Debianhelp.co.uk
 

Squid Proxy Server Configuration in debian

Introduction

Squid is a proxy server. It separates the internal network from the Internet for HTTP and FTP access. This way no user can access the Internet directly.

 

The official web site is not www.squid.org as may be expected, but http://www.squid-cache.org.

Squid Installation

#apt-get install squid

 Configuration

The squid configuration can be found in /etc/squid/squid.conf

 

Configuration Sections Explained Below

General

http_port 3128
icp_port 3130
htcp_port 4827
 
cache_mem 16 MB
refresh_pattern . 0 20% 8640
 
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
 
# snews 563
# gopher 70
# wais 210
acl www_ports 80 443
acl ftp_ports 21
acl localhost src 127.0.0.1/32
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl CONNECT method CONNECT
acl PURGE method PURGE
 
http_access allow manager localhost
http_access deny manager
http_access allow PURGE localhost
http_access deny PURGE

 Specials

acl executables url_regex [.]exe$
http_access deny executables
 
authenticate_program /usr/lib/squid/smb_auth -W DOMEIN -U SERVER
acl network proxy_auth REQUIRED
http_access allow users network
 
cache_peer proxy1.test.net parent 3128 7 no-query default

HTTP

acl wwwusers src 192.168.2.0/24
http_access allow wwwusers www_ports

FTP

ftp_user Squid@domain1.com
ftp_passive off
acl ftpusers src 192.168.2.0/24
http_access allow ftpusers ftp_ports

Deny all

never_direct allow all
always_direct deny all
http_access deny all
icp_access allow all
miss_access allow all 

Reference links

http://learnlinux.tsf.org.za/courses/build/electives/ch03s03.html

http://www.debian-administration.org/articles/71