SquidNT proxy

Proxy Server
____________
What is a Proxy Server?
Proxy servers do a number of different things, but the basic term proxy means to do something for somebody else, usually in an authorized capacity. There are in fact two types of

proxy servers, a forward proxy and a reverse proxy. A forward proxy is used to support Internet access for a number of clients through a single server for security, caching, or

filtering. A reverse proxy is used to redirect requests for a Web site to a number of servers for a client.

•    Security — Because the proxy server can redirect requests, we can use it as a gateway to the Internet. Because it can be a single machine, it can act as an authenticated

gateway through firewalls, while still preventing direct Internet access to clients.
•    Caching — If one machine (the proxy server) is being used to access the Internet, it can also act as a cache, storing frequently used and accessed sites, graphics, and

other elements. Even in a relatively modest installation, the use of a caching server can significantly improve the performance of an entire enterprise’s Web access. It can also

help lower bandwidth requirements, enabling organizations to squeeze more performance out of an Internet connection.
•    Filtering — Because all requests for Web pages go through the proxy server, the proxy server can make decisions about which sites and information clients can view or

access. A proxy server can simply block adverts and pop-ups (providing you can easily identify the site or URL) or entire sites.
Architecturally, the proxy server sits on the network, and may be the same machine that provides the Internet connection and firewall/filtering service. Figure 1 illustrates a

basic network diagram for this.

    Internet——Proxy server—————Clients

Squid proxy installations under windows
_______________________________________

#Download http://squid.acmeconsulting.it/
# Extract the binary archive in the desired directory (default c:\squid)
# Copy squid.conf.default as squid.conf and mime.conf.default as mime.conf
# Edit the squid.conf and change if needed the c:/squid path (use path with ‘/’ char, NOT ‘\’)
# Manually create ALL the directories specified in squid.conf, except the contents of the cache directory

Note:Starting with PRE9 revision, squid.exe was moved from bin to sbin directory.
Please remove and reinstall SquidNT service to reflect the changes.

What to be Edit in Squid.conf
______________________________
# DNS Configuration

# TAG: dns_nameservers
# Use this if you want to specify
# a list of DNS name servers (IP addresses)
# to use instead of those given in your
# /etc/resolv.conf file.
#
# Example: dns_nameservers 10.0.0.1 192.172.0.4
#
#Default:
# none
dns_nameservers 10.1.24.10

# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS

# Example rule allowing access from your local networks.
# Adapt to list your (internal) IP networks from
# where browsing should be allowed
acl my_networks src 10.1.0/24
http_access allow my_networks
http_access allow manager localhost
http_access deny manager

Create the Squid cache directories for improve browser performance by caching websites locally reducing the need to download each item on the webpage .

C:\squid\sbin>squid -z

Setup SquidNT as a service
__________________________
Run this command from command prompt: c:\squid\sbin\squid -i

You can start/stop/restart the service called Squid from: Control Panel > Administrative Tools > Services

User Authentication on AD domain
_______________________________________

#auth_param basic casesensitive off”.
auth_param ntlm program c:/squid/libexec/mswin_ntlm_auth.exe
auth_param ntlm children 5

acl my_networks proxy_auth REQUIRED src 10.0.0.1/255

Blocking Websites
_________________
acl facebook url_regex facebook.com
acl myspace url_regex myspace.com

acl CONNECT method CONNECT
acl facebook url_regex facebook.com
acl myspace url_regex myspace.com
acl localnet proxy_auth REQUIRED src 10.0.0.1/255

Browser configuraions(client side)
__________________________________
Firefox

Tools > Options > Advanced > Network tab > Settings.

Click on “Manual proxy configuration” and enter the IP of the machine which SquidNT was installed. For the port use 3128 (the squid default).

Internet Explorer

Tools > Internet Options > Connections tab > LAN Settings

Under the proxy server section click the “Use a proxy server for your LAN” box. For the server use the IP of the machine SquidNT was installed on and use port 3128 (the default for Squid).

Squid commands
______________
# squid -i [-f configfile] [-n servicename] (installs the servicename Squid service using the configfile configuration file, default configfile is “c:/squid/etc/squid.conf”,default servicename is “SquidNT”)
# squid -z [-f configfile] (creates the cache directories)
# squid -O servicecommandline [-n servicename] (Set in Windows Registry the Squid servicename service command line)

Try another proxy(ccproxy) from http://www.youngzsoft.net

Advertisements

Posted on June 9, 2011, in General, Uncategorized, Web, Windows. Bookmark the permalink. Leave a comment.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: