Tuesday, August 16, 2011

How to install squid on CentOS 5.5

Install Squid on CentOS / RHEL 5

$ yum install squid

Prompt:

Install ( x ) Package(s)

Total download size: ( x ) M

Is this ok [y/N]: Answer y then hit Enter Key

Installing: squid ######################### [1/1]

Installed: squid.i386 2.5.STABLE14

Complete!
Squid Basic Configuration

Squid configuration file located at /etc/squid/squid.conf. Open file using a text editor:

$ locate squid.conf
/etc/squid/squid.conf
$ pico /etc/squid/squid.conf

NEED TO CHANGE:

line 53 and 54
looks like this

#Default:
#http_port 3128

change to

#Default:
http_port 3128

//* or change 3128 to any unused port refer here to check commonly used port http://www.mysql-apache-php.com/ports.htm *//

line 1876

#acl our_networks src 192.168.1.0/24 192.168.2.0/24
#http_access allow our_networks

change to
acl our_networks src 192.168.1.0/24 192.168.2.0/24
http_access allow our_networks

Line 1880
#http_access allow localhost
#http_access deny all

to

http_access allow localhost
http_access allow [ your ip range here without the brackets ]
http_access deny all

$ chkconfig squid on
$ /etc/init.d/squid start

Output:
init_cache_dir /var/spool/squid… Starting squid: . [ OK ]

Verify port 3128 is open:

$ netstat -tulpn | grep 3128

Output:

tcp 0 0 0.0.0.0:3128 0.0.0.0:* LISTEN 20653/(squid)

Open TCP port 3128

Finally make sure iptables is allowing to access squid proxy server. Just open /etc/sysconfig/iptables file:

$ pico /etc/sysconfig/iptables(config)

Append configuration:

-A RH-Firewall-1-INPUT -m state –state NEW,ESTABLISHED,RELATED -m tcp -p tcp –dport 3128 -j ACCEPT

Restart iptables based firewall:

$ /etc/init.d/iptables restart

Output:

Flushing firewall rules: [ OK ]

Setting chains to policy ACCEPT: filter [ OK ]

Unloading iptables modules: [ OK ]

Applying iptables firewall rules: [ OK ]

Loading additional iptables modules: ip_conntrack_netbios_n [ OK ]

note if you have CSF firewall:

$ pico /etc/csf/csf.conf

# Allow incoming TCP ports
TCP_IN = “20,21,22,25,53,80,110,143,443,465,953,993,995,2077,2078,2082,2083,2087,[your squid proxy port here without the bracket]”
# Allow outgoing TCP ports
TCP_OUT = “20,21,22,25,37,43,53,80,110,113,443,587,873,953,2087,2089,2703,[your squid proxy port here without the bracket]”
# Allow incoming UDP ports
UDP_IN = “20,21,53,953?
# Allow outgoing UDP ports
# To allow outgoing traceroute add 33434:33523 to this list
UDP_OUT = “20,21,53,113,123,873,953,6277?

//Now restart the firewall!
$ csf -r

Note: if you install on Centos 5.3 you will have to open your port and save settings

/sbin/iptables -I RH-Firewall-1-INPUT 1 -p tcp --dport [PORT] -j ACCEPT

/etc/init.d/iptables save
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)