≡ Menu

Squid Web Proxy and Cache Server

Tutorials, howtos, and tips about Squid web proxy and cache software under *nix. It includes a wide variety of uses, from speeding up a web server by caching repeated requests; to caching web, DNS and other computer network lookups for a group of people sharing network resources; to aiding security by filtering traffic ( rss feed )

I've setup Squid Proxy server as described here, but I'm getting errors which read as follows:

Jul 14 15:09:02 server1 squid[5315]: Squid Parent: child process 5317 started
Jul 14 15:09:02 server1 squid[5317]: Cannot open HTTP Port
Jul 14 15:09:02 server1 squid[5315]: Squid Parent: child process 5317 exited due to signal 6
Jul 14 15:09:02 server1 setroubleshoot: SELinux is preventing the squid (squid_t) from binding to port 5000. For complete SELinux messages. run sealert -l 1cf3c788-35f7-4752-8439-92a1d0719466

How do I fix this problem?
[click to continue…]

FreeBSD Squid Proxy Caching Server Increase File Descriptors Limits

I'm getting an error which read as follows under FreeBSD 7.2 server and Squid stable caching server:

WARNING! Your cache is running out of filedescriptors

How do I fix this problem and increase the number of system-wide available filedescriptors for FreeBSD server?
[click to continue…]

Squid Listen on Other Port ( Squid Configure Port Listing with SELinux)

My Squid proxy server running on port 3128. Since this is frequently scanned by adversaries looking for proxy servers; I've changed port to 10000 and restart squid. But my squid is not working on port # 10000 it only works on port # 3128? How do I force Squid to listen on uncommon port under CentOS Linux v5.3?
[click to continue…]

Squid Proxy Hide System’s Real IP Address

My squid proxy server is displaying system's real IP address. I've a corporate password protected squid proxy server located at My clients works from home or offices via A/DSL / cable connections. Squid should hide all system's IP address, but it is forwarding and displaying the system's IP address. How do I configure squid to hide client's real IP address?
[click to continue…]

Update FreeBSD Using Proxy Server (csup / portsnap proxy update)

Question: How do I upgrade my FreeBSD server and ports tree using our proxy server, which requires username and password based authentication?
[click to continue…]

Squid Proxy WARNING! Your cache is running out of filedescriptors error and solution

I've Squid Proxy server with over 100 Windows workstation. I see following error message in my cache.log file:

WARNING! Your cache is running out of filedescriptors

Do I need to filter proxy server requests to avoid this problem? How do I fix this problem under CentOS / Fedora / RHEL / Debian Linux?
[click to continue…]

I'm behind a squid proxy server. How do I access internet via proxy server when I use wget, lynx and other utilities from a shell prompt on a Linux or Unix-like systems?
[click to continue…]

Linux Disabling Squid Proxy Server

Q. How do I disable Squid Proxy Serer under CentOS Linux operating system so that I can directly connect to the internet?
[click to continue…]

Squid Block any Domain Name Accessing the Internet

Q. How do I block any website accessing the Internet using squid proxy server?

A. You can simply use squid ACL to block access to any web site. There are 3 steps:

#1. Create a text file with blocked domain name list such as baddomain1.com, mail.yahoo.com, gmail.com and so on

#2. Define Acl

#3. Restart squid

First, create a file called /etc/squid/blocked.domains.acl
# vi /etc/squid/blocked.domains.acl
Append domain names,

Save and close the file. Open squid.conf file:
# vi /etc/squid/squid.conf
Create acl called blockeddomain:
acl blockeddomain dstdomain "/etc/squid/blocked.domains.acl"
Deny http access, enter:
http_access deny blockeddomain
Close and save the file. Restart squid proxy server:
# /etc/init.d/squid restart

Squid Proxy Server Mac Address based filtering

Q. I'm using squid proxy server under CentOS Linux version 5. How to filter a particular MAC address under squid?

A. Not all operating system supports Mac address based filtering. For some operating systems. Squid calls these "ARP ACLs" and they are supported on Linux, Solaris, and BSD variants.

How do I set up ACL's based on MAC address?

Open squid.conf:
# vi /etc/squid/squid.conf
Local acl, section and append ACL as follows:
acl macf1 arp mac-address
acl macf2 arp 00:11:22:33:44:55
http_access allow macf1
http_access allow macf2
http_access deny all

Save and close the file. Restart squid server:
# /etc/init.d/squid restart