≡ Menu

squid proxy server

Squid Proxy Hide System’s Real IP Address

My squid proxy server is displaying system's real IP address. I've a corporate password protected squid proxy server located at 202.54.1.2. My clients works from home or offices via A/DSL / cable connections. Squid should hide all system's IP address, but it is forwarding and displaying the system's IP address. How do I configure squid to hide client's real IP address?
[click to continue…]

I've Squid Proxy server with over 100 Windows workstation. I see following error message in my cache.log file:

WARNING! Your cache is running out of filedescriptors

Do I need to filter proxy server requests to avoid this problem? How do I fix this problem under CentOS / Fedora / RHEL / Debian Linux?
[click to continue…]

Squid Block any Domain Name Accessing the Internet

Q. How do I block any website accessing the Internet using squid proxy server?

A. You can simply use squid ACL to block access to any web site. There are 3 steps:

#1. Create a text file with blocked domain name list such as baddomain1.com, mail.yahoo.com, gmail.com and so on

#2. Define Acl

#3. Restart squid

First, create a file called /etc/squid/blocked.domains.acl
# vi /etc/squid/blocked.domains.acl
Append domain names,
gmail.com
baddomain.com
sex.com
mail.yahoo.com

Save and close the file. Open squid.conf file:
# vi /etc/squid/squid.conf
Create acl called blockeddomain:
acl blockeddomain dstdomain "/etc/squid/blocked.domains.acl"
Deny http access, enter:
http_access deny blockeddomain
Close and save the file. Restart squid proxy server:
# /etc/init.d/squid restart

Squid Proxy Server Mac Address based filtering

Q. I'm using squid proxy server under CentOS Linux version 5. How to filter a particular MAC address under squid?

A. Not all operating system supports Mac address based filtering. For some operating systems. Squid calls these "ARP ACLs" and they are supported on Linux, Solaris, and BSD variants.

How do I set up ACL's based on MAC address?

Open squid.conf:
# vi /etc/squid/squid.conf
Local acl, section and append ACL as follows:
acl macf1 arp mac-address
acl macf2 arp 00:11:22:33:44:55
http_access allow macf1
http_access allow macf2
http_access deny all

Save and close the file. Restart squid server:
# /etc/init.d/squid restart

Squid Proxy Sever View logs / log files

Q. How do I view squid proxy server log files under CentOS Linux server 5.0?

A. squid is a high-performance proxy caching server for web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, squid handles all requests in a single, non-blocking, I/O-driven process.

/var/log/squid/ log file directory

The logs are a valuable source of information about Squid workloads and performance. The logs record not only access information, but also system configuration errors and resource consumption (eg, memory, disk space). There are several log file maintained by Squid. Some have to be explicitely activated during compile time, others can safely be deactivated during.

  • /var/log/squid/access.log : Most log file analysis program are based on the entries in access.log. You can use this file to find out who is using squid server and what they are doing etc
  • /var/log/squid/cache.log : The cache.log file contains the debug and error messages that Squid generates. If you start your Squid using the default RunCache script, or start it with the -s command line option, a copy of certain messages will go into your syslog facilities. It is a matter of personal preferences to use a separate file for the squid log data.
  • /var/log/squid/store.log : The store.log file covers the objects currently kept on disk or removed ones. As a kind of transaction log it is ususally used for debugging purposes. A definitive statement, whether an object resides on your disks is only possible after analysing the complete log file. The release (deletion) of an object may be logged at a later time than the swap out (save to disk).

How do I view Squid Log files / logs?

You can use standard UNIX / Linux command such as grep / tail to view log files. You must login as root or sudo command to view log files.

Display log files in real time

Use tail command as follows:
# tail -f /var/log/squid/access.log
OR
$ sudo tail -f /var/log/squid/access.log

Search log files

Use grep command as follows:
grep 'string-to-search' /var/log/squid/access.log

View log files

Finally you can use text editor such as vi to view log files:
# vi /var/log/squid/access.log