Introduction To Squid
Hi today we will look most famous proxy in the world. Yes you guest it right it is squid. Proxy is an intermediate system that manages communication between two systems. In web applications http proxy is mostly used type. The client makes request to the proxy and then proxy makes the request to the server behalf of the client. So we may think that why we need intermediary system for this communication.
This article is actually an introduction and there will be more articles looking for more details and implementation of the squid features. As you know HTTP is the protocol used to get web resources from servers. HTTP is developed early 1990s by the CERN. And the HTTP protocol makes the web very powerful and over crowded. Today there are billion of people use web especially HTTP web resources. As you know this high load is transmitted over networks like LAN, MAN, WAN . LAN’s are generally fast network because of the area and technologies used but MAN and especially WAN is more expensive than LAN. Home and enterprise users access to the web through WAN and consumes a lot of network resources. These resources are generally same for each user. So the same resource is consumed separately by each user and gets distinct network resources. For example think of google.com . Google is very popular portal for today and accessed more than one in the same time. If we cache the web resources Google send to the client we can use the same resource cache for an other clients and there will be no need to request cached resources from Google. Here web proxies come to the scene. These proxies stays between client and server and accept request from clients and get theses request from server and than serve to the client. After getting the resources web proxy caches than for further requests from same or different client. And than if a client request same resources it answers the cached resources without going to the server. But keep in mind that there are a lot of mechanisms and configuration to make things work accordingly which we will look. But the simple work flow is this. Now let start
There is a lot of reasons for this. First one is content control where enterprise network owner wants to control the web access according to its access policy. The second one is to filter encrypted data so unwanted data streams can be avoided. On the other side normal home internet users may want to bypass filters and blocks. Enterprises may want to improve web access performance by caching content in the proxy. Enterprise application may be accessed through proxy in the enterprise LAN.
Here we can add more use scenarios but those are enough. Let start practice. Our proxy system is Ubuntu 14.10 x64. Firstly we install squid3 packets.
Ubuntu, Debian, Mint, Kali
$ sudo apt-get install squid3
And then start the squid service and look the status if there is an error.
Fedora, CentOS, RedHat
$ sudo yum install squid3
Start Squid Daemon
$ sudo systemctl start squid
Print Squid3 Service Status
We can check wheter squid daemon or service work properly with the following command.
$ sudo systemctl start squid3
Go to the squid3 configuration directory. Here errorpage.css is the visual configuration of the error page which is shown to the user. msntauth.conf is configuration for MS based authentication. and the squid.conf file which is very long configuration file for squid but it can be divided into separate files and included into main config file.
$ cd /etc/squid3/
errorpage.css msntauth.conf squid.conf
In Ubuntu squid3 binary resides /usr/sbin/squid3 and we can use it with parameters without a service command. For example start squid with command
$ /usr/sbin/squid3 -f /etc/squid3/squid.conf
Print Squid3 Version and Information
To see what is the compile options of the current binary and see supported futures and modules
$ /usr/sbin/squid3 -v
In order to log to the syslog use this command and specify http port explicitly
$ /usr/sbin/squid3 -s -a 1234
After starting squid we look processes related to squid. As you can see one process for daemon one process for worker and one process for logging
$ ps aux | grep squ