Friday, December 20, 2002

Squid Quick Start Guide

Download Squid fron

Next you have to untar the file and change the working directory to squid-*

tar -xvzf squid-*-src.tar.gz
cd squid -*

Now enter the following commands in order to configure, compile and install squid

make install

This will by default, install into "/usr/local/squid". Type ./configure --help to view all available options

Step II - Basic Configuration

Some basic Configuration is to be done in Configuration file. By default this file is in the following path "usr/local/squid/etc/squid.conf". In the configuration file uncomment and edit the following lines.

Set cache_dir to an area that has a large amount of hard disk space in order to devote to caching.
Cache_dir ufs /usr/local/squid/cache 100 16 256 is common.

Check http_port, 3128 is a default.

By default http_access is denied to all. You have to set ACL rules as per your requirements. This is important because it prevents people from stealing your network resources

cache_effective_user & cache_effective_ group
Set cache_effective_user and cache_effective_ group to a user and group. This user should have the permission to read and write in the cache directory and in the log files.

Step III - Custom configuration based on your network needs

For Configuring squid for proxy
By default, squid is configured in proxy mode. In order to cache web traffic and to use the squid system as a proxy, you have to configure your browser, which needs at least two pieces of information:

i. _____ the proxy server's host name
ii. ______ the port that the proxy server is accepting requests on

For Configuring squid for transparency
Using squid transparently is a two part process, requiring first that squid be configured properly to accept non-proxy requests (performed in the squid module) , and second that web traffic gets redirected to the squid port (achieved in three ways namely policy based routing, Using smart switching or by setting squid Box as a gateway).

Getting transparent caching to work requires the following steps:
i. ___For some operating systems, you have to configure and build a version of Squid which can recognize the hijacked connections and discern the destination addresses. For Linux this seems to work automatically. For BSD-based systems, you probably have to configure squid with the --enable-ipf-transparent option, and you have to configure squid as:

httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

ii. __________ Next you have to configure your cache host to accept the redirected packets - any IP address, on port 80 - and deliver them to your cache application. This is typically done with IP filtering/forwarding features built into the kernel. In Linux they call this ipfilter (kernel 2.4.x), ipchains (2.2.x) or ipfwadm (2.0.x).

For Configuring squid for Reverse Proxy
To run Squid as an accelerator, you probably want to listen on port 80. And you have to define the machine you are accelerating for. This is done in squid module,

http_port 80
httpd_accel_port 81
httpd_accel_single_host on
httpd_accel_with_proxy on

If you are using Squid as an accelerator for a virtual host system, then instead of a 'hostname' here you have to use the word virtual as:

http_port 80
httpd_accel_host virtual
httpd_accel_port 81
httpd_accel_with_proxy on
httpd_accel_single_host off

Step IV - Starting Squid

After you've finished editing the configuration file, you can start Squid for the first time. First, you must create the swap directories. Do this by running Squid with the -z option:

/usr/local/squid/sbin/squid -z

Once that completes, you can start Squid and try it out. Probably the best thing to do is run it from your terminal and watch the debugging output. Use this command:

/usr/local/squid/sbin/squid -NCd1

If everything is working okay, then your console displays: "Ready to serve requests".

If you want to run squid in the background, as a daemon process, just leave off all options:


Here depending on your configuration, you may need to start squid as root.

Step V - To check if Squid is working

Check the cache.log file in your logs directory. This file generates run time error messages that Squid generates.