SQUID Proxy Server setup in Ubuntu Server 13.04 with Mikrotik
SQUID Proxy Server setup in Ubuntu Server 13.04
First we’ll setup squid in ubuntu server 13.04. It is completely a basic setup without any custom mods.
In this scenario I’ll be using two HDDs.
- One will be used for OS – 20 GB.
- Second one will be used for Caching purposes – 40 GB.
Steps:
Firstly we are going to create and initialise our second HDD partition for cache storage.
1. sudo fdisk -l
The above command will report something like:
/dev/sda1 * 1 18709 150280011 83 Linux
/dev/sda2 18710 19457 6008310 5 Extended
/dev/sda5 18710 19457 6008278+ 82 Linux swap / Solaris
/dev/sda2 18710 19457 6008310 5 Extended
/dev/sda5 18710 19457 6008278+ 82 Linux swap / Solaris
But will include a listing for your new drive. If you only see listings for /dev/sda* then your new drive has not been recognized and there is a problem with the physical installation.
2. Once you know where your drive is located (again we’ll use /dev/sdb for our example) it’s time to create a new directory where this drive will be mounted. We are mounting our drive to the directory /data so we’ll create this directory with the following command:
sudo mkdir /data
3. Now let’s make it available to all users:
sudo chmod -R 777 /data
4. With a place to mount the drive, it’s time to format the new drive. The formatting will be done with the command:
sudo mkfs.ext3 /dev/sdb
5. When this is complete you are ready to mount the drive. Before you edit fstab entry (so the drive will be automatically mounted) make sure it can be successfully mounted with the command:
sudo mount /dev/sdb /data
6.If this is successful let’s create an entry in /etc/fstab. open that file with the command
sudo nano /etc/fstab
7. Now add the following entry at the end of that file:
/dev/sdb /data ext3 defaults 0 0
8.Once you save that file, mount the drive (without having to reboot) with the command:
sudo mount -a
9. To make sure the drive mounted successfully issue the command:
df
The above should include in the report:
/dev/sdb /data
10. If that’s the case, success! You can run one file test by trying to write a file to the new drive with the command:
touch /data/test
If you can write that file all is well.
11. Create a directory for storing cache files.
mkdir /data/cache
12 Now let’s make it available to all users:
chmod -R 777 /data/cache
Now, Squid and network setup for ubuntu server 13.04:
1. Ubuntu Server 13.04 Network Configuration :
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
| # This file describes the network interfaces available on your system# and how to activate them. For more information, see interfaces(5).# The loopback network interfaceauto loiface lo inet loopback# The primary network interfaceauto eth0iface eth0 inet static address 192.168.0.50 netmask 255.255.255.0 network 192.168.0.0 broadcast 192.168.0.255 gateway 192.168.0.1 dns-nameservers 8.8.8.8auto eth1iface eth1 inet staticaddress 192.168.50.50netmask 255.255.255.0 |
Here,
eth0 = WAN Interface
eth1 = LAN Interface
eth0 = WAN Interface
eth1 = LAN Interface
2. apt-get install squid
3. nano /etc/squid3/squid.conf
4. Uncomment :
1
2
| acl localnet src 192.168.0.0/16http_access localnet |
Change :
1
2
3
| http_port 8080 transparentvisible_hostname proxy.domain.netcache_dir ufs /data/cache 800 16 256 |
5. Save and Exit (Ctrl+O -> Y)
6. nano /etc/rc.local
Add these before exit
1
2
| iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j DNAT --to 192.168.50.50:8080route add -net 192.168.100.0 netmask 255.255.255.0 gw 192.168.50.254 dev eth1 |
where
eth1=LAN Interface
192.168.50.50 = IP of Squid Proxy Server LAN interface (eth1)
192.168.100.0/24 = Network for LAN users
192.168.50.254 = IP Mikrotik Proxy Interface IP (Squid)
192.168.50.50 = IP of Squid Proxy Server LAN interface (eth1)
192.168.100.0/24 = Network for LAN users
192.168.50.254 = IP Mikrotik Proxy Interface IP (Squid)
The last line is added so that squid box can access LAN users IP and transfer cached contents to them.
7. Initialise directories.
squid3 -z
8. Execute the following:
/etc/rc.local
9. service squid3 restart
Mikrotik Setup:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
| [admin@MikroTik] > export# aug/23/2013 11:06:54 by RouterOS 6.0# software id #/interface ethernetset 0 name=LANset 1 name=SQUIDset 2 mac-address=00:50:56:31:A4:F0 name=WAN/ip pooladd name=dhcp_pool1 ranges=192.168.100.200-192.168.100.253/ip dhcp-serveradd address-pool=dhcp_pool1 disabled=no interface=LAN name=dhcp1/ip addressadd address=192.168.0.254/24 interface=WAN network=192.168.0.0add address=192.168.50.254/24 interface=SQUID network=192.168.50.0add address=192.168.100.254/24 interface=LAN network=192.168.100.0/ip dhcp-server networkadd address=192.168.100.0/24 dns-server=192.168.100.254,8.8.4.4,8.8.4.4 gateway=192.168.100.254/ip dnsset allow-remote-requests=yes servers=8.8.8.8,8.8.4.4/ip firewall mangleadd action=mark-routing chain=prerouting dst-port=80 new-routing-mark=http protocol=tcp/ip firewall natadd chain=srcnat dst-port=80 protocol=tcpadd action=masquerade chain=srcnat out-interface=WAN/ip routeadd distance=1 gateway=192.168.50.50 routing-mark=httpadd check-gateway=ping distance=1 gateway=192.168.0.1/tool graphing interfaceadd |
After you have finished your setup, execute the following on your squid server to monitor logs:
tail -f /var/log/squid3/access.log
Comments
Post a Comment