All About iDiots
Nama : Kevin Malakiant
Nationality : Indonesian
Email : firstname.lastname@example.org
- 66,896 hits
All About Log
By: Mihai Marinof, Linux Editor
A proxy server can allow computers to make indirect connections to other network services through the machine running the proxy. The most stable and commonly available proxy server for Linux is Squid: a proxy caching server for HTTP/FTP requests. Squid caches data from the Internet on your local network so the next time the same data is being accessed, whether it’s a web page or image file, it gets served-up from the local server rather than over the Internet. This will save you significant bandwidth but can also provide a few other advantages. For example, if you’re at school and certain websites you’d like to visit are blocked, you can use your proxy server to access them. Also, another common use of Squid is for setting-up web filtering for kids. Whenever the browser is used, you will be prompted to enter a username and password, based on which the proxy will determine whether to filter the request or not.
Let’s start by installing Squid. On Debian-based systems (Ubuntu), type the following command in a terminal (press Alt+F2, type gnome-terminal and press enter):
On systems running Fedora, type:
Configure Squid by opening /etc/squid/squid.conf using your favorite text editor. In the configuration file, search for the following directives and modify (or add, if they don’t exist) as it follows:
http_port 3128 – The port Squid will listen for connections. If your system has two or more interfaces, you can specify which IP address to use. Eg: http_port 192.168.0.1:3128
http_access deny all – Search for it in the config file, uncomment it (remove the # in front), and replace deny with allow so it becomes http_access allow all.
Restart the Squid proxy with:
Now you should have a fully functional HTTP proxy. To try it out, open a browser, open its preferences dialog and go to proxy settings. Here, enter the IP address of the machine running Squid and the port set in squid.conf. Now load a webpage.
SETTING UP SQUID AUTHENTICATION AND WEB FILTERING
This section will allow you to set up a web site filter for kids. The first time an address is entered in the browser’s address bar, an authentication dialog will pop-up, prompting for a username and password. We will set-up two usernames, one with full and another with restricted access.
First, open the /etc/squid/squid.conf and add the following line in the auth_param section:
auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/passwd
Now create the user accounts using htpasswd (use -c only for the first user):
Create the ACLs by adding the following lines in the ACCESS CONTROLS (acl) sections in Squid.conf:
Create the whitelist by opening a text editor, adding allowed domains like this:
and save it as /etc/squid/whitelist.
Finally, search for http_access allow all in the Squid config file and modify it so it looks like this:
http_access deny all
This is how my Squid config sections look like:
Use deny all for squid with authentication and allow all for basic squid configuration.