apt-get install squid3
edit the squid 3 configuration file in your favorite editor
sudo vi /etc/squid3/squid.conf
and set the transparency and the allowed hosts
http_port 3128 transparent
acl our_networks src 192.168.0.0/24
acl localnet src 127.0.0.1/255.255.255.255
http_access allow our_networks
http_access allow localnet
where 192.168.0.0/24 is the IP range of local network. Probably you need adjust the swap size
cache_dir ufs /var/spool/squid3 7000 16 256
where the first number denotes the size of cache in megabytes. Save you changes and restart the squid proxy by
sudo /etc/init.d/squid3 restart
For more detailed configuration read the manual of Squid or check the configuration examples on Squid wiki page.
Remember, the memory and processor usage of squid is a function of swap size.
Last but not the least we need to redirect the HTTP traffic to your new shiny proxy
iptables -t nat -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.0.1:3128
iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128
where eth1, eth0 are the LAN, WAN devices and 192.168.0.1 is the IP address of your LAN device.
After all, probably you feel the need to monitor the performance of your proxy. Unfortunately, most of the squid log parsers in the Ubuntu repository are configured for Squid 2.x. Nevertheless, squid 3 uses the same log format, so you can change the log file path in your parser config file (sarg, calamaris, etd.) or simply link the log directory of squid 3 to the correct path
ln -s /var/log/squid3 /var/log/squid
No comments:
Post a Comment