Friday, January 18, 2008

Internet Sharing Using Squid

Internet Sharing in linux (Squid)

Squid’s main configuration file is in /etc/squid/squid.conf.
Edit the file
Open /etc/squid/squid.conf
You will need to either find and uncomment entries, or modify existing uncommented lines in the squid configuration file. Use text editor or a text find to locate these lines: visible_hostname machine-name or IPhttp_port 3128cache_dir ufs /var/spool/squid 1000 16 256cache_access_log /var/log/squid/access.log
In the acl section near the bottom add:acl intranet 192.168.10.0/24 à Allow all the machines to access.http_access allow lcsintranet.com (lcsintranet.com – hostname)
visible_hostname - Create this entry and set this to the hostname of the machine. To find the hostname, use the command hostname. Not entering a value may cause squid to fail as it may not be able to automatically determine the fully qualified hostname of your machine.
http_port 3128 - Uncomment this line but there is no need to edit it unless you want to change the default port for http connections.
cache_dir ufs /var/spool/squid 1000 15 256 - Uncomment this line. You may want to append a zero to the value 100 which will make the cache size 1000MB instead of 100MB. The last two values stand for the default folder depth the cache will create on the top and subdirectories respectively. They do not need modification.
cache_access_log - Uncomment this line. This is where all requests to the proxy server will get logged.
acl intranet 192.168.10.0/24 - This entry needs to be added. It should correspond to whatever your local network range is.
http_access allow intranet - This allows the acl named intranet to use the proxy server. Make sure to put allow directives above the last ‘http_access deny all’ entry, as it will overide any allow directives below it.

To allow a single address to access a specific URL
This example allows only the special_client to access the special_url. Any other client that tries to access the special_url is denied. acl special_client src 192.168.10.3acl special_url url_regex ^http://www.squid-cache.org/Doc/FAQ/$http_access allow special_client special_urlhttp_access deny special_url To allow a particular address to access a list of URL acl special_client src 192.168.10.3acl special_client src “/etc/squid/ip.txt” à (Make a file ip.txt and add the to access the particular URL)acl lcssite url_regex –i “/etc/squid/site.txt” à (Make a file site.txt add the URL)

Turning on squid
Start the service:service squid start
Verify that squid is running :service squid status

Configuring the clients
If you are using Firefox or Mozilla you will need to add the proxy server as follows:
Go to Preferences>Network>Settings
Add the name of your new proxy server and port 3128 to the http proxy field

No comments: