PacktLib: Squid Proxy Server 3.1: Beginner's Guide

Squid Proxy Server 3.1 Beginner's Guide

Credits

About the Author

About the Reviewers

www.PacktPub.com

Preface

Getting Started with Squid

Proxy server

Reverse proxy

Getting Squid

Time for action – identifying the right version

Time for action – downloading Squid

Time for action – using Bazaar to obtain source code

Installing Squid

Time for action – running the configure command

Time for action – compiling the source

Time for action – installing Squid

Time for action – exploring Squid files

Summary

Configuring Squid

Quick start

Syntax of the configuration file

HTTP port

Time for action – setting the HTTP port

Access control lists

Time for action – constructing simple ACLs

Controlling access to the proxy server

Time for action – combining ACLs and HTTP access

Cache peers or neighbors

Time for action – adding a cache peer

Caching web documents

Time for action – specifying space for memory caching

Time for action – creating a cache directory

Time for action – adding a cache directory

Tuning Squid for enhanced caching

Time for action – preventing the caching of local content

Time for action – calculating the freshness of cached objects

Playing around with HTTP headers

DNS server configuration

Time for action – adding DNS name servers

Logging

URL rewriters and redirectors

Other configuration directives

Summary

Running Squid

Command line options

Time for action – listing the options

Time for action – finding out the Squid version

Time for action – creating cache directories

Time for action – debugging output in the console

Time for action – testing our configuration file

Automatically starting Squid at system startup

Time for action – adding the init script

Summary

Getting Started with Squid's Powerful ACLs and Access Rules

Access control lists

Time for action – constructing ACL lists using IP addresses

Time for action – using a range of IP addresses to build ACL lists

Time for action – constructing ACL lists using domain names

Time for action – building ACL lists using destination ports

Time for action – using a request protocol to construct access rules

Time for action – enforcing proxy authentication

Access list rules

Time for action – denying miss_access to neighbors

Mixing ACL lists and rules – example scenarios

Time for action – avoiding caching of local content

Time for action – blocking video content

Time for action – writing rules for special access

Testing access control with squidclient

Time for action – testing our access control example with squidclient

Time for action – testing a complex access control

Summary

Understanding Log Files and Log Formats

Log messages

Cache log or debug log

Time for action – understanding the cache log

Access log

Time for action – understanding the access log messages

Time for action – analyzing a syntax to specify access log

Time for action – learning log format and format codes

Time for action – customizing the access log with a new log format

Selective logging of requests

Time for action – using access_log to control logging of requests

Referer log

Time for action – enabling the referer log

Time for action – translating the referer logs to a human-readable format

User agent log

Time for action – enabling user agent logging

Emulating HTTP server-like logs

Time for action – enabling HTTP server log emulation

Log file rotation

Other log related features

Summary

Managing Squid and Monitoring Traffic

Cache manager

Time for action – installing Apache Web server

Time for action – configuring Apache to use cachemgr.cgi

Log file analyzers

Time for action – installing Calamaris

Time for action – generating stats in plain text format

Time for action – generating graphical reports with Calamaris

Summary

Protecting your Squid Proxy Server with Authentication

HTTP authentication

Basic authentication

Time for action – exploring Basic authentication

Time for action – configuring NCSA authentication

Time for action – configuring PAM service

Time for action – configuring MSNT authentication

Time for action – configuring Squid to use SASL authentication

Time for action – configuring RADIUS authentication

Digest authentication

Time for action – configuring Digest authentication

Microsoft NTLM authentication

Negotiate authentication

Time for action – configuring Negotiate authentication

Using multiple authentication schemes

Writing a custom authentication helper

Time for action – writing a helper program

Making non-concurrent helpers concurrent

Common issues with authentication

Summary

Building a Hierarchy of Squid Caches

Cache hierarchies

Reasons to use hierarchical caching

Problems with hierarchical caching

Joining a cache hierarchy

Time for action – joining a cache hierarchy

Controlling communication with peers

Time for action – configuring Squid for domain-based forwarding

Time for action – forwarding requests to cache peers using ACLs

Time for action – configuring Squid to switch peer relationship

Peer communication protocols

Summary

Squid in Reverse Proxy Mode

What is reverse proxy mode?

Configuring Squid as a server surrogate

HTTP port

HTTPS port

Time for action – adding backend web servers

Logging messages in web server log format

Time for action – configuring Squid to ignore the browser reloads

Access controls in reverse proxy mode

Summary

Squid in Intercept Mode

Interception caching

Time for action – understanding interception caching

Advantages of interception caching

Problems with interception caching

Diverting HTTP traffic to Squid

Time for action – enabling IP forwarding

Time for action – redirecting HTTP traffic to Squid

Summary

Writing URL Redirectors and Rewriters

URL redirectors and rewriters

Squid, URL redirectors, and rewriters

Time for action – exploring the message flow between Squid and redirectors

Time for action – writing a simple URL redirector program

Writing our own URL redirector program

Time for action – writing our own template for a URL redirector

Configuring Squid

A special URL redirector – deny_info

Popular URL redirectors

Summary

Troubleshooting Squid

Some common issues

Time for action – changing the ownership of log files

Time for action – fixing cache directory permissions

Time for action – creating swap directories

Time for action – finding the program listening on a specific port

Debugging problems

Time for action – debugging HTTP requests

Time for action – debugging access control

Summary

Pop Quiz Answers

Pop Quiz Answers

Pop Quiz Answers

Pop Quiz Answers

Pop Quiz Answers

Pop Quiz Answers

Pop Quiz Answers

Pop Quiz Answers

Pop Quiz Answers

Pop Quiz Answers

Pop Quiz Answers

Pop Quiz Answers

Pop Quiz Answers

Index