Install and configure proxy server squid 2.7 stable 9 on ubuntu 11.10

Tuesday, March 13, 2012

print this page
send email

Squid is a proxy server that has a good performance that can handle protocol http , https, ftp and both can increase Internet access speeds up to 10% to 20%. this is amazing

Here is what Squid can do:

  • Accelerate Internet Connection to Internal Network
  • Protect Internal Network When Surfing the Internet
  • Filtering Content
  • Can be used as bandwidth Limiter
  • Filter Sensitive Material
  • Accelerate Web Server Pages
  • and many more that can be handled by squid

Accordance with the title of the above topics on how to install and configure squid 2. 7 stable 9 in ubuntu 11.10
beginning step is to install squid on computers have been installed ubuntu 11.10.

Typing the following command on terminal:

sudo apt-get install squid ccze

if the squid installation process is complete, the next step is a configuration file squid.conf, this file located in the directory /etc/squid/

on terminal type:

sudo -i
mkdir /home/ncode/cache
sudo chown proxy:proxy /home/ncode/cache
cd /etc/squid/
cp squid.conf squid.conf.origin
nano squid.conf

delete all existing text squid on squid.conf and then was replaced with the following configuration

#=============START CONFIGURATION========
# TAG: http_port
http_port 3128 transparent
icp_port 0
server_http11 on

# TAG: hierarchy_stoplist
hierarchy_stoplist cgi-bin ? localhost
acl QUERY urlpath_regex cgi-bin ? localhost
no_cache deny QUERY

cache_mem 8 MB
maximum_object_size 50 MB
maximum_object_size_in_memory 128 KB

cache_swap_low 98%
cache_swap_high 99%
cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF

ipcache_size 16384
fqdncache_size 16384

ipcache_low 98
ipcache_high 99

cache_access_log /var/log/squid/access.log
cache_log none
cache_store_log none

mime_table /usr/share/squid/mime.conf

# PID squid.
pid_filename /var/run/
coredump_dir /home/neostream/cache/

log_fqdn off
log_icp_queries off
buffered_logs off
emulate_httpd_log off

# FTP section
ftp_list_width 32
ftp_passive on
ftp_sanitycheck on

# DNS resolution section

# Filesystem section
#diskd_program /usr/bin/diskd

# Refresh Rate
refresh_pattern -i .(class|css|js|gif|jpg|ps)$ 1440 50% 43200
refresh_pattern -i .(jpe|jpeg|png|bmp|tif)$ 1440 50% 43200
refresh_pattern -i .(tiff|mov|avi|qt|mpeg|flv|ra|rm|wmv|divx)$ 1440 50% 43200
refresh_pattern -i .(mpg|mpe|wav|au|mid|mp3|mp4|ac4|swf)$ 1440 50% 43200
refresh_pattern -i .(zip|gz|arj|lha|lzh|7z)$ 1440 50% 43200
refresh_pattern -i .(rar|tgz|tar|exe|bin|rpm|iso)$ 1440 50% 43200
refresh_pattern -i .(hqx|pdf|rtf|doc|swf|xls|ppt|pdf|docx|xlsx)$ 1440 50% 43200
refresh_pattern -i .(inc|cab|ad|txt|dll|dat)$ 1440 50% 43200

refresh_pattern ^ftp: 1440 95% 12960 reload-into-ims
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320

quick_abort_min 0 KB
quick_abort_max 0 KB
quick_abort_pct 100%

# ACL section
acl all src
acl manager proto cache_object
acl localnet src
acl localhost src
acl SSL_ports port 443 563 445 # https, snews
acl Safe_ports port 80 81 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl purge method PURGE
always_direct allow localnet localhost
always_direct deny all
http_access allow manager all
http_access deny !Safe_ports
http_access allow purge localhost
http_access deny purge
http_access allow localhost
http_access allow localnet
http_access deny all
http_reply_access allow all
icp_access allow all
miss_access allow localnet
miss_access deny all
visible_hostname proxy
header_access Accept-Encoding deny all

logfile_rotate 7
negative_ttl 2 minute
client_persistent_connections on
server_persistent_connections on
pipeline_prefetch on
vary_ignore_expire on
reload_into_ims on
nonhierarchical_direct off
prefer_direct off
memory_pools off
ie_refresh on
cache_effective_user proxy
cache_effective_group proxy

#Tag ZPH
zph_mode tos
zph_local 0x30
zph_parent 0
zph_option 136
#==========END OF CONFIGURATION=========

look at option:

“acl localnet src” adjust the ip address of your computer use

“cache_dir aufs /home/ncode/cache 20400 48 256” adjust the cache directory you are using

if you’ve finished configuring the squid.conf file save and exit from nano editor,proceed with make swap directory

on terminal type the following command:

squid -z
squid -k reconfigure

if there is no error on terminal means installation and configuration Squid 2.7 stable 9 on ubuntu 11.10 successful and complete


Typed in the address bar “chrome: / / settings / browser” click under the hood, click change proxy settings, enter the ip address and port squid proxy server


Preference – advenced – network – settings – manual proxy configuration

enter ip address and port squid proxy server

Monitoring proxy activity using the syntax

tail -f /var/log/squid/access.log | ccze

sumber asli :

No comments:

Post a Comment