Configuring SQUID

Last night I had to replicate an issue which involved configuring SQUID on a Windows environment. I had to look for the installer, and then check out the configuration steps.
I needed a very basic setup, just to proxy the Client requests to the Server.
I found few very useful links, and also the configuration steps.
After going through them, this is what I did.

Unzipped the installer and kept in C:\squid
Renamed mime.conf.default to mime.conf, squid.conf.default to squid.conf and cachemgr.conf.default to cachemgr.conf
Created cache directory under c:\squid\var.
Ran C:\squid\sbin\squid -z to create swap directories.
In the squid.conf specified the folllowing
http_port 3128
htcp_port 4827
icp_port 3130

Ran C:\squid\sbin\squid.exe and it started listening on port 3128.
I needed to confgure Squid to listen over SSL.
I created the key and certificate from the following steps.

openssl genrsa -des3 -out server.key 1024
openssl req -config ..\conf\openssl.cnf -new -key server.key -out localhost
openssl x509 -req -days 730 -in localhost -signkey server.key -out server.crt

Converted the certificate to pem usings java utils.der2pem server.der
And specifying the following in the squid.conf
https_port 3129 cert=C:\squid\server.pem key=C:\squid\server.key
Ran C:\squid\sbin\squid.exe and it started listening on port 3129.
For those who are completely new to SQUID, they can go through its introduction below:-
Squid is a high-performance proxy caching server for web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process.

Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests.It supports SSL, extensive access controls, and full request logging. By using the lightweight Internet Cache Protocol, Squid caches can be arranged in a hierarchy or mesh for additional bandwidth savings.

Squid consists of a main server program squid, a Domain Name System lookup program dnsserver, some optional programs for rewriting requests and performing authentication, and some management and client tools. When squid starts up, it spawns a configurable number of dnsserver processes, each of which can perform a single, blocking Domain Name System (DNS) lookup. This reduces the amount of time the cache waits for DNS lookups.

This web caching software works on a variety of platforms including Linux, FreeBSD, and Windows. Squid is created by Duane Wessels.



Leave a Reply