Install Squid on CentOS / RHEL 5
$ yum install squid
Prompt:
Install ( x ) Package(s)
Total download size: ( x ) M
Is this ok [y/N]: Answer y then hit Enter Key
Installing: squid ######################### [1/1]
Installed: squid.i386 2.5.STABLE14
Complete!
Squid Basic Configuration
Squid configuration file located at /etc/squid/squid.conf. Open file using a text editor:
$ locate squid.conf
/etc/squid/squid.conf
$ pico /etc/squid/squid.conf
NEED TO CHANGE:
line 53 and 54
looks like this
#Default:
#http_port 3128
change to
#Default:
http_port 3128
//* or change 3128 to any unused port refer here to check commonly used port http://www.mysql-apache-php.com/ports.htm *//
line 1876
#acl our_networks src 192.168.1.0/24 192.168.2.0/24
#http_access allow our_networks
change to
acl our_networks src 192.168.1.0/24 192.168.2.0/24
http_access allow our_networks
Line 1880
#http_access allow localhost
#http_access deny all
to
http_access allow localhost
http_access allow [ your ip range here without the brackets ]
http_access deny all
$ chkconfig squid on
$ /etc/init.d/squid start
Output:
init_cache_dir /var/spool/squid… Starting squid: . [ OK ]
Verify port 3128 is open:
$ netstat -tulpn | grep 3128
Output:
tcp 0 0 0.0.0.0:3128 0.0.0.0:* LISTEN 20653/(squid)
Open TCP port 3128
Finally make sure iptables is allowing to access squid proxy server. Just open /etc/sysconfig/iptables file:
$ pico /etc/sysconfig/iptables(config)
Append configuration:
-A RH-Firewall-1-INPUT -m state –state NEW,ESTABLISHED,RELATED -m tcp -p tcp –dport 3128 -j ACCEPT
Restart iptables based firewall:
$ /etc/init.d/iptables restart
Output:
Flushing firewall rules: [ OK ]
Setting chains to policy ACCEPT: filter [ OK ]
Unloading iptables modules: [ OK ]
Applying iptables firewall rules: [ OK ]
Loading additional iptables modules: ip_conntrack_netbios_n [ OK ]
note if you have CSF firewall:
$ pico /etc/csf/csf.conf
# Allow incoming TCP ports
TCP_IN = “20,21,22,25,53,80,110,143,443,465,953,993,995,2077,2078,2082,2083,2087,[your squid proxy port here without the bracket]”
# Allow outgoing TCP ports
TCP_OUT = “20,21,22,25,37,43,53,80,110,113,443,587,873,953,2087,2089,2703,[your squid proxy port here without the bracket]”
# Allow incoming UDP ports
UDP_IN = “20,21,53,953?
# Allow outgoing UDP ports
# To allow outgoing traceroute add 33434:33523 to this list
UDP_OUT = “20,21,53,113,123,873,953,6277?
//Now restart the firewall!
$ csf -r
Note: if you install on Centos 5.3 you will have to open your port and save settings
/sbin/iptables -I RH-Firewall-1-INPUT 1 -p tcp --dport [PORT] -j ACCEPT
/etc/init.d/iptables save
No comments:
Post a Comment