Thursday, 11 August 2011

Installing Squid on FreeBSD

1) cd /usr/ports/www/squid
2) make install
3) <<Accept the defaults>>

     o You can find the configuration files for this package in the
       directory /usr/local/etc/squid.

     o The default cache directory is /var/squid/cache.
       The default log directory is /var/squid/logs.

       You must initialize new cache directories before you can start
       squid.  Do this by running "squid -z" as 'root' or 'squid'.
       If your cache directories are already initialized (e.g. after an
       upgrade of squid) you do not need to initialize them again.

     o The default configuration will deny everyone but local networks
       as defined in RFC 1918 access to the proxy service.
       Edit the "http_access allow/deny" directives in
       /usr/local/etc/squid/squid.conf to suit your needs.

     To enable Squid, set squid_enable=yes in either
     /etc/rc.conf, /etc/rc.conf.local or /etc/rc.conf.d/squid
     Please see /usr/local/etc/rc.d/squid for further details.

     If you just updated your Squid installation from 2.6 or earlier,
     make sure to check your Squid configuration against the 2.7 default
     configuration file /usr/local/etc/squid/squid.conf.default.

     Additionally, you should check your configuration by calling
     'squid -f /path/to/squid.conf -k parse' before starting Squid.
      This port has installed the following files which may act as network
      servers and may therefore pose a remote security risk to the system.

      This port has installed the following startup scripts which may cause
      these network services to be started at boot time.

      If there are vulnerabilities in these programs there may be a security
      risk to the system. FreeBSD makes no guarantee about the security of
      ports included in the Ports Collection. Please type 'make deinstall'
      to deinstall the port if this is a concern.

      For more information, and contact details about the security
      status of this software, see the following webpage:

4) /usr/local/etc/rc.d/squid onestart (just for testing)
5)  Check which ports its listening on
sockstat |more
squid    squid      66128 3  dgram  -> /var/run/log
squid    squid      66128 6  udp4   *:48072               *:*
squid    squid      66128 12 tcp4   *:3128                *:*
squid    squid      66128 13 udp4   *:3130                *:*
squid    squid      66126 3  dgram  -> /var/run/log
agarg    ssh-agent  47049 3  stream /tmp/ssh-NaHhONUHyq/agent.47048
agarg    sshd       47044 3  tcp4
agarg    sshd       47044 4  stream -> ??
root     sshd       47041 3  tcp4
root     sshd       47041 5  stream -> ??

Testing using Telnet

Direct Connection
telnet 80
GET / HTTP/1.1

Squid Connection

telnet proxy.domain.tld 3128
GET HTTP/<enter>

No comments:

Post a Comment