Scribd
Upload
43 views6 pages

Configuring a Proxy Server with SQUID

The document discusses the use of proxy servers for filtering and caching in networks. The steps include installing Squid as a proxy server on Debian, configuring the IP and port, creating a list of blocked sites and keywords, and redirecting HTTP traffic to the proxy port. The goal is to provide safer and more efficient internet access for network users.

Uploaded by

ScribdTranslations
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
43 views6 pages

Configuring a Proxy Server with SQUID

The document discusses the use of proxy servers for filtering and caching in networks. The steps include installing Squid as a proxy server on Debian, configuring the IP and port, creating a list of blocked sites and keywords, and redirecting HTTP traffic to the proxy port. The goal is to provide safer and more efficient internet access for network users.

Uploaded by

ScribdTranslations
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

State Vocational High School 5 Padang Sheet Jobsheet 6

Major: Computer and Network Engineering Subject: Server Administration in Networks


Time: 4x45 Minutes Title Proxy Server
Code : Guru Wici Aan Savitri, [Link]

A. PURPOSE OF THE PRACTICUM

Students are able to explain the concept, function, and operation of a proxy server, as well as be able to

installing and configuring a proxy server for filtering and caching needs.

B. EQUIPMENT AND MATERIALS

Personal Computer
2. CD Installer Linux Debian
3. Internet Connection

C. BRIEF THEORY
A Proxy Server is a program that receives requests from clients, such as
web browser or ftp client, and then forwarding the request to the server
the targeted internet. One of the programs that is quite powerful in tackling issues
limitations of access speed and data security used to handle
The need for the internet is SQUID. For a network administrator, it is
the main task is to manage data traffic within a network both from inside and outside
out of the network. Squid is the best choice for building a proxy server because
besides being reliable, it is also free and supports ICP features. Through a proxy server, it seems as if

the client feels like interacting directly with the targeted internet server.
In fact, before the data or request is sent to the destination, the data is
first directed to the proxy server, then the proxy server will forward to
the targeted server, which is the internet.

ADVANTAGES OF USING A PROXY SERVER


The advantages of an Operating System that uses a proxy are the data requested from
the client will be directed to the proxy server and then continued to the internet server. At the time
Data from the server arrives, and that data will be directed by the internet server to the proxy server.

then the proxy server forwards the data to the client that requested it.
In addition to providing data to clients, the proxy server also stores a copy of that data.
as a web cache on the hard disk. If there is another user requesting the same data, then
the server proxy will retrieve the data from its hard drive without having to
connection to the internet server that provides the data. If the same request
done by the user repeatedly will certainly affect internet access speed overall
significant.

FUNCTION OF PROXY AS CACHING


By storing frequently accessed web pages on a local server, the proxy can
removing excessive Internet access to reclaim the page that
it happens repeatedly. So, the proxy was initially very effective for web caching. However,
The internet is now fast, web pages are dynamic, and user interests are
in one organization consists only of hundreds of web pages. These factors
causing proxy caching to become ineffective, except in very
large or ISP.

HOW PROXY WORKS


The proxy works by responding to requests from the internal client and sending requests.

to the external network as if the proxy server itself is the client.


When the proxy server receives a response from the public server, it provides a response.
that to the original client as if it is a public server.

PROXY SECURITY LEVEL


A proxy server has the ability to hide all users behind one.
machine, can filter URLs, and can remove suspicious content or
illegal. So even though it was initially created as a non-security cache, the main purpose of the proxy

The server is now functioning as firewalling. The proxy server updates service requests on
external network on behalf of the client that exists on the private network. This is automatic.
hiding the identity and number of clients on the internal network from the network
external. Because the proxy position is between the internal client and the public server, the proxy

can also store content that is frequently accessed from the public network to reduce
access to the public network. Most implementations of proxy security include
packet filtering and Network Address Translation to build a firewall
whole.
PROXY ISSUES AFFECTING PERFORMANCE
The proxy server has one drawback regarding performance, which is the proxy server
creating a bottleneck. Like a firewall or router, a single proxy server connection to the Internet

Can create a bottleneck if not upgraded when the number of network users increases.
Although the proxy initially improves performance through caching mechanisms, it will ...
This will not be effective if it is not supported by good machine specifications.

D. WORK STEPS
Prepare the necessary tools and materials, namely a Personal Computer, CD Installer.
Linux Debian 5.0 ata 6.0 or other versions, network devices such as routers and
Switch and cables according to needs, as well as the source of connection to the internet.
1. Build a network like the following image:

[Link]

[Link]/24

Eth0: [Link]/24

Proxy
Server

Net A: [Link]/24 Eth1: [Link]/24

A B
2. Ensure the PC that will be used as a Proxy server has Debian OS installed.
Server.
3. Configure the IP Address as needed on both the Proxy Server and the host/client.
4. The next step is the installation of application packages for the Proxy Server, on
In this practicum, we are using SQUID (Berkeley Internet Name Domain version 9).
Here is how to install the Bind9 package:

5. The next step is to perform the configuration process.

In the nano editor window, a collection of squid configuration scripts will appear, in
In this internship, we will configure only the main and important parts.

To find the part that will be configured, use the available search facility.
in the nano editor by pressing CTRL + W.
In the following script section, edit and remove the '#' sign so that the script lines
become Enabled.
#. . .
http_port 3128 transparent #add "transparent"
cache_mem 16 MB about ¼ of 64 memory
cache_mgr admin@[Link]
[Link]
#. . .
Find the acl CONNECT statement, and add the following script directly below it.
#. . .
acl url dstdomain "/etc/squid/url" #blocked domain
acl key url_regex -i "/etc/squid/key" #blocked words
http_access deny url
http_access deny key
acl lan src [Link]/24 #local ip
http_access allow lan
http_access allow all
#. . .

Find the line http_access deny all, and add a sign in the [Link] file.
"#" on both lines.

Save by pressing CTRL + X then Y and ENTER.


6. Create a file for the list of sites and words that will be blocked.
debian:~# cd /etc/squid/

debian:/etc/squid# nano url


[Link]
[Link]
[Link]
debian:/etc/squid# nano key
porn
sex
nude

7. Conduct testing to determine whether the configuration process is correct or still incorrect.

debian:/etc/squid# squid –z
2013/11/08 [Link]| Squid is already running! Process ID 2314

8. Add some configuration to IP Tables to redirect port 80 (http) to the port


3128 (proxy)
debian:~# iptables -t nat -A PREROUTING -s [Link]/24 -p tcp --dport 80 -j
REDIRECT --to-port 3128
debian:~# iptables-save > /etc/iptables

E. CONCLUSION
Make a conclusion from the results of the practice conducted.

You might also like