Running SQUID in freeBSD - PowerPoint PPT Presentation

About This Presentation
Title:

Running SQUID in freeBSD

Description:

Proxy itself goes to get resource from internet to satisfy first time request ... Squid Mirror Sites (http://www.squid-cache.org/Mirrors/http-mirrors.html) ... – PowerPoint PPT presentation

Number of Views:188
Avg rating:3.0/5.0
Slides: 15
Provided by: sufifaruqi
Learn more at: https://nsrc.org
Category:

less

Transcript and Presenter's Notes

Title: Running SQUID in freeBSD


1
Running SQUID in freeBSD
  • Sufi Faruq Ibne Abubakar
  • AKTEL, TMIB
  • Bangladesh

2
  • What is Squid ?
  • A full-featured Web proxy cache
  • Designed to run on Unix systems
  • Free, open-source software
  • The result of many contributions by unpaid (and
    paid) volunteers
  • Why will I use Squid?
  • Save 30 Internet Bandwidth
  • Access Control
  • Low cost proxy

3
  • Proxy keeps database of each request comes from
    client
  • Proxy itself goes to get resource from internet
    to satisfy first time request
  • Proxy caches resources immediately after
    obtaining it from internet.
  • Proxy serves the resource from cache in second
    request for same resources

4
  • Consideration for squid deployment
  • User calculation
  • System Memory (Min 256 MB RAM)
  • Speedy Storage (SCSI Preferred)
  • Faster CPU
  • Functionality expectations

5
  • Squid Features
  • Proxying and caching of HTTP, FTP, and other URLs
  • Proxying for SSL
  • Cache hierarchies
  • ICP, HTCP, CARP, Cache Digests
  • Transparent caching
  • WCCP (Squid v2.3 and above)
  • Extensive access controls
  • HTTP server acceleration
  • SNMP
  • caching of DNS lookups
  • And many more..

6
  • Obtaining Squid
  • Obtain package source from
  • http//www.squid-cache.org
  • Squid Mirror Sites
  • (http//www.squid-cache.org/Mirrors/http-mirrors.
    html)
  • Binary download for FreeBSD also available
    (http//www.squid-cache.org/binaries.html)
  • STABLE releases, suitable for production use
  • PRE releases, suitable for testing

7
  • Installing Squid
  • tar zxvf squid-2.5.STABLE10.tar.gz
  • cd squid-2.5.STABLE10
  • ./configure --enable-removal-policies
  • --enable-delay-pools
  • --enable-ipf-transparent
  • --enable-snmp
  • --enable-storeiodiskd,ufs --enable-storeiodiskd
    ,ufs
  • --disable-ident-lookups
  • make all
  • make install

8
  • Configuring Squid
  • Edit the squid.conf file and populate it
  • vi /usr/local/squid/etc/squid.conf
  • http_port 3128
  • cache_mem 16 MB
  • cache_dir ufs /usr/local/squid/cache 15360 16 256
  • cache_replacement_policy lru
  • acl all src 0.0.0.0/0.0.0.0
  • acl outgoing src 202.144.151.0/255.255.255.224
  • http_access allow outgoing
  • http_access deny all

9
  • Necessary File Permissions
  • Give the logfile directory ownership to squid
    user
  • chown -R nobodynobody /usr/local/squid/var/log
    s
  • Give the cache directory ownership to squid user
  • mkdir /usr/local/squid/cache
  • chown -R nobodynobody /usr/local/squid/cache
  • /usr/local/squid/sbin/squid z
  • We consider nobody is the squid user here.

10
Squid Startup Script touch /usr/local/etc/rc.d
/squid.sh chmod 755 /usr/local/etc/rc.d/squid.s
h
  • !/bin/sh
  • echo -n ' Squid '
  • case "1" in
  • start)
  • /usr/local/squid/sbin/squid -D
  • stop)
  • /usr/local/squid/sbin/squid -k shutdown
  • restart)
  • /usr/local/squid/sbin/squid -k reconfigure
  • )
  • echo "Usage basename 0 startstoprestart"
  • esac

11
  • Running Squid
  • Create cache dir and create swap
  • (/usr/local/squid/sbin/squid -z)
  • Configure Squid to start at boot
  • vi /etc/rc.conf (squid_enableYES)
  • Run Squid using script
  • /usr/local/etc/rc.d/squid.sh start

12
  • Advanced Features
  • --enable-delay-pools
  • Enable delay pools to limit bandwidth usage.
  • It will give fair bandwidth usage for everybody.
  • --enable-ipf-transparent
  • You need to use IP Filter to redirect traffic.
  • You don't have to configure the client's
    browser.
  • You can force the client to use the proxy every
    time.
  • --enable-storeiodiskd,ufs
  • Improve disk I/O performance up to 400 (squid
    FAQ).
  • You might need to recompile the kernel to
    support message queues and shared memory (if not
    supported).
  • --enable-snmp
  • Enable SNMP to monitor squid performace.
  • SNMP enables you to monitor squid with mrtg or
    rrdtool.

13
  • Configuring Transparent Proxy
  • Compile with --enable-ipf-transparent
  • Edit squid.conf to fiill with following
    options.
  • http_port 3128
  • httpd_accel_host virtual
  • httpd_accel_port 80
  • httpd_accel_with_proxy on
  • httpd_accel_uses_host_header on
  • Edit /etc/rc.conf to enable ipfilter
  • ipfilter_enable"YES"
  • ipnat_enable"YES
  • ipmon_enable"YES"
  • ipfs_enable"YES
  • Edit /etc/ipnat.rules to add http traffic
    redirection rules.
  • rl0 0/0 port 80 -gt 127.0.0.1 port 3128 tcp

14
  • Monitoring Squid Activities
  • cache_access_log
  • cache_store_log
  • cache_log
  • Troubleshooting Squid
  • /var/log/messages
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Running SQUID in freeBSD" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!