How to configure squid 3.1.x in redhat6

Posted by Md. Mahidul Hasan on 4:30 AM with No comments
 How to configure squid 3.1.x in redhat6

Preparing the server:
[root@app1 ~]# vim /etc/hosts
192.168.1.5     gw1.progoti.com         gw1
127.0.0.1       localhost.localdomain   localhost

[root@app1 ~]# vim /etc/sysconfig/network
HOSTNAME=gw1.progoti.com



[root@app1 ~]# vim /etc/squid/squid.conf
visible_hostname gw1.progoti.com
#
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl ournet src 192.168.1.0/24

http_access allow localhost
http_access allow ournet

# Squid normally listens to port 3128. For transparent proxy add intercept. In previous version we have user transparent option
http_port 3128 intercept


Setting up firewall:
Please change your local network from the script-
[root@app1 ~]# vim /root/iptables.sh
#!/bin/sh
### Firewall by Md. Mahidul Hasan ###

# Loading required stateful/NAT kernel modules
modprobe ip_conntrack
modprobe ip_nat_ftp
modprobe ip_conntrack_ftp
modprobe iptable_nat

# Flash the firewall and accept the chains.
iptables -F
iptables -t nat -F
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT

# Enable port forwarding.
echo "1" > /proc/sys/net/ipv4/ip_forward

# Assigning our local network
our_network="192.168.1.0/24"

# Enable NAT. Remember -o output interface port should be the WAN interface port.
#iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -t nat -A POSTROUTING -s "$our_network" -o eth0 -j SNAT --to-source 114.130.44.43

# Redirect http to SQUID.
iptables -t nat -A PREROUTING -p TCP -s 192.168.1.0/24 --dport 80 -j REDIRECT --to-port 3128
iptables -t nat -A PREROUTING -p TCP --dport 3128 -j REDIRECT --to-port 3128

# Allowed services
iptables -A FORWARD -s "$our_network" -p TCP --dport 53 -j ACCEPT             #Allow DNS
iptables -A FORWARD -s "$our_network" -p UDP --dport 53 -j ACCEPT             #Allow DNS
iptables -A FORWARD -s "$our_network" -p TCP --dport 80 -j ACCEPT             #Allow HTTP
iptables -A FORWARD -s "$our_network" -p UDP --dport 80 -j ACCEPT             #Allow HTTP
iptables -A FORWARD -s "$our_network" -p TCP --dport 443 -j ACCEPT            #Allow HTTPS
iptables -A FORWARD -s "$our_network" -p UDP --dport 443 -j ACCEPT            #Allow HTTPS
iptables -A FORWARD -s "$our_network" -p TCP --dport 3128 -j ACCEPT           #Allow SQUID
iptables -A FORWARD -s "$our_network" -p UDP --dport 3128 -j ACCEPT           #Allow SQUID

# Save and restart services
Service squid restart
service iptables save
service iptables restart
chkconfig iptables on

[root@app1 ~]# chmod 755 /root/iptables.sh
[root@app1 ~]# sh /root/iptables.sh