Saturday, 30 May 2015

Install Squid Proxy on CentOS / Amazon Linux

http://www.squid-cache.org/
http://www.krizna.com/centos/how-to-install-squid-proxy-on-centos-6/

1. Install Squid
       yum -y install squid
       chkconfig squid on

2. Add you squid client IP address(es) - Setup Access Restrictions
      acl my_network src 123.123.123.0/24
      https_access allow my_network

3. Configure Squid Proxy - edit /etc/squid/squid.conf
      http_port 3128

If you would like to browse through this Squid proxy and not have it detected as a proxy, setup anonymous settings by adding these lines to /etc/squid/squid.conf:

via off
forwarded_for off

 request_header_access Allow allow all 
request_header_access Authorization allow all 
request_header_access WWW-Authenticate allow all 
request_header_access Proxy-Authorization allow all 
request_header_access Proxy-Authenticate allow all 
request_header_access Cache-Control allow all 
request_header_access Content-Encoding allow all 
request_header_access Content-Length allow all 
request_header_access Content-Type allow all 
request_header_access Date allow all 
request_header_access Expires allow all 
request_header_access Host allow all 
request_header_access If-Modified-Since allow all 
request_header_access Last-Modified allow all 
request_header_access Location allow all 
request_header_access Pragma allow all 
request_header_access Accept allow all 
request_header_access Accept-Charset allow all 
request_header_access Accept-Encoding allow all 
request_header_access Accept-Language allow all 
request_header_access Content-Language allow all 
request_header_access Mime-Version allow all 
request_header_access Retry-After allow all 
request_header_access Title allow all 
request_header_access Connection allow all 
request_header_access Proxy-Connection allow all 
request_header_access User-Agent allow all 
request_header_access Cookie allow all 
request_header_access All deny all
Un-comment and adjust the following to add cache directory.
cache_dir ufs /usr/local/squid/var/cache/squid 100 16 256
 And at the last of config file add visible hostname
visible_hostname pxy.mydomain.com

4. Start Squid proxy service
       service squid start

5. Modify your browser's proxy settings

6. Verify Squid proxy works
        Navigate over to whatismyip.com

7. Check Squid log
        tail -f /var/log/squid/access.log

     


On AWS can use Cloudformation to create ELB and autoscaling squid proxies:
https://aws.amazon.com/articles/5995712515781075


Squid benchmark results:

Tinyproxy:
yum install -y epel-release
yum update -y
yum -y install tinyproxy

vi /etc/tinyproxy.conf:
Port 8888                     # Listening port
Allow 172.16.0.0/12     # Connections can only be accepted from these IP addresses 
DisableViaHeader Yes # Make your proxy invisible.

at

No comments:

Post a Comment