[root@nknproxy /]#yum update
[root@nknproxy /]#yum install squid
[root@nknproxy /]#vi /etc/squid/squid.conf
##############################
acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
cache allow all
cache_mem 128 MB
maximum_object_size_in_memory 64 KB
maximum_object_size 900 MB
minimum_object_size 0 KB
cache_swap_low 90
cache_swap_high 95
cache_dir ufs /var/spool/squid "size in MB" 32 512
cache_access_log /var/log/squid/access.log
dns_nameservers IP1 IP2
#######refresh_pattern########## to cahce all for the 1 week##############
refresh_pattern ^ftp: 15 20% 10080 override-expire
override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-no-store
ignore-must-revalidate ignore-private ignore-auth refresh-ims
refresh_pattern ^gopher: 15 0% 10080 override-expire
override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-no-store
ignore-must-revalidate ignore-private ignore-auth refresh-ims
refresh_pattern . 15 20% 10080 override-expire
override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-no-store
ignore-must-revalidate ignore-private ignore-auth refresh-ims
refresh_pattern -i (/cgi-bin/|\?) 15 0% 10080 override-expire
override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-no-store
ignore-must-revalidate ignore-private ignore-auth refresh-ims
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
##################HostName#################################
visible_hostname nknproxy.cmmacs.ernet.in
#####ACL for Internet proxy########created on 17/feb/2014##
acl ip_series src 192.168.101.0/24
################allow-acl##################
http_access allow ip_series
http_access deny all
http_port 3128
hierarchy_stoplist cgi-bin ?
coredump_dir /var/spool/squid
###################################################################
[root@nknproxy /]# squid -z
2014/04/08 17:26:07| Creating Swap Directories
2014/04/08 17:26:07| /var/spool/squid exists
2014/04/08 17:26:07| Making directories in /var/spool/squid/00
2014/04/08 17:26:07| Making directories in /var/spool/squid/01
2014/04/08 17:26:07| Making directories in /var/spool/squid/02
2014/04/08 17:26:07| Making directories in /var/spool/squid/03
2014/04/08 17:26:07| Making directories in /var/spool/squid/04
2014/04/08 17:26:07| Making directories in /var/spool/squid/05
2014/04/08 17:26:07| Making directories in /var/spool/squid/06
2014/04/08 17:26:07| Making directories in /var/spool/squid/07
2014/04/08 17:26:07| Making directories in /var/spool/squid/08
2014/04/08 17:26:07| Making directories in /var/spool/squid/09
2014/04/08 17:26:07| Making directories in /var/spool/squid/0A
2014/04/08 17:26:07| Making directories in /var/spool/squid/0B
2014/04/08 17:26:07| Making directories in /var/spool/squid/0C
2014/04/08 17:26:07| Making directories in /var/spool/squid/0D
2014/04/08 17:26:07| Making directories in /var/spool/squid/0E
2014/04/08 17:26:07| Making directories in /var/spool/squid/0F
2014/04/08 17:26:07| Making directories in /var/spool/squid/10
2014/04/08 17:26:07| Making directories in /var/spool/squid/11
2014/04/08 17:26:07| Making directories in /var/spool/squid/12
2014/04/08 17:26:07| Making directories in /var/spool/squid/13
2014/04/08 17:26:07| Making directories in /var/spool/squid/14
Page 3root
2014/04/08 17:26:07| Making directories in /var/spool/squid/15
2014/04/08 17:26:07| Making directories in /var/spool/squid/16
2014/04/08 17:26:07| Making directories in /var/spool/squid/17
2014/04/08 17:26:07| Making directories in /var/spool/squid/18
2014/04/08 17:26:07| Making directories in /var/spool/squid/19
2014/04/08 17:26:07| Making directories in /var/spool/squid/1A
2014/04/08 17:26:07| Making directories in /var/spool/squid/1B
2014/04/08 17:26:07| Making directories in /var/spool/squid/1C
2014/04/08 17:26:07| Making directories in /var/spool/squid/1D
2014/04/08 17:26:08| Making directories in /var/spool/squid/1E
2014/04/08 17:26:08| Making directories in /var/spool/squid/1F
Allow Squid port “3128” on Firewall
[root@nknproxy /]# vi /etc/sysconfig/iptables
-A INPUT -m state --state NEW,ESTABLISHED,RELATED -m tcp -p tcp --dport 3128 -j
ACCEPT
[root@nknproxy /]# /etc/init.d/iptables restart
[root@nknproxy /]# /etc/init.d/ NetworkManager stop
[root@nknproxy /]# /etc/init.d/network start
[root@nknproxy /]# chkconfig NetworkManager off
[root@nknproxy /]# chkconfig network on
[root@nknproxy /]# chkconfig squid on
[root@nknproxy /]#/etc/init.d/squid start
[root@nknproxy /]#tail -f /var/log/squid/access.log
check for the log
1396958421.682 59911 192.168.101.86 TCP_MISS/503 0 CONNECT www.google.co.in:443
- DIRECT/- -
1396958421.682 59782 192.168.101.86 TCP_MISS/503 0 CONNECT www.google.co.in:443
- DIRECT/- -
1396958421.682 59719 192.168.101.86 TCP_MISS/503 0 CONNECT www.google.co.in:443
- DIRECT/- -
[root@nknproxy /]#yum install squid
[root@nknproxy /]#vi /etc/squid/squid.conf
##############################
acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
cache allow all
cache_mem 128 MB
maximum_object_size_in_memory 64 KB
maximum_object_size 900 MB
minimum_object_size 0 KB
cache_swap_low 90
cache_swap_high 95
cache_dir ufs /var/spool/squid "size in MB" 32 512
cache_access_log /var/log/squid/access.log
dns_nameservers IP1 IP2
#######refresh_pattern########## to cahce all for the 1 week##############
refresh_pattern ^ftp: 15 20% 10080 override-expire
override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-no-store
ignore-must-revalidate ignore-private ignore-auth refresh-ims
refresh_pattern ^gopher: 15 0% 10080 override-expire
override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-no-store
ignore-must-revalidate ignore-private ignore-auth refresh-ims
refresh_pattern . 15 20% 10080 override-expire
override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-no-store
ignore-must-revalidate ignore-private ignore-auth refresh-ims
refresh_pattern -i (/cgi-bin/|\?) 15 0% 10080 override-expire
override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-no-store
ignore-must-revalidate ignore-private ignore-auth refresh-ims
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
##################HostName#################################
visible_hostname nknproxy.cmmacs.ernet.in
#####ACL for Internet proxy########created on 17/feb/2014##
acl ip_series src 192.168.101.0/24
################allow-acl##################
http_access allow ip_series
http_access deny all
http_port 3128
hierarchy_stoplist cgi-bin ?
coredump_dir /var/spool/squid
###################################################################
[root@nknproxy /]# squid -z
2014/04/08 17:26:07| Creating Swap Directories
2014/04/08 17:26:07| /var/spool/squid exists
2014/04/08 17:26:07| Making directories in /var/spool/squid/00
2014/04/08 17:26:07| Making directories in /var/spool/squid/01
2014/04/08 17:26:07| Making directories in /var/spool/squid/02
2014/04/08 17:26:07| Making directories in /var/spool/squid/03
2014/04/08 17:26:07| Making directories in /var/spool/squid/04
2014/04/08 17:26:07| Making directories in /var/spool/squid/05
2014/04/08 17:26:07| Making directories in /var/spool/squid/06
2014/04/08 17:26:07| Making directories in /var/spool/squid/07
2014/04/08 17:26:07| Making directories in /var/spool/squid/08
2014/04/08 17:26:07| Making directories in /var/spool/squid/09
2014/04/08 17:26:07| Making directories in /var/spool/squid/0A
2014/04/08 17:26:07| Making directories in /var/spool/squid/0B
2014/04/08 17:26:07| Making directories in /var/spool/squid/0C
2014/04/08 17:26:07| Making directories in /var/spool/squid/0D
2014/04/08 17:26:07| Making directories in /var/spool/squid/0E
2014/04/08 17:26:07| Making directories in /var/spool/squid/0F
2014/04/08 17:26:07| Making directories in /var/spool/squid/10
2014/04/08 17:26:07| Making directories in /var/spool/squid/11
2014/04/08 17:26:07| Making directories in /var/spool/squid/12
2014/04/08 17:26:07| Making directories in /var/spool/squid/13
2014/04/08 17:26:07| Making directories in /var/spool/squid/14
Page 3root
2014/04/08 17:26:07| Making directories in /var/spool/squid/15
2014/04/08 17:26:07| Making directories in /var/spool/squid/16
2014/04/08 17:26:07| Making directories in /var/spool/squid/17
2014/04/08 17:26:07| Making directories in /var/spool/squid/18
2014/04/08 17:26:07| Making directories in /var/spool/squid/19
2014/04/08 17:26:07| Making directories in /var/spool/squid/1A
2014/04/08 17:26:07| Making directories in /var/spool/squid/1B
2014/04/08 17:26:07| Making directories in /var/spool/squid/1C
2014/04/08 17:26:07| Making directories in /var/spool/squid/1D
2014/04/08 17:26:08| Making directories in /var/spool/squid/1E
2014/04/08 17:26:08| Making directories in /var/spool/squid/1F
Allow Squid port “3128” on Firewall
[root@nknproxy /]# vi /etc/sysconfig/iptables
-A INPUT -m state --state NEW,ESTABLISHED,RELATED -m tcp -p tcp --dport 3128 -j
ACCEPT
[root@nknproxy /]# /etc/init.d/iptables restart
[root@nknproxy /]# /etc/init.d/ NetworkManager stop
[root@nknproxy /]# /etc/init.d/network start
[root@nknproxy /]# chkconfig NetworkManager off
[root@nknproxy /]# chkconfig network on
[root@nknproxy /]# chkconfig squid on
[root@nknproxy /]#/etc/init.d/squid start
[root@nknproxy /]#tail -f /var/log/squid/access.log
check for the log
1396958421.682 59911 192.168.101.86 TCP_MISS/503 0 CONNECT www.google.co.in:443
- DIRECT/- -
1396958421.682 59782 192.168.101.86 TCP_MISS/503 0 CONNECT www.google.co.in:443
- DIRECT/- -
1396958421.682 59719 192.168.101.86 TCP_MISS/503 0 CONNECT www.google.co.in:443
- DIRECT/- -
