[hmtad name=”Adsense Unit 3″ align=”floatright”]
SQUID Proxy Server setup in Ubuntu Server 13.04
First we’ll setup squid in ubuntu server 13.04. It is completely a basic setup without any custom mods.
In this scenario I’ll be using two HDDs.
- One will be used for OS – 20 GB.
- Second one will be used for Caching purposes – 40 GB.
Steps:
Firstly we are going to create and initialise our second HDD partition for cache storage.
1. sudo fdisk -l
The above command will report something like:
/dev/sda1 * 1 18709 150280011 83 Linux
/dev/sda2 18710 19457 6008310 5 Extended
/dev/sda5 18710 19457 6008278+ 82 Linux swap / Solaris
But will include a listing for your new drive. If you only see listings for /dev/sda* then your new drive has not been recognized and there is a problem with the physical installation.
2. Once you know where your drive is located (again we’ll use /dev/sdb for our example) it’s time to create a new directory where this drive will be mounted. We are mounting our drive to the directory /data so we’ll create this directory with the following command:
sudo mkdir /data
3. Now let’s make it available to all users:
sudo chmod -R 777 /data
4. With a place to mount the drive, it’s time to format the new drive. The formatting will be done with the command:
sudo mkfs.ext3 /dev/sdb
5. When this is complete you are ready to mount the drive. Before you edit fstab entry (so the drive will be automatically mounted) make sure it can be successfully mounted with the command:
sudo mount /dev/sdb /data
6.If this is successful let’s create an entry in /etc/fstab. open that file with the command
sudo nano /etc/fstab
7. Now add the following entry at the end of that file:
/dev/sdb /data ext3 defaults 0 0
8.Once you save that file, mount the drive (without having to reboot) with the command:
sudo mount -a
9. To make sure the drive mounted successfully issue the command:
df
The above should include in the report:
/dev/sdb /data
10. If that’s the case, success! You can run one file test by trying to write a file to the new drive with the command:
touch /data/test
If you can write that file all is well.
11. Create a directory for storing cache files.
mkdir /data/cache
12 Now let’s make it available to all users:
chmod -R 777 /data/cache
Now, Squid and network setup for ubuntu server 13.04:
1. Ubuntu Server 13.04 Network Configuration :
# This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). # The loopback network interface auto lo iface lo inet loopback # The primary network interface auto eth0 iface eth0 inet static address 192.168.0.50 netmask 255.255.255.0 network 192.168.0.0 broadcast 192.168.0.255 gateway 192.168.0.1 dns-nameservers 8.8.8.8 auto eth1 iface eth1 inet static address 192.168.50.50 netmask 255.255.255.0
Here,
eth0 = WAN Interface
eth1 = LAN Interface
2. apt-get install squid
3. nano /etc/squid3/squid.conf
4. Uncomment :
acl localnet src 192.168.0.0/16 http_access localnet
Change :
http_port 8080 transparent visible_hostname proxy.domain.net cache_dir ufs /data/cache 800 16 256
5. Save and Exit (Ctrl+O -> Y)
6. nano /etc/rc.local
Add these before exit
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j DNAT --to 192.168.50.50:8080 route add -net 192.168.100.0 netmask 255.255.255.0 gw 192.168.50.254 dev eth1
where
eth1=LAN Interface
192.168.50.50 = IP of Squid Proxy Server LAN interface (eth1)
192.168.100.0/24 = Network for LAN users
192.168.50.254 = IP Mikrotik Proxy Interface IP (Squid)
The last line is added so that squid box can access LAN users IP and transfer cached contents to them.
7. Initialise directories.
squid3 -z
8. Execute the following:
/etc/rc.local
9. service squid3 restart
For your reference, you can download my working squid.conf file here.
Mikrotik Setup:
[admin@MikroTik] > export # aug/23/2013 11:06:54 by RouterOS 6.0 # software id # /interface ethernet set 0 name=LAN set 1 name=SQUID set 2 mac-address=00:50:56:31:A4:F0 name=WAN /ip pool add name=dhcp_pool1 ranges=192.168.100.200-192.168.100.253 /ip dhcp-server add address-pool=dhcp_pool1 disabled=no interface=LAN name=dhcp1 /ip address add address=192.168.0.254/24 interface=WAN network=192.168.0.0 add address=192.168.50.254/24 interface=SQUID network=192.168.50.0 add address=192.168.100.254/24 interface=LAN network=192.168.100.0 /ip dhcp-server network add address=192.168.100.0/24 dns-server=192.168.100.254,8.8.4.4,8.8.4.4 gateway=192.168.100.254 /ip dns set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4 /ip firewall mangle add action=mark-routing chain=prerouting dst-port=80 new-routing-mark=http protocol=tcp /ip firewall nat add chain=srcnat dst-port=80 protocol=tcp add action=masquerade chain=srcnat out-interface=WAN /ip route add distance=1 gateway=192.168.50.50 routing-mark=http add check-gateway=ping distance=1 gateway=192.168.0.1 /tool graphing interface add
After you have finished your setup, execute the following on your squid server to monitor logs:
tail -f /var/log/squid3/access.log
To be continued….