Squid in Ubuntu Overview
A proxy server is a very useful tool for a network. It is commonly used in computer networks to protect the network from attack, to filter nefarious web content and pages requested by local users, and to speed up the delivery of web pages and web content by caching (storing) commonly requested web pages, documents, and media. Proxy servers are typically implemented on private, local area networks, to filter, protect and cache content requested by users on that network, this is called “proxy” or “transparent proxy.” Proxy servers can also be implemented on the remote side “in-front-of” destination webservers in order to protect those servers by filtering requests, speeding up web page delivery, and caching frequently requested files, this is called “reverse proxy.”
Types of Proxy Servers
|Proxy Server||The web browser on the client is configured to point to the proxy server’s IP address. The client can bypass the proxy server by removing or altering the proxy address configuration. An administrator could prevent this by creating a GPO in Active Directory that blocks access to the web browser settings. A proxy server can also function as a caching server.|
|Transparent Proxy Server||The router sends all traffic on defined ports, to the transparent proxy server, this way clients cannot bypass the proxy server. A transparent proxy server can also function as a caching server.|
|Reverse Proxy Server (Cache)||The reverse proxy server or cache server is placed in-front-of or prior-to the web server in order to speed up delivery of frequently requested pages and to protect the web server by creating a layer of separation and redundancy.|
Squid is one of the most popular and most used proxy servers in the world. It is free to download, easy to install and it can be implemented on any distribution of Linux. Here are the steps to install and configure Squid on an Ubuntu distribution of Linux.
Steps to install and configure Squid
Open a terminal, and type in the following commands to install Squid
sudo apt-get update
sudo apt-get install squid squid-common
Ways to start and stop Squid
sudo service squid start (stop|restart|status)
sudo /usr/sbin/squid (launch program directly)
sudo pkill -9 squid
Navigate to the Squid folder to find the squid.conf configuration file
ls (you should see the squid.conf file)
Create a backup of the squid.conf file
sudo cp squid.conf squid.conf.bak
For testing purposes open Firefox and set it to send web requests to the Squid Proxy Server (You will need to know your ip address)
ifconfig (write down your inet address e.g. 192.168.1.100)
Edit > Preferences, Advanced > Network Tab > Connection-Settings:
Manual Proxy Configuration:
HTTP Proxy: your IP address or loopback address 127.0.0.1, Port: 3128
Click Ok and Close
Now if you try and go to a website like google you should see an ERROR – Access Denied message from Squid (see bottom line). This means that Squid is working by actively denying the traffic.
Now we need to configure Squid to allow web traffic through the proxy server. Open squid.conf in your favorite text editor like gedit, nano, or vi
sudo nano squid.conf
sudo gedit squid.conf & (If gedit does not open from the terminal you can open it as root user)
gedit squid.conf &
To switch out of root user
su your-username (if you are root user the prompt is a “#” switch back to your user account privilege)
If you chose to open with squid.conf with gedit, then turn on line numbering (Edit > Preferences > View >Display Line Numbers)
Change the name of your Squid Proxy Server, around line 3399, change:
# TAG: visible_hostname
You can configure access rules for your Squid proxy server (lines 331 to 831 are for Access Control). Notice that on lines 606 to 630 the local networks and usable ports (services) are defined. Active configuration lines, are the lines that are not commented out, i.e. they do not start with a # sign.
To re-enable web access uncomment line 676
#http_access allow localnet
http_access allow localnet
To verify the Web is now working, save your changes to the squid.conf file and restart your Squid server.
service squid restart (or “sudo service squid restart” if you are no longer root)
Now resfresh your Firefox web browser and your homepage should be visible.
Now we can practice writing a custom ACL (access list) in the squid.conf file to block specific domains and websites. We can write our custom ACL at the end of the acl lines around line 631. From an empty line write the following lines to test domain blocking:
acl blocked_websites dstdomain .msn.com .yahoo.com
http_access deny blocked_websites
Now restart your Squid server, and test to see if Squid denies access to your blocked domains/websites in Firefox.
In this series of videos, I go through the same process outlined above, to install and configure a Squid proxy server in Ubuntu .
In part 1, I install Squid in Ubuntu, start and stop it, backup the configuration file,
and configure Firefox to use Squid as a proxy server
In part 2, I discuss editing the configuration file
In part 3, I write a custom ACL in the squid.conf file