Squid server configuration in RHEL5.7

Squidcache (Squid for short) is a popular free software (GNU General Public License) proxy server and Web Cache Server. Squid has a wide range of uses, from cache-related requests as front cache servers of Web servers to improving the speed of Web servers, to cache the World Wide Web for a group of people to share network resources, domain Name System and other network search, to help network security by filtering traffic, to the LAN through the proxy to access the Internet. Squid is designed to run on Unix and Linux systems. Related proxies

Squid cache (Squid for short) is a popular free software (GNU General Public License) proxy server and Web cache Server. Squid has a wide range of uses, from cache-related requests as front cache servers of Web servers to improving the speed of Web servers, to cache the World Wide Web for a group of people to share network resources, domain Name System and other network search, to help network security by filtering traffic, to the LAN through the proxy to access the Internet. Squid is designed to run on Unix and Linux systems.

Proxy servers have the following features:

Application Layer proxy

1. proxy for specific network protocols

2. Typical applications: HTTP proxy and FTP Proxy

Proxy Server role

1. hosts in the LAN can access the Internet through hosts that can be accessed in the Network

2. cache can be provided to improve access efficiency

3. Access control can be implemented to a certain extent.

Functions of the squid service

1. Provide HTTP and FTP proxies

2. cache proxy content to improve access speed

3. Access Control for the client (based on the target address or time)

Squid proxy type

Forward Proxy: Provides proxy services for the client. You must specify an IP address for the client.

Reverse Proxy: Provides proxy services for servers to reduce the burden on real servers.

Transparent Proxy: A special forward proxy that does not require any client settings. The proxy server must be a gateway, which is equivalent to a router and a firewall.

The default port number of the squid Proxy Server is 3128, which can be changed, for example, to the common port 8080 in the public network. We use the example below to verify

1. Forward Proxy Server Configuration

In this example, the RHEL-B is the gateway, connected to the Internet; Windows PC is the Intranet host, the gateway points to the RHEL-B, where the RHEL-B only allows the RHEL-C to perform NAT translation, that is, by default, windows PC cannot access the Internet, only RHEL-C can access the Internet. Here we want to make Windows PC accessible to the Internet by setting the RHEL-C as a proxy server.

First check whether the squid of the RHEL-C is installed (installed by default)

Rpm-q squid

Go to the squid configuration file

Vi/etc/squid. conf

Search for http_port 3128 and change the 3128 port number to 8080.

Search for acl our_networks, define acl, name our_networks, set to allow, and change the source address to the network segment 192.168.10.0/24 of the host. Otherwise, only local loopback ports are allowed by default.

Save and exit, and then start squid. Before starting, you must ensure that squid has a complete domain name.

Vi/etc/hosts

Next, initialize the squid server to create a cache subdirectory in the working directory of the squid server.

Squid-z

Check the squid sub-directory. You can find 16 sub-directories are added.