How to install and configure squid proxy server on Fedora 34
To Install Squid Proxy server on Fedora 34
Introduction
Proxy servers are systems that translate traffic between networks or protocols. The server serves as an intermediary between end-users and the destinations they browse. Proxy servers offer varying levels of functionality, security, and privacy based on your needs, use cases, or company policies.
Step 1: check the OS version:
[root@linuxhelp ~]# cat /etc/os-release
NAME=Fedora
VERSION="34 (Workstation Edition)"
ID=fedora
VERSION_ID=34
VERSION_CODENAME=""
PLATFORM_ID="platform:f34"
PRETTY_NAME="Fedora 34 (Workstation Edition)"
ANSI_COLOR="0;38;2;60;110;180"
LOGO=fedora-logo-icon
CPE_NAME="cpe:/o:fedoraproject:fedora:34"
HOME_URL="https://fedoraproject.org/"
DOCUMENTATION_URL="https://docs.fedoraproject.org/en-US/fedora/34/system-administrators-guide/"
SUPPORT_URL="https://fedoraproject.org/wiki/Communicating_and_getting_help"
BUG_REPORT_URL="https://bugzilla.redhat.com/"
REDHAT_BUGZILLA_PRODUCT="Fedora"
REDHAT_BUGZILLA_PRODUCT_VERSION=34
Step 2: Install squid proxy server
[root@linuxhelp ~]# dnf install squid
Fedora 34 openh264 (From Cisco) - x86_64 673 B/s | 2.5 kB 00:03
Fedora Modular 34 - x86_64 665 kB/s | 4.9 MB 00:07
Fedora Modular 34 - x86_64 - Updates 675 kB/s | 4.2 MB 00:06
Fedora 34 - x86_64 - Updates 3.9 MB/s | 28 MB 00:07
Fedora 34 - x86_64 7.0 MB/s | 74 MB 00:10
perl-English noarch 1.11-477.fc34 updates 24 k
perl-Math-BigInt noarch 1:1.9998.18-458.fc34 fedora 190 k
perl-Math-Complex noarch 1.59-477.fc34 updates 57 k
Installed size: 14 M
Is this ok [y/N]: y
Downloading Packages:
(1/7): perl-English-1.11-477.fc34.noarch.rpm 71 kB/s | 24 kB 00:00
(2/7): perl-Math-Complex-1.59-477.fc34.noarch.rpm 129 kB/s | 57 kB 00:00
(3/7): squid-5.2-1.fc34.x86_64.rpm 2.7 MB/s | 3.6 MB 00:01
(4/7): libecap-1.0.1-8.fc34.x86_64.rpm 17 kB/s | 25 kB 00:01
Installed:
libecap-1.0.1-8.fc34.x86_64 perl-DBI-1.643-7.fc34.x86_64 perl-Digest-SHA-1:6.02-459.fc34.x86_64 perl-English-1.11-477.fc34.noarch
perl-Math-BigInt-1:1.9998.18-458.fc34.noarch perl-Math-Complex-1.59-477.fc34.noarch squid-7:5.2-1.fc34.x86_64
Complete!
Step 3: Start the squid service
[root@linuxhelp ~]# systemctl start squid
Step 4: Enable squid service
[root@linuxhelp ~]# systemctl enable squid
Created symlink /etc/systemd/system/multi-user.target.wants/squid.service → /usr/lib/systemd/system/squid.service.
Step 5: Check squid server status
[root@linuxhelp ~]# systemctl status squid
● squid.service - Squid caching proxy
Loaded: loaded (/usr/lib/systemd/system/squid.service; enabled; vendor preset: disabled)
Active: active (running) since Wed 2021-10-27 11:03:53 EDT; 28s ago
Docs: man:squid(8)
Main PID: 4045 (squid)
Tasks: 3 (limit: 2261)
Memory: 21.8M
CPU: 105ms
CGroup: /system.slice/squid.service
Step 6: Open squid server configuration file
[root@linuxhelp ~]# vi /etc/squid/squid.conf
#acl localnet src 0.0.0.1-0.255.255.255 # RFC 1122 "this" network (LAN)
#acl localnet src 10.0.0.0/8 # RFC 1918 local private network (LAN)
#acl localnet src 100.64.0.0/10 # RFC 6598 shared address space (CGN)
#acl localnet src 169.254.0.0/16 # RFC 3927 link-local (directly plugged) machines
#acl localnet src 172.16.0.0/12 # RFC 1918 local private network (LAN)
#acl localnet src 192.168.0.0/16 # RFC 1918 local private network (LAN)
#acl localnet src fc00::/7 # RFC 4193 local private network range
#acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines
#INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
acl localnet src 192.168.6.0/24
acl badsite url_regex "/etc/squid/badsite"
http_access deny localnet badsite
http_access allow localnet
#And finally deny all other access to this proxy
http_access allow all
#Squid normally listens to port 3128
http_port 3128
step 7: Open this badsite file and adding the blocking domains.
[root@linuxhelp ~]# vi /etc/squid/badsite
facebook.com
flipkart.com
amazon.in
step 8: Start firewall service
[root@linuxhelp ~]# firewall-cmd --permanent --add-port=3128/tcp
Warning: ALREADY_ENABLED: 3128:tcp
Success
Step 9: Reload the firewall service
[root@linuxhelp ~]# firewall-cmd --reload
Success
Step 10: Restart squid proxy service
[root@linuxhelp ~]# systemctl restart squid
Step 11: Go to the proxy setting and enter IP and Port Number
Step 12: Then go to the browser to check the domain which you have given in badsite fiels to block,you can browse that website name here
Step 13: now you can check the YouTube site which is not blocked by our server, its working and getting access to internet
With this configuration of Squid proxy server on fedora 34 comes to an End
Q
How to check the running status of the Squid server?
A
To check the running status of Squid server using command "systemctl status squid"
Q
Does Squid proxy speed up the Internet?
A
You can improve your available bandwidth by installing Squid caching proxy server on your network with configuration parameters that will increase your byte hit rate, giving you about 30-60% more bandwidth.
Squid can be fine-tuned to satisfy a host of needs.
Squid can be fine-tuned to satisfy a host of needs.
Q
What are protocols supported by the Squid proxy server?
A
Squid is not a generic proxy. It normally proxies only HTTP connections. It supports the protocols FTP, Gopher, SSL, and WAIS,
but it does not support other Internet protocols, such as the news protocol, or video conferencing protocols.
but it does not support other Internet protocols, such as the news protocol, or video conferencing protocols.
Q
What is the Squid proxy port?
A
This is the port on which Squid listens for client requests. The default port is 3128, but 8080 is also common
Q
What is a Squid proxy server?
A
Squid is a Unix-based proxy server that can do both caching and proxying. It can cache any web content to the user or requestor that is from a closer data storage point