Environment Description: inside port of the Cisco Firewall address: 10.10.0.1outside port: 123. *. *. * DMZ: 172. *. *. * Cisco core switch egress 10.10.0.2squid: 10.10.0.3 firewall, switch, and squid connect through switch 1. install Ubuntuhostname: proxyip: 10.6.1.3gateway: 10.6.1.2netm
Environment Description
Cisco Firewall address
Inside port: 10.10.0.1
Outside: 123 .*.*.*
DMZ port: 172 .*.*.*
Cisco core switch
Total egress 10.10.0.2
Squid: 10.10.0.3
Firewalls, switches, and squids are connected through switches.
1. Install Ubuntu
Hostname: proxy
Ip: 10.6.1.3 gateway: 10.6.1.2 netmask: 255.255.255.0 broadcast: 10.6.1.255
2. Modify the root password
Set the root password: sudo passwd root
3. Cancel squid version information
The/src/errorpage. c file is modified in the following places:
} Error_hard_text [] = {
{
ERR_SQUID_SIGNATURE,
"\ N
\ N"
"
\ N"
"\ N"
"Generated % T by % h (% s) \ n" # modify % s, and % t is the current time.
"\ N "# % h is the host name
"\ N"
}
4. Compile:
Apt-get source squid
. /Configure -- prefix =/usr/-- localstatedir =/var/squid -- sysconfdir =/etc/squid -- enable-cache-digests -- enable-delay-pools -- enable-forward-log -- enable-async-io -- enable-dlmalloc -- enable-arp-acl -- enable-linux-netfilter -- disable-hostname-checks -- enable-underscores -- enable-auth -- enable-icmp -- enable-htcp
File Location after installation:
/Usr/squid main directory
/Usr/sbin/squid execution File
/Etc/squid. conf configuration file
/Var/squid/logs log
/Var/squid/cache self-built cache
5. Configure squid
Mkdir/var/squid/cache # create a cache directory for squid
Chown-R proxy: proxy/var/squid # change the owner of the/var/squid directory to proxy
/Usr/sbin/squid-z # generate swap file directory
Squid start squid
Modify the configuration file:
Cd/etc/squid/
Rm squid. conf
Vi squid. conf
Copy the following content to squid. conf.
Access_log/var/squid/logs/access. log squid
Cache_store_log/var/squid/logs/store. log
Cache_log/var/squid/logs/cache. log
Acl all src 0.0.0.0/0.0.0.0
Acl internal dstdomain "/etc/squid/internal. acl" # define acl
Http_port 3128 transparent
Http_access allow all
Wccp2_router 10.6.1.1 # specify the firewall address
Wccp2_rebuild_wait on
Wccp2_forwarding_method 1
Wccp2_return_method 1
Wccp2_assignment_method 1
Wccp2_service standard 0
Cache_mem 4096 MB
Cache_dir ufs/var/squid/cache 10240 16 256
Cache_inclutive_user proxy
Error_directory/usr/share/errors/no
Cache_mgr ** @ *** # Set the Administrator email address on the error message page
Forwarded_for off # The private IP address of the client is not displayed
Logfile_rotate 3 # log cycle, which stores the logs of several cycles
Memory_pools on # enable the squid to automatically allocate memory
Memory_pools_limit none # no upper limit
Cache_swap_low 85
Cache_swap_high 95
No_cache deny internal # Do not cache domain names in acl internal