This tutorial explains how to install and configure a proxy server in order to reduce the load when your users are connected to internet.
This tutorial is intended for people under Debian or distributions based on it (Ubuntu, Xandros ...). All commands in this tutorial are executed as root. (su command). It does not require any prerequisites. In this tutorial, we consider that the proxy server name is tutorielsenfolie, his IP address is 192.168.1.4 and it listen to the port 3214.
Installation of the proxy server
To install the proxy server execute the following command:
apt-get install squid
Configuration of the server
We will now configure the server. But first of all, we will save the default configuration in the case of we have an issue with our new configuration. To do that, execute the following commands:
cp squid.conf squid.conf.sav
Now, we can edit the configuration file:
In order to run correctly, squid need to know the name of the server. To do that, modify the line visible_hostname as follow:
Choose a port
By default, the proxy server listen the 3128. To modify this port update the line http_port like this:
Choose the interface
By default, the proxy server listen all interfaces. For security reason, the proxy must listen only the local network. To do that, modify once again the line http_port:
Define the access right
By default, nobody can be connected to the proxy server, except the server itself. Therefore, we need to create an authorization list. We will, for example, allows the pc from the subnetwork 192.168.1.0 to connect to our proxy. To do that, modify the configuration file (/etc/squid/squid.conf) as follow:
acl Safe_ports port 901 # SWAT
acl purge method PURGE
acl CONNECT method CONNECT
acl lanTutorielsenfolie src 192.168.1.0/255.255.255.0
Allow the group
Now that the group is defined we will allow it to use the proxy. To do that, modify the configuration file (/etc/squid/squid.conf) as follow:
# Example rule allowing access from your local networks.
# Adapt localnet in the ACL section to list your (internal) IP networks
# from where browsing should be allowed
#http_access allow localnet
http_access allow localhost
http_access allow lanTutorielsenfolie
# And finally deny all other access to this proxy
http_access deny all
Authorize non standard ports
If you want to authorize the http flow on non standard ports you need to comment the line http_access deny !Safe_ports (by adding # before the line) in the configuration file (/etc/squid/squid.conf).
Retart the proxy
Now that we have finished configuring the proxy server, we can restart it. To do that, execute the following command:
You like this tutorial ?
Like this website in order to promote it on facebook !