you how to install and configure squid proxy server to run under Linux and FreeBSD.
A proxy server software is based on the TCP/IP protocol. It monitors a special port such as 3128 or 8080. A computer who runs a proxy server software is called a proxy server. If other computer want to connect to Internet through the proxy server, it should know the proxy server’s IP address and proxy port.
1. Squid Installation
Squid source code is available from squid-cache.org.Installation instructions are available in the ReadMe file in the source tar file. There is also binary packages for CentOS, Fedora, Red Hat Enterprise Linux, Ubuntu, Debian, FreeBSD and NetBSD.
To install Squid under CentOS/Fedora/RHEL, enter:
yum install squid
To install Squid under Debian/Ubuntu, enter: Read the rest of this entry »
Squid2MySQL for FreeBSD 5.2 to account for traffic through squid March 8th, 2010
Squid2MySQL for FreeBSD 5.2 (08.07.2004 r)
What Squid2MySQL? This authorization, and accounting traffic users
Internet. There is a proxy-server Squid (http://www.squid-cache.org/)
and the database MySQL, (http://dev.mysql.com/)
Squid caching of information involved, and MySQL stores information about
user (name, password, URL and downloaded, etc.).
Binder link – it Squid2MySQL (http://evc.fromru.com/squid2mysql/download.html) 1.0.0
by Eugene V. Chernyshev for Linux.
For those who use Linux as the OS for servers – it will be better
Visit poster’s Squid2MySQL and use information from
Copyright (http://evc.fromru.com/squid2mysql/download.html) site.
I just ported squid2mysql under FreeBSD, and corrected a few errors
them were reported to the author for correspondence e-mail.
This article describes the stages and features of the installation of the corrected
version squid2mysql under FreeBSD.
Let’s go …
1) must be installed MySQL, Squid and Perl. Check
efficiency of these programs: go to MySQL, make a simple
request to table mysql; check Perl command perl-v; do not forget
do for Squid base command squid-z. Check the DNS team
nslookup host, if there will be problems with DNS, you will not run Squid.
2) Download the archive squid2mysql (http://www.uvsw.narod.ru/project/squid2mysql_v.tar.gz)
under FreeBSD (~ 600 Kb) and unpack
# Tar-zxvf squid2mysql_v.tar.gz
3) Go to the newly created directory squid2mysql_v. Go to the subdirectory
for_perl and install the modules for the Perl DBI-1.42.tar.gz and
Msql-Mysql-modules-1.2219.tar.gz or download the newer.
# Tar-zxvf DBI-1.42.tar.gz
# Cd DBI-1.42
# Perl Makefile.PL
# Make test
# Make install
analogous set module Msql-Mysql-modules-1.2219.tar.gz Read the rest of this entry »
First we will compile kernal
proxy # cd / usr/src/sys/i386/conf /
backup your kernel configuration file used to it:
Proxy # cp GENERIC GENERIC-BAK
edit GENERIC file with your favorite editor
and add these below options
its is optional for telling your kernal about cpu
#For optimizing squid #
Add these lines below device
# For PF #
options ALTQ_CBQ # Class Bases Queuing (CBQ)
options ALTQ_RED # Random Early Detection (RED)
options ALTQ_RIO # RED In / Out
options ALTQ_HFSC # Hierarchical Packet Scheduler (HFSC)
options ALTQ_PRIQ # Priority Queuing (PRIQ)
options ALTQ_NOPCC # Required for SMP build
Proxy # config GENERIC
proxy # cd .. / .. / compile / GENERIC
or some times if you have installed standard installation then
proxy # cd .. / compile / GENERIC
proxy # make & & make depend
proxy # make & & make install
we need perl
proxy# cd /usr/ports/lang/perl5.10/
proxy# make install clean
Create group and user that will be used to run the squid:
proxy# pw group add squid -g 100
proxy# pw user add squid -u 100 -g squid -s /usr/sbin/nologin -d /usr/local/squid
proxy# chown -Rv squid:squid /cache
proxy# cd /usr/local/
proxy# fetch http://www.squid-cache.org/Versions/v3/3.0/squid-3.0.STABLE23.tar.bz2
proxy# tar -zxvf squid-3.0.STABLE23.tar.bz2
proxy# cd squid-3.0.STABLE23
proxy# ./configure -prefix=/usr/local/squid \
–enable-async-io=24 –with-pthreads –with-aio –with-dl –with-aufs-threads=24 –with-pthreads \
-disable-wccp && “Successful Done”
proxy# make && make install
After that edit the squid.conf is in accordance with the needs
proxy# ee /usr/local/squid/etc/squid.conf
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
acl localnet src 192.168.10.0/27
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localnet
http_access allow localhost
http_access deny all
http_port 8080 transparent
hierarchy_stoplist cgi-bin ?
cache_mem 6 MB
maximum_object_size_in_memory 32 KB
memory_replacement_policy heap LFUDA
cache_replacement_policy heap GDSF
cache_dir aufs /cache 10000 24 256
maximum_object_size 128 MB
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
cachemgr_passwd squid-cache password
proxy# squid -z
2009/05/10 16:38:37| Creating Swap Directories
first lets check the configuration with the command:
proxy # / usr / local / squid / sbin / squid-k parse
proxy # / usr / local / squid / sbin / squid-NCd1
once considered sufficient, a squid path:
proxy # / usr / local / squid / sbin / squid
and to run the config change, can be a command
proxy # / usr / local / squid / sbin / squid-k reconfigure
let me restart the streets every time the input parameters to the / etc / rc.conf
squid_enable = “YES”
pf_enable = “YES”
or enter the command /usr/local/squid/sbin/squid to /etc/rc.local
then add in / etc/ rc.local
chgrp squid /dev/pf & & chmod g+rw /dev/ pf
FreeBSD + natd + ipfw + squid February 7th, 2010
This is going to be an overview of the steps it takes to create a Walled Garden using FreeBSD, natd, ipfw and squid.
The basic scenario: You have a private IP network that you want to allow people to connect with, and you allow them basic web access (we’ll just do port 80 for now). For your default access you only want to allow these users to access certain URL’s – if they try to access anything else it will redirect them to your “portal” page. Presumbably your portal would have software that would do account signups and such, and once you authorize an ip you would allow it to connect to anything on the internet. Portal design won’t be discussed here, but I will show you how to punch a whole through the firewall.
For this exercise we are going to have a private ip network, and a public ip. Splitting off a management IP is highly advisable, but that won’t be covered here.
Our private IP network is going to be 10.7.0.0/16 our “public ip” is going to be 192.168.0.1 (which is really private, but ignore that – when deploying this substitute in a real public ip here)
First things first, you need to make sure your kernel has some options compiled into it, before doing anything else, go compile these in right now:
Once you install that kernel and reboot your server we can proceed with configuration.
For the next step let’s go ahead and install squid. This can be done using whatever method for installing software you prefer, but I’m going to list the package add method, because it’s so simple:
# pkg_add -r squid Read the rest of this entry »
FreeBSD Squid Proxy Caching Server Increase File Descriptors Limits February 6th, 2010
‘m getting an error which read as follows under FreeBSD 7.2 server and Squid stable caching server:
WARNING! Your cache is running out of filedescriptors
How do I fix this problem and increase the number of system-wide available filedescriptors for FreeBSD server?
For busy proxy caching server, you need to to increase the number of system-wide available filedescriptors, by editing /etc/sysctl.conf file. There is no need to make changes to squid.conf.
Find Current Squid File Descriptors Limits Under FreeBSD
Type the following command:
# squidclient mgr:info | grep 'file descri'
# squidclient -p 8080 -u USERNAME -w 'secretePassword' mgr:info | grep 'file descri'
Increase Squid File Descriptors Limits
Type the following command at a shell prompt:
# sysctl kern.maxfilesperproc=8192
# sysctl kern.maxfiles=65535
To keep settings after reboot add them to /etc/sysctl.conf
echo 'kern.maxfilesperproc=8192' >> /etc/sysctl.conf
echo 'kern.maxfiles=65535' /etc/sysctl.conf
- kern.maxfilesperproc – Set maximum number of open files to 65535
- kern.maxfiles – Set maximum files allowed open per process to 8192
Optionally you may also want to increase port ranges:
# sysctl net.inet.ip.portrange.last=65535
# sysctl net.inet.ip.portrange.first=1024
Finally restart the squid and verify you got new FD settings for squid proxy server:
# squidclient mgr:info | grep 'file descri'