How to install squid proxy server on freeBSD
How to install squid proxy server on freeBSD
Squid is a caching proxy that supports HTTP, HTTPS, FTP, and more. It has a wide range of features like reducing the bandwidth and improving the response times by caching and reusing frequently-requested web pages. Squid has extensive access controls and makes a great server accelerator. However, it does not support SOCKS protocol. Squid runs on most available operating systems, including Windows and is licensed under the GNU GPL.
To Install Squid proxy server
Before installing tht Squid proxy server. First update the repositories by entering the following command.
root@linuxhelp1:~ # pkg update
Updating FreeBSD repository catalogue...
FreeBSD repository is up-to-date.
All repositories are up-to-date.
After checking the updated repositories, install the squid server using “ pkg install” command
root@linuxhelp1:~ # pkg install squid
Updating FreeBSD repository catalogue...
FreeBSD repository is up-to-date.
All repositories are up-to-date.
Checking integrity... done (0 conflicting)
The following 1 package(s) will be affected (of 0 checked):
New packages to be INSTALLED:
squid: 3.5.23
Number of packages to be installed: 1
The process will require 9 MiB more space.
Proceed with this action? [y/N]: y
[1/1] Installing squid-3.5.23...
===> Creating groups.
Using existing group ' squid' .
===> Creating users
Using existing user ' squid' .
===> Pre-installation configuration for squid-3.5.23
[1/1] Extracting squid-3.5.23: 100%
Message from squid-3.5.23:
o You can find the configuration files for this package in the
directory /usr/local/etc/squid.
o The default cache directory is /var/squid/cache/.
The default log directory is /var/log/squid/.
Note: You must initialize new cache directories before you can start squid. Do this by running " squid -z" as ' root' or ' squid' . If your cache directories are already initialized (e.g. after an upgrade of squid) you do not need to initialize them again.
o When using DiskD storage scheme remember to read documentation:
http://wiki.squid-cache.org/Features/DiskDaemon and alter your kern.ipc defaults in /boot/loader.conf. DiskD will not work reliably without this. Last recomendations were:
kern.ipc.msgmnb=8192
kern.ipc.msgssz=64
kern.ipc.msgtql=2048
o The default configuration will deny everyone but the local host and local networks as defined in RFC 1918 for IPv4 and RFCs 4193 and 4291 for IPv6 access to the proxy service. Edit the " http_access allow/deny" directives in /usr/local/etc/squid/squid.conf to suit your needs.
o If AUTH_SQL option is set, please, don' t forget to install one of following perl modules depending on database you like:
databases/p5-DBD-mysql
databases/p5-DBD-Pg
databases/p5-DBD-SQLite
To enable Squid, set squid_enable=yes in either/etc/rc.conf, /etc/rc.conf.local or /etc/rc.conf.d/squid Please see /usr/local/etc/rc.d/squid for further details.
Note:If you just updated your Squid installation from an earlier version, make sure to check your Squid configuration against the 3.4 default configuration file /usr/local/etc/squid/squid.conf.sample.
/usr/local/etc/squid/squid.conf.documented is a fully annotated configuration file you can consult for further reference.
Additionally, you should check your configuration by calling' squid -f /path/to/squid.conf -k parse' before starting Squid.
Next check the configuration file by running the following command
root@linuxhelp1:~ # squid -f /usr/local/etc/squid/squid.conf -k parse
2017/02/08 17:31:05| Startup: Initializing Authentication Schemes ...
2017/02/08 17:31:05| Startup: Initialized Authentication Scheme ' basic'
2017/02/08 17:31:05| Startup: Initialized Authentication Scheme ' digest'
2017/02/08 17:31:05| Startup: Initialized Authentication Scheme ' negotiate'
2017/02/08 17:31:05| Startup: Initialized Authentication Scheme ' ntlm'
2017/02/08 17:31:05| Startup: Initialized Authentication.
2017/02/08 17:31:05| Processing Configuration File: /usr/local/etc/squid/squid.conf (depth 0)
2017/02/08 17:31:05| Processing: acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
2017/02/08 17:31:05| Processing: acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
2017/02/08 17:31:05| Processing: acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
2017/02/08 17:31:05| Processing: acl localnet src fc00::/7 # RFC 4193 local private network range
2017/02/08 17:31:05| Processing: acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines
2017/02/08 17:31:05| Processing: acl SSL_ports port 443
2017/02/08 17:31:05| Processing: acl Safe_ports port 80 # http
2017/02/08 17:31:05| Processing: acl Safe_ports port 21 # ftp
2017/02/08 17:31:05| Processing: acl Safe_ports port 443 # https
2017/02/08 17:31:05| Processing: acl Safe_ports port 70 # gopher
2017/02/08 17:31:05| Processing: acl Safe_ports port 210 # wais
2017/02/08 17:31:05| Processing: acl Safe_ports port 1025-65535 # unregistered ports
2017/02/08 17:31:05| Processing: acl Safe_ports port 280 # http-mgmt
2017/02/08 17:31:05| Processing: acl Safe_ports port 488 # gss-http
2017/02/08 17:31:05| Processing: acl Safe_ports port 591 # filemaker
2017/02/08 17:31:05| Processing: acl Safe_ports port 777 # multiling http
2017/02/08 17:31:05| Processing: acl CONNECT method CONNECT
2017/02/08 17:31:05| Processing: http_access deny !Safe_ports
2017/02/08 17:31:05| Processing: http_access deny CONNECT !SSL_ports
2017/02/08 17:31:05| Processing: http_access allow localhost manager
2017/02/08 17:31:05| Processing: http_access deny manager
2017/02/08 17:31:05| Processing: http_access allow localnet
2017/02/08 17:31:05| Processing: http_access allow localhost
2017/02/08 17:31:05| Processing: http_access deny all
2017/02/08 17:31:05| Processing: http_port 3128
2017/02/08 17:31:05| Processing: coredump_dir /var/squid/cache
2017/02/08 17:31:05| Processing: refresh_pattern ^ftp: 1440 20% 10080
2017/02/08 17:31:05| Processing: refresh_pattern ^gopher: 1440 0% 1440
2017/02/08 17:31:05| Processing: refresh_pattern -i (/cgi-bin/|?) 0 0% 0
2017/02/08 17:31:05| Processing: refresh_pattern . 0 20% 4320
2017/02/08 17:31:05| Initializing https proxy context
After checking the configuration of the Squid, add the rc.conf configuration to the squid service.
root@linuxhelp1:~ # nano /etc/rc.conf
squid_enable=yes
The configuration file has been added. Next start the squid service
root@linuxhelp1:~ # service squid start
Starting squid.
sayed
Jan 16 2018
How to compile latest squid with delay_pools and ssl on freeBSD?
Q
How do I see system-level Squid statistics?
A
The Squid distribution includes a CGI utility called cachemgr.cgi which can be used to view squid statistics with a web browser. This document has a section devoted to cachemgr.cgi usage which you should consult for more information.
Q
Does Squid support SSL/HTTPS/TLS?
A
Squid also supports these encrypted protocols by ``tunnelling'' traffic between clients and servers.
The browser opens an SSL connection directly to the origin server.
The browser tunnels the request through Squid with the CONNECT request method.
The browser opens an SSL connection directly to the origin server.
The browser tunnels the request through Squid with the CONNECT request method.
Q
What is Squid is only dependent on Linux?
A
No, it can be installed and configured on Windows too.
Q
What are the platforms that are supported for squid proxy server?
A
The platforms that are supported for squid
Linux
FreeBSD
NetBSD
BSDI
Mac OS/X
OSF and Digital Unix
IRIX
SunOS/Solaris
NeXTStep
SCO Unix
Linux
FreeBSD
NetBSD
BSDI
Mac OS/X
OSF and Digital Unix
IRIX
SunOS/Solaris
NeXTStep
SCO Unix
Q
What is Internet object caching in Squid?
A
Internet object caching is a way to store requested Internet objects (i.e., data available via the HTTP, FTP, and gopher protocols) on a system closer to the requesting site than to the source