Deploy Squid on Server

Steps to deploy squid proxy server on Rocky linux server. Modified: 2023-07-15 09:15:10 Created: 2023-03-25 00:34:09 Tags: #proxy #linux

Squid is a popular open-source proxy server that can improve network performance, security, and privacy. It can be used to cache frequently accessed content, filter out unwanted traffic, and anonymize client connections.

Before proceeding with the tutorial, you should have root access to a Rocky Linux 9 system with a stable internet connection. A basic understanding of Linux terminal commands and network protocols is required.

1. Install Squid

Install Squid package using the package manager:

sudo dnf install squid

This will download and install the Squid package along with its dependencies. If the installation is successful, you can move on to the next step.

2. Configure Squid on Server

The default Squid configuration file is located at /etc/squid/squid.conf. To edit this file, use a text editor such as Nano or Vim with root privileges:

sudo nano /etc/squid/squid.conf

You can customize various settings in the configuration file according to your requirements. Here's an example configuration that allows any client to access the proxy server:

http_port 3128
cache_dir ufs /var/spool/squid 100 16 256
acl all src all
http_access allow all
  • http_port specifies the TCP port number that Squid should listen on for incoming requests.
  • cache_dir specifies the directory where Squid should store its cache files.
  • acl all src all defines an access control list that allows any client to access the proxy server. - http_access allow all grants permission to the clients in the ACL to use the proxy server.

Start and enable the Squid service using the following command:

sudo systemctl enable --now squid

Verify that Squid is running by checking the status:

sudo systemctl status squid

You should see a message indicating that the service is active and running.

3. Secure Squid

By default, Squid does not have any security mechanisms in place. Therefore, it's important to take some steps to secure your Squid installation. You can set up access controls to restrict who can access the proxy server, monitor Squid logs for suspicious activity, and keep Squid up to date with the latest security patches.

Use access control lists (ACLs) to restrict access to the proxy server. For example, you can create an ACL that only allows requests from specific IP addresses or networks. Monitor Squid logs for unusual activity, such as requests from unknown clients or large amounts of traffic from a single IP address. You can use tools like Logwatch or Splunk to parse and analyze Squid logs.

4. Troubleshooting Squid

If you encounter issues with Squid, you can use various troubleshooting techniques to diagnose and resolve the problem. Here are some tips to get started:

Check the Squid logs for error messages or warnings. The default log file is located at /var/log/squid/access.log and /var/log/squid/cache.log. Use the squidclient command to test Squid's connectivity and performance. For example, you can run squidclient -h localhost -p 3128 http://www.google.com to test if Squid is able to retrieve web pages.

Use online resources and community forums to get help from other Squid users. The Squid website, mailing lists, and IRC channels are great places to start.

5. Setting Up on Client

Once you have set up Squid on Rocky Linux 9, you may want to configure your client devices to use the Squid proxy server to access the internet. One way to do this is to set up the http_proxy and https_proxy environment variables on your machine.

export http_proxy=http://<squid_server_ip>:3128
export https_proxy=http://<squid_server_ip>:3128

Replace squid_server_ip with the IP address of your Squid server. If you have configured Squid to listen on a different port, replace 3128 with the appropriate port number.

To make these environment variables persistent across terminal sessions, add the above two commands to your shell's startup file (~/.bashrc for bash, ~/.zshrc for zsh, etc.).

You can now use your Squid proxy server to access the internet. Note that not all applications honor these environment variables, so you may need to configure individual applications to use the proxy server.

Summary

In this tutorial, we've shown you how to deploy Squid on Rocky Linux 9 and configure it to meet your specific needs.