Posts Tagged ‘Squid’

How to enable squid authentication with htpasswd

.

Hi again

if you decided to have a squid web proxy which has authentication system. the simplest way is that creating an file and save the usernames and password in it. you can just create the file by touch command.

then change its permission and owner in way that squid has an permision to read it.

after all just add the following configuration file into your squid.conf file.

auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/passwd
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off

acl ncsa_users proxy_auth REQUIRED
acl ncsa_users1 urlpath_regex kasper
http_access allow ncsa_users
http_access allow ncsa_users1

then for creating a new password just use the following command.

htpasswd /etc/squid/passwd user1

thats it. I will pu some configuration about the other methods of squid configuration later. but if you have any question about this do not hesitate to contact me.

Regards

refrences : http://www.cyberciti.biz/tips/linux-unix-squid-proxy-server-authentication.html

Squid Configuration Sample

.

Hi again

many of friends asked me to publish a sample useful squid configuration.  now I decided to post a weblog regarding the squid configurations. I prefer to say that there are some points which helps you to install a web-cache server for you local network .

1- First I want to mention that two partition have more speed regarding the Reed/Write comparing to one. and two disk have more speed comparing one disk. therefore try to install you cache partition in order to save your cache content in two Disk then in four partitions.

2- The difference between ext3 and ex2 is only journaling. therefore to increase your speed for your cache content partitions use ex2 since the recovery of the information is less important to R/W speed.

3- Use proper swap. maximum swap size for your linux is 2Gb and setting more than it, will not used.

4- Always try to install a cache only name server in the same machine of your cache server.

5- For having an improvement in your disk I/O always your the diskd feature for your squid proxy server. in some cases you should recompile the squid to enable this feature.

now I will explain how to install the simple squid server on the debian. First install the squid with aptitude install squid .

after try to chown the cache content partitions to the proxy user.

and then re-write these configuration for your cache.

#        Descriptin:      Mehdi Behamin co.   #

http_port  3128 transparent
################################
#httpd_accel_host virtual
#httpd_accel_port 80
#httpd_accel_with_proxy  on
#httpd_accel_uses_host_header on
################################
cache_mem 10 MB
cache_swap_low  90
cache_swap_high 95

cache_dir diskd /cache 5000 32 128 Q1=72 Q2=64
#cache_dir diskd /cache2 15000 32 128 Q1=72 Q2=64
#cache_dir diskd /cache3 15000 32 128 Q1=72 Q2=64
#cache_dir diskd /cache4 15000 32 128 Q1=72 Q2=64
#store_dir_select_algorithm round-robin

cache_replacement_policy heap LFUDA
memory_replacement_policy heap LFUDA

cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
#cache_dns_program    /usr/local/squid2/bin/dnsserver
dns_nameservers 127.0.0.1
pid_filename  /var/run/squid.pid

hierarchy_stoplist  cgi-bin
hierarchy_stoplist ?
acl QUERY urlpath_regex cgi
no_cache deny QUERY

# quick abort:
# always finish if less than 10k
#    finish if more than 50%
#    always  abort  if more  tan  1024k
quick_abort_min    20 kb
quick_abort_pct    50%
quick_abort_max    1024 kb

emulate_httpd_log   off

#redirect_program   /usr/bin/squidGuard

#redirect_children 3
#refresh_pattern .       0     20%      4320

########################################################
refresh_pattern  -i        .gif$          10080    90%    43200
refresh_pattern -i       .jpg$          10080    90%     43200
refresh_pattern  -i        .bom.gov.au      30     20%      120
refresh_pattern -i       .html$           480    50%     22160
refresh_pattern  -i        .htm$            480    50%    22160
refresh_pattern  -i      .aspx$         480     50%     22160
refresh_pattern  -i      .mspx$         480     50%     22160
refresh_pattern  -i      .asp$         480     50%     22160
refresh_pattern -i       .class$        10080    90%     43200
refresh_pattern  -i        .zip$          10080    90%    43200
refresh_pattern -i       .jpeg$         10080    90%     43200
refresh_pattern  -i        .mid$          10080    90%    43200
refresh_pattern -i       .shtml$          480    50%     22160
refresh_pattern  -i        .exe$          10080    90%    43200
refresh_pattern -i       .thm$          10080    90%     43200
refresh_pattern  -i        .wav$          10080    90%    43200
refresh_pattern -i       .txt$          10080    90%     43200
refresh_pattern  -i        .cab$          10080    90%    43200
refresh_pattern -i       .au$           10080    90%     43200
refresh_pattern  -i        .mov$          10080    90%    43200
refresh_pattern -i       .xbm$          10080    90%     43200
refresh_pattern  -i        .ram$          10080    90%    43200
refresh_pattern -i       .avi$          10080    90%     43200
refresh_pattern  -i        .chtml$          480    50%    22160
refresh_pattern -i       .thb$          10080    90%     43200
refresh_pattern  -i        .dcr$          10080    90%    43200
refresh_pattern -i       .bmp$          10080    90%     43200
refresh_pattern  -i        .phtml$          480    50%    22160
refresh_pattern -i       .mpg$          10080    90%     43200
refresh_pattern  -i        .pdf$          10080    90%    43200
refresh_pattern -i       .art$          10080    90%     43200
refresh_pattern  -i        .swf$          10080    90%    43200
refresh_pattern -i       .mp3$          10080    90%     43200
refresh_pattern  -i        .ra$           10080    90%    43200
refresh_pattern -i       .spl$          10080    90%     43200

refresh_pattern -i       .spl$          10080    90%     43200
refresh_pattern  -i        .viv$          10080    90%    43200
refresh_pattern -i       .doc$          10080    90%     43200
refresh_pattern  -i        .gz$           10080    90%    43200
refresh_pattern -i       .Z$            10080    90%     43200
refresh_pattern  -i        .tgz$          10080    90%    43200
refresh_pattern -i       .tar$          10080    90%     43200
refresh_pattern  -i        .vrm$          10080    90%    43200
refresh_pattern -i       .vrml$         10080    90%     43200
refresh_pattern  -i        .aif$          10080    90%    43200
refresh_pattern -i       .aifc$         10080    90%     43200
refresh_pattern  -i        .aiff$         10080    90%    43200
refresh_pattern -i       .arj$          10080    90%     43200
refresh_pattern  -i        .c$            10080    90%    43200
refresh_pattern -i       .cpt$          10080    90%     43200
refresh_pattern  -i        .dir$          10080    90%    43200
refresh_pattern -i       .dxr$          10080    90%     43200
refresh_pattern  -i        .hqx$          10080    90%    43200
refresh_pattern -i       .jpe$          10080    90%     43200
refresh_pattern  -i        .lha$          10080    90%    43200
refresh_pattern -i       .lzh$          10080    90%     43200
refresh_pattern  -i        .midi$         10080    90%    43200
refresh_pattern -i       .movie$        10080    90%     43200
refresh_pattern  -i        .mp2$          10080    90%    43200
refresh_pattern -i       .mpe$          10080    90%     43200
refresh_pattern  -i        .mpeg$         10080    90%    43200
refresh_pattern -i       .mpga$         10080    90%     43200
refresh_pattern  -i        .pl$           10080    90%    43200
refresh_pattern -i       .ppt$          10080    90%     43200
refresh_pattern  -i        .ps$           10080    90%    43200
refresh_pattern -i       .qt$           10080    90%     43200
refresh_pattern  -i        .qtm$          10080    90%    43200
refresh_pattern -i       .ras$          10080    90%     43200
refresh_pattern  -i        .sea$          10080    90%    43200
refresh_pattern -i       .sit$          10080    90%     43200
refresh_pattern  -i        .tif$          10080    90%    43200
refresh_pattern -i       .tiff$         10080    90%     43200
refresh_pattern  -i        .snd$          10080    90%    43200
refresh_pattern -i       .wrl$          10080    90%     43200
refresh_pattern -i        ^ftp://         480      60%    22160
refresh_pattern -i       ^gopher://      30        20%     120
refresh_pattern -i        .               480      50%    22160
refresh_pattern -i       ^gopher://      30        20%     120
refresh_pattern -i        .               480      50%    22160

maximum_object_size 16384 kb
#reply_body_max_size 500 MB

#reference_age  1  month
read_timeout 30 minutes
client_lifetime 3 hours
pconn_timeout 15 seconds
request_timeout  1  minute
shutdown_lifetime 10 seconds
# positive_dns_ttl 53 seconds

ipcache_size 10240
ipcache_low  98
ipcache_high 99

#dns_children   32

cache_mgr   mbehamin@gmail.com
cachemgr_passwd   parmid   all
#cache_effective_user squid
#cache_effective_group squid

#visible_hostname none
#error_directory /tmp

minimum_direct_hops 5

log_fqdn off
#ident_lookup off

memory_pools off
forwarded_for  on
icp_hit_stale on logfile_rotate 9

store_objects_per_bucket  10
store_avg_object_size  13  kb
netdb_high 10000
netdb_low   9900
netdb_low   9900
netdb_ping_period 30 seconds

#mcast_groups nlanr.mcast.ircache.net

log_icp_queries off
#test_reachability off

debug_options ALL,1
max_open_disk_fds       55
high_memory_warning  400   mb
high_response_time_warning   2000
high_page_fault_warning 2

#authenticate_program   /usr/local/squid/bin/ncsa_auth
#/usr/local/squid/etc/passwd
#acl NCSAPasswd proxy_auth REQUIRED

strip_query_terms off

acl Manager   proto cache_object
acl all src 192.168.10.0/255.255.255.0
acl post  method  POST
acl ssl method CONNECT
acl purge method PURGE
acl BADPORTS port 7 9 11 19 22 23 25 53 110 119 513 514
# okay to remove  this  if chg.ru cleans up its act http_access allow purge
http_access deny purge
http_access allow Manager
http_access deny Manager
http_access  deny BADPORTS
http_access deny ssl
http_access allow all

thats it. but remember before restarting your squid service try to illuminate the errors by squid -k check command.

regards

How to install the Squid on windows as a service

.

Hi

The first thing you should do about installing the squid proxy service on windows, is downloading the compiled version of the service from the following site:

http://squid.acmeconsulting.it/

then you easily extract the whole file in directory with name “c:\squid” and change your directory into c:\squid\etc

Then in etc subdirectory try to configure your squid.conf

next step is  typing squid -z to create all the subdirectory for your caching. inorder to run the following command change your directory into c:\squid\bin

after creating the cache directory, just type squid -i to install the service in the windows.

then you can start your service in the windows services console. (in run menu type services.msc)

regards


     Copyrighted Mehdi Behamin , All Rights Reserved
    
Blog has been visited 207146 times