How to configure ACL rule for Browser by Squid proxy server in OpenSUSE Leap 42.1

To configure ACL rule for Browser by Squid proxy server in OpenSUSE Leap 42.1

A proxy server is a computer that acts as an intermediary between a desktop computer and the internet and allows a client machine to make an indirect connection to network servers and services. A proxy server can help you take control of how users reach the internet. ACL refers to Access Control List and it is designed mainly for permission mechanism for any type of file. It lets the user to provide permission for any user or group even if they are not a part of the group list of the user. This tutorial covers the configuration procedure ACL rule for Browser by Squid proxy server in OpenSUSE Leap 42.1.

Configuration procedure

To procced with the configuration process, install squid in your system by executing the following command. 

linuxhelp:~ # zypper in squid
Loading repository data...
Reading installed packages...
Resolving package dependencies...

The following NEW package is going to be installed:
  squid

1 new package to install.
Overall download size: 2.4 MiB. Already cached: 0 B. After the operation, additional 8.3 MiB will be used.
Continue? [y/n/? shows all options] (y): y
Retrieving package squid-3.3.14-12.1.x86_64                                                         (1/1),   2.4 MiB (  8.3 MiB unpacked)
Retrieving: squid-3.3.14-12.1.x86_64.rpm ............................................................................[done (283.9 KiB/s)]
Checking for file conflicts: ......................................................................................................[done]
(1/1) Installing: squid-3.3.14-12.1.x86_64 ........................................................................................[done]
Additional rpm output:
setting /usr/sbin/pinger to squid:root 0750 " = cap_net_raw+ep" . (wrong owner/group root:root permissions 0755, missing capabilities)

Start and enable your squid service.

linuxhelp:~ # systemctl start squid
linuxhelp:~ # systemctl enable squid
ln -s ' /usr/lib/systemd/system/squid.service'  ' /etc/systemd/system/multi-user.target.wants/squid.service'

Open the squid configuration file using vim editor and enter the following changes in the file. Save and exit the file. 

linuxhelp:~ # vim /etc/squid/squid.conf
acl test src 192.168.7.218 192.168.7.222
acl browser_block browser Firefox
http_access deny test browser_block
http_access allow test

Restart the squid proxy server by running the following command. 

linuxhelp:~ # systemctl restart squid

Set your proxy server IP in your client machine by running the inetcpl.cpl in the Windows search bar.

Select the Bypass proxy server for local addresses option in LAN settings.

Now go to firefox settings options and set your squid IP.


Next you can access your firefox browser.

You can also access other websites with ease.

The configuration procedure of ACL rule for browser in Squid proxy server in OpenSUSE Leap 42.1 is done without any glitches.

Tag : Squid ACL Proxy server OpenSUSE - Leap
FAQ
Q
Who is responsible for Squid?
A
Squid is the result of efforts by numerous individuals from the Internet community. Duane Wessels of the National Laboratory for Applied Network Research.
Q
Does Squid support SSL/HTTPS/TLS?
A
The browser opens an SSL connection directly to the origin server,

The browser tunnels the request through Squid with the CONNECT request method.
Q
What Operating Systems does Squid support?
A
Squid supports on following Os

Linux

FreeBSD

NetBSD

BSDI

Mac OS/X

OSF and Digital Unix

IRIX and etc
Q
What is Squid proxy server?
A
A proxy server is a computer that acts as an intermediary between a desktop computer and the internet and allows a client machine to make an indirect connection to network servers and services. A proxy server can help you take control of how users reach the internet. ACL refers to Access Control List and it is designed mainly for permission mechanism for any type of file. It lets the user provide permission for any user or group even if they are not a part of the group list of the user.
Q
How to set only gives the owner read/write/execute (rwx) permission on the files created in the directory?
A
use the command as follow "setfacl -m user:shei:r-x SomeDirectory".