Squid is a widely-used proxy cache for Linux and UNIX platforms. The chapter discusses its configuration, the settings required to get it running, how to configure the system to do transparent proxying, how to gather statistics about the cache's use with the help of programs like Calamaris and cachemgr, and how to filter web contents with squidGuard.
2. Proxy Server: Squid
Squid is a widely-used proxy cache for
Linux and UNIX platforms. The chapter
discusses its configuration, the settings
required to get it running, how to configure
the system to do transparent proxying,
how to gather statistics about the cache's
use with the help of programs like
Calamaris and cachemgr, and how to filter
web contents with squidGuard.
3. Squid as Proxy Cache
Squid acts as a proxy cache. It behaves like an
agent that receives requests from clients, in this
case web browsers, and passes them to the
specified server. When the requested objects
arrive at the agent, it stores a copy in a disk
cache.
The main advantage of this becomes obvious as
soon as different clients request the same
objects: these are served directly from the disk
cache, much faster than obtaining them from the
Internet. At the same time, this results in less
network traffic and thus saves bandwidth.
4. Squid covers a wide range of features,
including distributing the load over
intercommunicating hierarchies of proxy
servers, defining strict access control lists for
all clients accessing the proxy, and allowing
or denying access to specific web pages. It
also can also produce data about web usage
patterns, for example, statistics about the
most-visited web sites.
5.
Squid is not a generic proxy. It proxies
normally only HTTP connections. It does
also support the protocols FTP, Gopher,
SSL, and WAIS, but it does not support
other Internet protocols, such as Real
Audio, news, or video conferencing.
Because Squid only supports the UDP
protocol to provide communication
between different caches, many other
multimedia programs are not supported.
6. Getting Squid
Squid is available in several forms from
Squid's official website, various Squid
mirrors worldwide, and software
repositories of almost all the popular
operating systems. Squid is also shipped
with many Linux/Unix distributions.
7.
There are various versions and releases of Squid
available for download from Squid's official website. To
get the most out of a Squid installation its best to check
out the latest source code from a Version Control
System (VCS) so that we get the latest features and
fixes. But be warned, the latest source code from a VCS
is generally leading edge and may not be stable or may
not even work properly. Though code from a VCS is
good for learning or testing Squid's new features, you
are strongly advised not to use code from a VCS for
production deployments.
8. Time for action – identifying the
right version
A list of available versions of Squid is
maintained at http://www.squid-
cache.org/Versions/. For production
environments, we should use versions
listed under the Stable Versions section
only. If we want to test new Squid features
in our environment or if we intend to
provide feedback to the Squid community
about the new version, then we should be
using one of the Beta Versions.
9.
10. As we can see in the preceding screenshot,
the website contains the First Production
Release Date and Latest Release Date for
the stable versions. If we click on any of the
versions, we are directed to a page
containing a list of all the releases in that
particular version
11.
12. For every release, along with a release date, there are links
for downloading compressed source archives.
Different versions of Squid may have different features. For
example, all the features available in Squid version 2.7 may
or may not be available in newer versions such as Squid 3.x.
Some features may have been deprecated or have become
redundant over time and they are generally removed. On the
other hand, Squid 3.x may have several new features or
existing features in an improved and revised manner.
Therefore, we should always aim for the latest version, but
depending on the environment, we may go for stable or beta
version. Also, if we need specific features that are not
available in the latest version, we may choose from the
available releases in a different branch.
13. Methods of obtaining Squid
After identifying the version of Squid that we should be
using for compiling and installation, let's have a look at
the ways in which we can obtain Squid release 3.1.10.
Using source archives
Compressed source archives are the most popular way
of getting Squid. To download the source archive, please
visit Squid download page, http://www.squid-
cache.org/Download/. This web page has links for
downloading the different versions and releases of
Squid, either from the official website or available mirrors
worldwide. We can use either HTTP or FTP for getting
the Squid source archive.
14. Time for action – downloading
Squid
Let's go to the web page http://www.squid-
cache.org/Versions/.
Now we need to click on the link to Version 3.1, as
shown in the following screenshot:
15.
We'll be taken to a page displaying the various releases
in version 3.1. The link with the display text tar.gz in the
Download column is a link to the compressed source
archive for Squid release 3.1.10, as shown in the
following screenshot:
16.
To download Squid 3.1.10 using the web
browser, just click on the link.
Alternatively, we can use wget to
download the source archive from the
command line as follows:
wget
http://www.squid-cache.org/Versions/v3/3.1/squid-3.1.10.tar.gz
17. Installing Squid
Squid can be installed using the source
code we obtained in the previous section,
using a package manager which, in turn,
uses the binary package available for our
operating system. Let's have a detailed
look at the ways in which we can install
Squid.
18. Installing Squid from source
code
Installing Squid from source code is a
three step process:
Select the features and operating system-
specific settings.
Compile the source code to generate the
executables.
Place the generated executables and
other required files in their designated
locations for Squid to function properly.
19. Compiling Squid
Compiling Squid is a process of compiling
several files containing C/C++ source
code and generating executables.
Compiling Squid is really easy and can be
done in a few steps. For compiling Squid,
we need an ANSI C/C++ compliant
compiler. If we already have a GNU C/C++
Compiler (GNU Compiler Collection
(GCC) and g++, which are available on
almost every Linux/Unix-based operating
system by default), we are ready to begin
the actual compilation.
20. Why compile?
Compiling Squid is a bit of a painful task
compared to installing Squid from the
binary package. However, we recommend
compiling Squid from the source instead
of using pre-compiled binaries. Let's walk
through a few advantages of compiling
Squid from the source:
21.
While compiling we can enable extra features, which may not
be enabled in the pre-compiled binary package.
When compiling, we can also disable extra features that are
not needed for a particular environment. For example, we may
not need Authentication helpers or ICMP support.
configure probes the system for several features and enables
or disables them accordingly, while pre-compiled binary
packages will have the features detected for the system the
source was compiled on.
Using configure, we can specify an alternate location for
installing Squid. We can even install Squid without root or
super user privileges, which may not be possible with
pre-compiled binary package.