Table of Contents

Squid_Proxy

Setup Squid Proxy Server

apt-get install squid

Installs basic - but with no options.<br>

Config Squid Proxy for Inital Use

The following options were added into /etc/squid/squid.conf<br> http_port 3128 //as an alternative to above, as I just wanted to access squid locally, I had: http_port 127.0.0.1:3128

That Should be It! <br> To allow individual Clients besides Localhost acl phi src 136.201.146.211 http_access allow phi

Info and basic settings got from:<br> http://www.howtoforge.com/linux_secure_browsing_squid<br> Main One = http://www.debianhelp.co.uk/squid.htm<br>


Bandwidth Delay/Limit using Squid Proxy Server ->

Example Used:

delay_pools 1 delay_class 1 3 delay_access 1 allow users delay_access 1 deny all delay_parameters 1 -1/-1 64000/64000 6000/64000 #asumed 256 is top speed #1250=10 Kbps

http://www.squid-cache.org/mail-archive/squid-users/200411/0692.html

More Info at: http://knowlinux.blogspot.com/2006/04/bandwidth-throttling-using-squid.html

Logging on Squid Proxy Server

If you want to log all the access made to the Squid Proxy Server, which is very useful for debugging access requests, do the following: vi /etc/squid/squid.conf #uncomment the following: cache_access_log /var/log/squid/access.log Thats it.

Use identd to log users

In squids logs ( /var/log/squid/access.log ), you can have the username appear. Typically people may ssh in and portfoward port 3128 and then use localhost:3128 in their Internet Browser.

Install oidentd

apt-get install oidentd oidentd listens on port 113. oidentd runs as a daemon and can be controlled in /etc/init.d/ Other identd packages don't come with init scripts.

Test identd

telnet localhost 113, and then enter: port1, port2 (where port1 and port2 are source and destination ports. Choose any numbers to test). root@server:~# telnet localhost 113 Trying 127.0.0.1… Connected to localhost. Escape character is '^]'. 1234,80 1234,80:ERROR:NO-USER Connection closed by foreign host.

Edit Squid Config

vi /etc/squid/squid.conf

      acl ident_aware_hosts src 127.0.0.1/255.255.255.255
      ident_lookup_access allow ident_aware_hosts
      ident_lookup_access deny all

/etc/init.d/squid restart

That should be it. You can now tail your squid logs, and usernames will appear.