====================================================== How to Step by Step Installation of Squid ====================================================== 1. Get Squid Port installed to do that
cd /usr/ports/www/squid22/ (I prefer Squid22 better)
2. make install
Ok now that squid is installed, we have to configure the kernel , create
a swap directory and of course the squid.conf ====================================================== Configuring the kernel (This configuration is for Transparent caching with FreeBSD)
====================================================== 1. cd /usr/src/sys/i386/conf/ 2.edit your kernel You got to add these two lines in your kernel
options IPFIREWALL options IPFIREWALL_FORWARD
3. save exit
4. /usr/sbin/config (editted kernel)
5. cd ../../compile/your kernel 6. make depend 7. make 8. make install
======================================================
IP Firewall Rules ====================================================== Its time to configure the IP firewall rules with ipfw. By
default, there are no "allow" rules and all packets are denied. Add this commands to /etc/rc.local just to be able to use the machine on the network:
ipfw add 60000 allow
all from any to any But we're still not hijacking connections. To accomplish that, add these rules: ipfw add 49 allow tcp from 0.0.0.0 to any
ipfw add 50 fwd 127.0.0.1 tcp from any to any 80 change the above (0.0.0.0) ip according to the ip address of your machine.
====================================================== Editing squid.conf file ====================================================== NOTE:
This options may be needed to be changed to get Squid running. Most user will not need to change all of these settings. You will need to change at least one part of the configuration file though: the default
squid.conf denies access to all browsers. If you don't change this, Squid will not be very useful! http_access deny all
change this to
http_access allow all P.N. : The above setting will run the Squid. The below setting will allow more capability and performance of squid.
====================================================== Setting Squid's HTTP Port ======================================================
You can use multiple ports appending a second port number to the http_port variable. Here is an example: http_port 3128 8080
====================================================== Forwarding all request to another Proxy Server ====================================================== You need to give Squid a parent cache. Second,
you need to tell Squid it can not connect directly to origin servers. This is done with three configuration file lines: cache_peer example.proxy.com parent 3128 0 no-query default
acl all src 0.0.0.0/0.0.0.0 never_direct allow all
In case you want to be able to use direct connections when all the parents go down you should use a
different approach: cache_peer example.proxy.com parent 3128 0 no-query prefer_direct off
=====================================================
What is ACL? (Configuring of permission for only Network/local/dial-in users) ACCESS CONTROL LIST. =====================================================
acl off src "/usr/local/etc/squid/data/list" (Note: created a file with all the ip No. and called the file list. Called ACL as off) acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255 acl SSL_ports port 443 563 acl Safe_ports port 80 21 443 563 70 210 1025-65535 acl CONNECT method CONNECT
# INSERT YOUR OWN RULE(S) HERE TO ALLOW
ACCESS FROM YOUR CLIENTS # http_access allow off (Note: Only the IP in the list file will be allowed to squid) http_access deny all ((Note: Rest all be denied with squid error)
# TAG: icp_access # Reply to all ICP queries we receive # same as above icp_access allow off icp_access deny all
=====================================================
Running of Squid =====================================================
Squid should now be configured, and the directories should have the correct permissions. We should now be able to start Squid, and you can try and access the cache with a web browser.
cache1:~ # /usr/local/squid/bin/squid -z Note: If any error message or permission denied, just chmod accordingly.
This will take sometime to create, depending on the speed of your computer. Reboot your computer and Squid will be running on the startup.
====================================================
ROBERT PINTO
Hi Friends ,
Big thanks to SOLARIS_S and Group from #freebsdhelp For giving me this opportunity to write this HOW-TO. Well this is how I first installed it on freeBSD 4.1 than tried on 4.2 and
belive me it works great did everything that I wanted to do with squid proxy, cache, transparent-proxy and other stuff..First time it took me hell of a time to configure it but now it look a piece of cake so thought
to share with you guys. Below you will find a easy way just follow step –by step instruction and believe me you will not have any problem (a big pat on my back...hahahah)
Peace to the Guys in #freebsdhelp love you guys J
|