Understanding Proxies: Squid, Caching, and How They Work
Proxies, such as Squid, act as intermediaries for internet requests, enhancing security, speed, and efficiency. Learn about Squid as a caching proxy for HTTP, HTTPS, FTP, and more, how proxies store local copies to reduce bandwidth, and how to configure proxies in browsers. Explore the benefits of transparent proxying and understand the role of proxies in managing internet traffic.
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
E N D
Presentation Transcript
What is Squid? A caching proxy for HTTP, HTTPS (tunnel only) FTP Gopher WAIS (requires additional software) WHOIS (Squid version 2 only) Squid is a widely- used proxy cache for Linux and UNIX platforms. Supports transparent proxying Squid is not an origin server!
What is a proxy? A proxy or proxy server is basically another computer which serves as a hub through which internet requests are processed. By connecting through one of the server, your computer sends your requests to the proxy server which then processes your request and returns what you were wanting. In this way it serves as an intermediary between your home machine and the rest of the computers on the internet. Proxies are used for a number of reasons such as to filter web content, to go around restrictions such as parental blocks, to screen downloads and uploads and to provide anonymity when surfing the internet.
What is a caching proxy? Stores a local copy of objects fetched Subsequent accesses by other users in the organization are served from the local cache, rather than the origin server Reduces network bandwidth Users experience faster web access
How proxies work (configuration) User configures web browser to use instead connecting directly to origin servers Manual configuration for older PC based browsers, and many UNIX browsers (e.g., Lynx) Proxy auto-configuration file for Netscape 2.x+ or Internet Explorer 4.x+ Far more flexible caching policy Simplifies user configuration, help desk support, etc. proxy of
Setup Proxy In Browser Select the Tools Menu Select Options Select Connection Settings Select Manual Proxy Configuration Check Use the same proxy for all protocols Enter the IP address for the HTTP proxy server Enter the port of the HTTP proxy server Click Okay
How proxies work (user request) User requests a page: http://uniforum.chi.il.us/ Browser forwards request to proxy Proxy optionally verifies user s identity and checks policy for right to access uniforum.chi.il.us Assuming right is granted, fetches page and returns it to user
Transparent proxying Pros Router forwards all traffic to port 80 to proxy machine using a route policy Requires no explicit proxy configuration in the user s browser
Squid hardware requirements UNIX operating system (Windows NT is not currently supported, nor has anyone announced work on a port) Disk 128M RAM minimum recommended (scales by user count and size of disk cache) 512M to 1G for small user counts 16G to 24G for large user counts Squid 2.x is optimized for JBOD, not RAID
squid.conf ACL example http_access deny manager !localhost !managerhost http_access deny CONNECT !SSL_ports http_access deny HTTP !www_ports!Safe_ports http_access deny FTP !ftp_ports !Safe_ports http_access deny GOPHER !gopher_ports !Safe_ports http_access deny WAIS !wais_ports !Safe_ports http_access deny WHOIS !whois_ports !Safe_ports http_access allow localhost http_access allow cawtech http_access allow cawtech-internal http_access deny all
Sample proxy auto-configuration File we Edit for Sqid /etc/squid/squid.conf acl mysurfers srcdomain .facebook.com acl teachers src 192.168.1.0/255.255.255.0 acl students src 192.168.7.0-192.168.9.0/255.255.255.0 acl lunch time MTWHF 12:00-15:00 http_access deny localhost http_access allow teachers http_access allow students lunch time http_access deny all visible_hostname machine-name http_port 3128 cache_dir ufs /var/spool/squid 1000 16 256 cache_access_log /var/log/squid/access.log
Advantages of Squid Organize your proxy users into groups and assign different strictness of content filtering to them ensuring maximum protectionwithout losing flexibility. Users can be put into groups based on their IP address range, subnets or user name. Each group gets its own filtering exceptions and blocking rules. Any domain, web site, URL, IP address, address range or subnet may be excluded from web filtering settings of any group.
Advantages of Squid Stop annoying advertisements and banners on any web site using various free community powered filter subscriptions without the need to install additional browser plugins. Easily customize the application to never block ads on the sites you are interested in. Perform a one click setup of regular updates of advert subscriptions.