10 practical interview questions and answers on the Squid Proxy Server in Linux
Not only do system administrators and network administrators often hear the word "Proxy Server", but we also often hear it. Proxy servers have become the norm of enterprises and are often exposed to them. It also appears in the cafeteria of small schools or large multinational companies. Squid is an application that can be used as a proxy server and is widely used in such tools.
This article aims to improve your ability to respond to proxy server interviews.
The following is the content of the Interview Q &:
1. What is a proxy server? What is the purpose of the proxy server in the computer network?
Answer: Proxy servers are those physical machines or applications that act as middleware between the client and the resource provider or server. The client looks for files, pages, or data from the proxy server, and the proxy server can handle all complex transactions between the client and the server, thereby meeting the client's generation requirements.
Proxy servers are the backbone of the WWW (World Wide Web), and most of them are Web proxies. A proxy server can handle complex communication transactions between the client and the server. In addition, it provides anonymous information on the Internet (LCTT translation: refers to the browser's IP, browser information, etc. are hidden), which means that your identity and browsing traces are safe. The agent can configure which websites customers are allowed to see and which websites are blocked.
2. What is Squid?
Answer: Squid is an application software released under the GNU / GPL protocol that can serve as both a proxy server and a web cache daemon. Squid mainly supports protocols like HTTP and FTP, but it can also support other protocols such as HTTPS, SSL, TLS, etc. Its characteristic is that the Web cache daemon caches Web and DNS data from frequently visited websites, thereby making the Internet faster. Squid supports all major platforms, including Linux, UNIX, Microsoft's Windows and Apple's Mac.
3. What is the default port of Squid? How to modify its operation port?
Answer: The default port when Squid is running is 3128. We can edit its configuration file to change its default port to a port that is not used by the user. The path is /etc/squid/squid.conf. The suggestions are as follows.
Open the ‘/etc/squid/squid.conf’ file with your editor.
# nano /etc/squid/squid.conf
Now modify it to another unused port, and save and exit.
http_port 3128
Restart the Squid proxy service as shown below.
# service squid restart
4. Your company management requires you to block some domain names through the Squid proxy server, what do you do?
Answer: The screened domain name is a function module implemented in the configuration file. We only need to perform a small manual configuration, the recommendations are as follows.
a. Create a file named ‘blacklist’ in the ‘/ etc / squid’ directory.
# touch / etc / squid / blacklist
b. Open the file with nano editor.
# nano / etc / squid / blacklist
c. Write the domain name you want to block into this file with one domain name per line.
.facebook.com
.twitter.com
.gmail.com
.yahoo.com
...
d. Save and exit, then open the Squid configuration file from ‘/etc/squid/squid.conf’.
# nano /etc/squid/squid.conf
e. Add the following line in the configuration file.
acl BLACKLIST dstdom_regex -i "/ etc / squid / blacklist"
http_access deny blacklist
f. Save the configuration file and exit, restart the Squid service to make it effective.
# service squid restart
5. What is Media Range Limitation and partial download in Squid?
Answer: Media range limitation is a special feature of Squid. It only obtains the required data from the server instead of the entire file. This feature enables users to click the progress bar in the video to select the progress when watching videos on various video streaming sites such as YouTube and Metacafe, so the entire video does not need to be loaded, except for some required parts.
Squid's partial download feature is very well implemented. It can be downloaded in the form of small data packets during Windows update, and can be paused. Because of this feature, Windows machines that are downloading files can resume downloading again. No need to worry about data loss. Squid's media range restrictions and partial download functions only work after storing a copy of the complete file. In addition, when the user visits another page, unless Squid has been specifically configured, some of the downloaded files will be deleted and will not remain in the cache.
6. What is Squid's reverse proxy?
Answer: Reverse proxy is a function of Squid, this function is used to speed up the Internet speed of end users. The abbreviation ‘RS’ below refers to the original server that contains the resource, and the proxy server is called ‘PS’. When it is accessed for the first time, it will get the data it provides from RS and store its copy on the PS according to the configured time. In this case, every time the data requested from the PS is equivalent to being obtained from the original server. This will reduce network congestion, reduce CPU usage, and reduce the utilization of network resources, thereby alleviating the load pressure on the original actual server. But RS can't count the total traffic data, because PS shares part of the original server's tasks. The ‘X-Forwarded-For HTTP’ message can be used to record the original IP address of the client connected to the RS via HTTP proxy or load balancing.
Technically, it is feasible to use a single Squid server as both a forward proxy server and a reverse proxy server.
7. Since Squid can be used as a web cache daemon, can the cache be deleted? How to delete?
Answer: Of course! As a web cache daemon, Squid can speed up web page access and clearing the cache is very simple.
a. First stop the Squid proxy service, then delete the cache from this ‘/ var / lib / squid / cache’ directory.
# service squid stop
# rm -rf / var / lib / squid / cache / * <
b. Create a swap partition directory.
# squid -z
8. You have a working machine that can access the proxy server. If you want to limit your child's access time, how would you set up that scene?
Set the time allowed for access to three hours from 4 to 7 in the evening, spanning from Monday to Friday.
a. If you want to limit the Web access time from 4 to 7 pm from Monday to Friday, you must first open the Squid configuration file.
# nano /etc/squid/squid.conf
b. Add the following line in the configuration file, save the file and exit.
acl ALLOW_TIME time M T W H F 16: 00-19: 00
shttp_access allow ALLOW_TIME
c. Restart the Squid service.
# service squid restart
9. What file format is the data stored by Squid?
Answer: The data stored by Squid is in UFS file format. UFS is an old, widely used Squid storage format
10. Where will Squid's cache be stored?
Answer: The cache stored by Squid is located in a specific directory in ‘/ var / spool / squid’.
That ’s all, and I ’ll be back here with other interesting content soon.
Configure Squid proxy http and rsync
Squid: achieve high-speed Web access
CentOS 6.2 compile and install Squid configuration reverse proxy server
Simple configuration of Squid proxy and reverse proxy
CentOS 6.4 DNS + Squid + Nginx + MySQL to build a highly available web server
Squid's detailed introduction: please click here
Squid: Click here
This article permanently updates the link address: