Xenion Pty Ltd - Australian VPS, Managed and Co-lo Hosting

Squid Configuration Example: Basic Forward Proxy

Last Modified: 30-Dec-2007; 13:54 WST; adrian

A basic overview to configure Squid as a forward proxy.

Background

Squid is a very powerful HTTP proxy/cache but it suffers from a lack of graphical management tools and a confusing (and large!) configuration file. This document will outline how to configure Squid as a basic local forward proxy cache for a home or small office.

Preparation

1. Compile or install Squid. This document covers installing Squid-2.6 or Squid-3.0.

Configure Squid

Trimming the Configuration File

The default Squid configuration file is .. large. The first thing you should do is trim the configuration file down and use the larger squid.conf.default file as a reference.

To do this, under UNIX:

# cat squid.conf.default | grep -v ^# | grep -v ^$ > squid.conf.new

Check that squid.conf.new looks correct, then copy squid.conf.new to squid.conf.

# mv squid.conf.new squid.conf

This will drop the squid configuration file down to a handful of lines.

Test Squid

Housekeeping

1. Set logfile_rotate in squid.conf to the number of Squid logs to keep. Each "squid -k rotate" will rotate each log file once. For example, if you configure Squid to rotate the logfiles daily, then this will keep the logs for 7 days:
```
      logfile_rotate 7
    
```
2. Make sure you congfigure squid to rotate its logs once an hour. A squid package should have done this for you; contact the package maintainer if you have any questions. Else, simply add in the following line in the relevant user crontab:
```
  0 * * * * /path/to/squid -k reconfigure
  
```
If you run squid as root (and then use the cache_effective_user configuration parameter to run Squid as a different user) then use crontab -u root -e to edit the root crontab. If you have a "squid" user, for example, then as root run crontab -u squid -e.

Xenion

Communications