Sunteți pe pagina 1din 47

Confi

guration of Proxy Server

1. INTRODUCTION
1.1 PROBLEM DEFINITION:We can block unwanted websites by words, by websites, by sentence.
To speed up access to resources using caching. Faster Internet Connections for Internal LAN.
Secure the Internal LAN When browsing the Internet. Blocks the unwanted activity by clients on
the www.

1.2 OBJECTIVE
Squid is a high-performance HTTP and FTP caching proxy server. It is
also known as a Web proxy cache. It can make your network connections more efficient. As it
stores data from frequently used Web pages and files, it can often give your users the data they
need without having to look to the Internet.
Studies on very busy networks suggest that a Squid server can reduce the
size, or bandwidth, of your Internet connection by 10-20 percent. That can lead to considerable
savings for larger office.

GRWP Tasgaon

Page 1

Configuration of Proxy Server

2. PLANNING AND SYSTEM

2.1 STUDY OF EXISTING SYSTEM:In existing System we block the website using Internet
browser setting but it take more time and effort. In LAN connection if we want to block some
website then we require configure internet setting in all machines in that LAN. But there is
possibility to user can change this setting of machine in LAN connection in school and colleges.
Using proxy server we can avoid all this possibilities and efforts. So we require configure proxy
server on main server of that LAN.

2.2

PROPOSED SYSTEM:-

In our whole project we mostly concentrate on configuring proxy


server using two features that are blocking website and cashing most frequently webpages.
For that purpose we need to install the following:1] Red Hat Enterprise Linux
2] Bind Packages
3] Squid package
In the LINUX operating system proxy server is also called squid
proxy server. In our system all machines are connected to Proxy server. User can not directly
access Internet connection. If user wants to Internet connection then it has to be send request to
the first proxy server. When proxy server accept this request then he first check it is accessible or
not in the directory. If this request is accessible then it send to main server and main server. If
request is dined then he sends response to user that is access dined.
And also proxy server cashing most frequently WebPages. If the
requested webpage is store in cache then proxy server give response that webpage without
forwarding this request to the main server.

GRWP,Tasgaon

Page 2

Configuration of Proxy Server

2.3 INFORMATION GATHERING


Proxy server
In computer networks, a Proxy Server is a server that acts as an intermediary
for requests from clients seeking resources from other servers. A client connects to the proxy
server, requesting some service, such as a file, connection, web page, or other resource available
from a different server and the proxy server evaluates the request as a way to simplify and
control its complexity. A proxy server may optionally alter the client's request or the server's
response, and sometimes it may serve the request without contacting the specified server.
A proxy server receives a request for an Internet service (such as a Web page
request) from a user. If it passes filtering requirements, the proxy server, assuming it is also a
cache server , looks in its local cache of previously downloaded Web pages. If it finds the page, it
returns it to the user without needing to forward the request to the Internet. If the page is not in
the cache, the proxy server, acting as a client on behalf of the user, uses one of its own IP
addresses to request the page from the server out on the Internet. When the page is returned, the
proxy server relates it to the original request and forwards it on to the user.
To the user, the proxy server is invisible; all Internet requests and returned
responses appear to be directly with the addressed Internet server. (The proxy is not quite
invisible; its IP address has to be specified as a configuration option to the browser or other
protocol program.)
An advantage of a proxy server is that its cache can serve all users. If one or
more Internet sites are frequently requested, these are likely to be in the proxy's cache, which
will improve user response time. In fact, there are special servers called cache servers. A proxy
can also do logging.
The functions of proxy, firewall, and caching can be in separate server
programs or combined in a single package. Different server programs can be in different
computers. For example, a proxy server may in the same machine with a firewall server or it may
be on a separate server and forward requests through the firewall.

GRWP,Tasgaon

Page 3

Configuration of Proxy Server

Types of Proxy Server

Transparent Proxy:-

A Transparent Proxy Server tells the remote Computer the IP Address of


your Computer. This provides no privacy. Anonymous Proxy Servers can further be broken down
into two more categories, Elite and Disguised. An Elite Proxy Server is not identifiable to the
remote computer as a Proxy in any way. A Disguised Proxy Server gives the remote computer
enough information to let it know that it is a Proxy, however it still does not give away the IP of
the Computer it is relaying information for.

Open proxy:-

An open proxy is a proxy server which will accept client.connections from


any IP address and make connections to any Internet resource. Abuse of open proxies is currently
implicated in a significant portion of e-mail spam delivery. Spammers frequently install open
proxies on unwitting end users' operating systems by means of computer viruses designed for
this purpose. Internet Relay Chat (IRC) abusers also frequently use open proxies to cloak their
identities.

Anonymous Proxy

This type of proxy server identifies itself as a proxy server, but does not make
the original IP address available. This type of proxy server is detectable, but provides reasonable
anonymity for most users.

Distorting Proxy

This type of proxy server identifies itself as a proxy server, but make an
incorrect original IP address available through the http headers.

High Anonymity Proxy:-

This type of proxy server does not identify itself as a proxy server and does not make available
the original IP.

GRWP,Tasgaon

Page 4

Configuration of Proxy Server

3. REQUIREMENT ANALYSIS

3.1

Software Requirement :

1. Red Hat Linux Enterprise Edition 5.


2. Squid Package.
3. Bind Package.

Advantages of Linux :

Multitasking:
Several programs can run at the same time.

Multiuser:
Several users can logon to the same machine at the same time. There is no need to
have separate user licenses.

Multiplatform:
Linux runs on many different CPUs that mean it supports multiprocessor
machine.

Demand loads executables:


Linux only reads from those parts of a program that are actually used on the disk.

GRWP,Tasgaon

Page 5

Configuration of Proxy Server

3.2 HARDWARE REQUIREMENT

PROCESSOR

32-bit/64-bit Pentium 4

RAM

4 GB
(may vary depends on number of
clients)

Hard Disk

300 GB
(As there are number of users have
own disk space)

Ethernet Cards

Two

GRWP,Tasgaon

Page 6

Configuration of Proxy Server

4. DESIGN METHODLOGY
4.1 System Architecture
This field gives the overall information of the project via diagrammatic
structure. The system architecture contain following fields:1.
2.
3.
4.

Installing Red Hat Enterprise Linux 5 server.


Configuration of Network services.
Configuration of squid.
Etc

The diagrammatic representation shows how the system will work. Also is
shows that how the data should flow in overall system. The explanation
Related to the system architecture is as following:1. Installing Red Hat Linux 5:Linux operating system is very secure and its file system is very Strong. So
we choose the Linux operating system &install Linux Red Hat RHEL5.
2. Configuration of Network services:In the configuration of Network services we configure Host file & assign IP.
3. Configuration of squid:Then configure this file using different acl(Access Control List) statements.
a. Deny access to specific user
b. Deny access by websites
c. Deny access by time
d. Allow websites
e. Caching recently requested web pages

SYSTEM ARCHITECTURE
C1

GRWP,Tasgaon

C2

Page 7

C3

C4

Configuration of Proxy Server

Administrator

Proxy Server

Installing
RHEL 5 server

Configure
Network
services

Assigning
IP

Deny access to
specific user

Deny access
to Website

Implement
Proxy

Configure
Squd.conf file

Configure
host file

Deny Access
by time

DATA FLOW DIAGRAMS

GRWP,Tasgaon

Web Server

Page 8

Allow
Websites

Cashing
Web pages

Configuration of Proxy Server

DFD Level 1

C1

Main Server
Web
Server

aw

Proxy
Server

C2

C3

C4

DFD LEVEL 2
GRWP,Tasgaon

Page 9

Configuration of Proxy Server

C1

Main Server
Web
Server

C2

Proxy
Server

C3

C4

Cashing

Blocking

DFD LEVEL 3

GRWP,Tasgaon

Page 10

Log

Configuration of Proxy Server

C1
Main Server
Web
Server

C2
Proxy
Server
C3

Cashing

Directory

Log

Blocking

Hard
Disk

Deny
access to
specific
user

Deny
Access
by time

UML DIAGRAM
UML (Unified Modeling Language)

GRWP,Tasgaon

Page 11

Deny
access
to
Websit
e

Log
Report

Configuration of Proxy Server

UML is a (Unified Modeling Language).It is a standard language for writing software blueprints.
The UML is used to
a) Visualize
b) Specify
c) Construct
d) Document the artifacts of software-intensive system.
We implement three types of UML diagrams that are
1. Use case Diagram
2. Sequence Diagram
3. Activity Diagram

1. Use case Diagram:Use case diagram is useful to view a set of use cases that is special type of
class and their relationships.

2.

Sequence Diagram:In Sequence diagram an interaction is made up of set of objects and their

relationships

3. Activity Diagram:Activity Diagram represents the flow from activity to activity within a system. It is type of State
chart diagram.

1. USE CASE DIGRAM

Proxy Server
GRWP,Tasgaon

User

Page 12

Caching web sitesFiltering web site

Configuration of Proxy Server

Request web site

Response for
Allow web site

Allow and deny


specific web sites

Deny access to
specific user

Administrator

Maintain log record

2. SEQUENCE DIAGRAM
USER
GRWP,Tasgaon

PROXY SERVER
SERVERSERVER

MAIN SERVER

Page 13

2. Filtering

Configuration of Proxy Server

1. Request for web side

3. Allow the web side

4. Response to web site

5. Caching
6. Response to website
5. Blocked web sit
7. Most frequently web pages

8. Check it is in cache
9. Web page found
10. Response to web page
11. Web page not found
12. Request to main server
13. Response for web pages

15. Response for webpage

14. Cashing

16. Maintain log records

3. ACTIVITY DIAGRAM

GRWP,Tasgaon
Send

response to
proxy server

Page 14

Send Send
Response
FoundResponse
in cache

User
Send
Request
Allow
Websites
Filtering
Not
found
in cache
Block
Website

Access is denied

Configuration of Proxy Server

Proxy Server

Check it is
in cache

Main Server

5. PROJECT IMPLEMENTATION

GRWP,Tasgaon

Page 15

Configuration of Proxy Server

RHEL Installation

Step 1: - Language Selection


Selecting a language to use for the installation as shown in following
Fig:-5.1 While installing the Linux.

Figure 5.1 Language Selection

Once selecting the appropriate language, click Next to continue.

Step 2: - Keyboard Configuration

Next step is to select the correct layout type (for example U.S. English) for the
keyboard you would prefer to use for the installation and as the system default as shown in fig 5.2.
GRWP,Tasgaon

Page 16

Configuration of Proxy Server

Figure 5.2. Keyboard Configuration

Once selecting the appropriate type then click on Next to continue.

Step 3: - Disk Partitioning Setup

GRWP,Tasgaon

Page 17

Configuration of Proxy Server

Partitioning allows you to divide your hard drive into isolated sections,
where each section behaves as its own hard drive. Partitioning is particularly useful if you run
multiple operating systems. On this screen, we choose to perform automatic partitioning.

Step 4: - Automatic Partitioning


While doing automatic partitioning the three options are:
A] Remove all Linux partitions on this system
B] Remove all partitions on this system:We select this option to remove all partitions on your hard drive.
C] Keep all partitions and use existing free space

Figure5.3. Automatic Partitioning

Clicking Next to continue.


Step 5: - Partitioning Your System
GRWP,Tasgaon

Page 18

Configuration of Proxy Server

If you chose automatic partitioning and selected Review, you can either
accept the current partition settings (click Next), or modify the setup using Disk Druid, the
manual partitioning tool.
If you chose to partition manually, you must tell the installation program
where to install Red Hat Enterprise Linux. This is done by defining mount points for one or more
disk partitions in which Red Hat Enterprise Linux is installed. You may also need to create
and/or delete partitions at this time.

Figure5.4 Partitioning with Disk Druid on x86, AMD64, and Intel EM64T Systems

GRWP,Tasgaon

Page 19

Configuration of Proxy Server

Figure5.5. Partitioning with Disk Druid on Itanium Systems

Step 5.1: - Adding partitions


To add a new partition, select the New button

Step 5.5:- Adding Partitions

To add a new partition, select the New button.

GRWP,Tasgaon

Page 20

Configuration of Proxy Server

Fig.5.6. Creating a New Partition

Mount Point:Enter the partition's mount point. For example, if this partition should be the root
partition, enter /; enter /boot for the /boot partition, and so on.
File System Type:Using the pull-down menu, select the appropriate file system type for this partition.
Allowable Drives:
This field contains a list of the hard disks installed on your system. If a hard disk's
box is highlighted, then a desired partition can be created on that hard disk. If the box is not
checked, then the partition will never be created on that hard disk. By using different checkbox
settings, you can have Disk Druid place partitions where you need them, or let Disk Druid decide
where partitions should go.

GRWP,Tasgaon

Page 21

Configuration of Proxy Server

Size (MB):
Enter the size (in megabytes) of the partition. Note, this field starts with 100 MB;
unless changed only a 100 MB partition will be created.
Additional Size Options:
Choose whether to keep this partition at a fixed size, to allow it to "grow" (fill up the
available hard drive space) to a certain point, or to allow it to grow to fill any remaining hard
drive space available.

Step 6: - Network Configuration

Figure 6.1 Network Configurations

The installation program automatically detects any network devices you have and
display them in the Network Devices list.

GRWP,Tasgaon

Page 22

Configuration of Proxy Server

Once you have selected a network device, click Edit. From the Edit
Interface pop-up screen, you can choose to configure the IP address and Netmask of the device
via DHCP (or manually if DHCP is not selected) and you can choose to activate the device at
boot time. If you select Activate on boot, your network interface is started when you boot. If you
do not have DHCP client access or you are unsure what to provide here, please contact your
network administrator.

Figure 6.2 Editing a Network Device

GRWP,Tasgaon

Page 23

Configuration of Proxy Server

Step 7: - Firewall Configuration


Red Hat Enterprise Linux offers firewall protection for enhanced system
security. A firewall exists between your computer and the network, and determines which
resources on your computer remote users on the network can access.

Figure7.1. Firewall Configuration

Next, we decide whether to enable a firewall for your Red Hat Enterprise Linux system.

GRWP,Tasgaon

Page 24

Configuration of Proxy Server

No firewall
No firewall provides complete access to your system and does no security checking.
Security checking is the disabling of access to certain services. This should only be selected if
you are running on a trusted network (not the Internet) or plan to do more firewall configuration
later.

Enable firewall
If you choose Enable firewall, connections are not accepted by your system (other
than the default settings) that is not explicitly defined by you. By default, only connections in
response to outbound requests, such as DNS replies or DHCP requests are allowed. If access to
services running on this machine is needed, you can choose to allow specific services through the
firewall. If you are connecting your system to the Internet, this is the safest option to choose.
Next, select which services, if any, should be allowed to pass through the firewall.
Enabling these options allow the specified services to pass through the firewall. Note, these
services may not be installed on the system by default. Make sure you choose to enable any
options that you may need.

Remote Login (SSH)


Secure Shell (SSH) is a suite of tools for logging in to and executing commands on a
remote machine. If you plan to use SSH tools to access your machine through a firewall, enable
this option. You need to have the openssh-server package installed in order to access your
machine remotely, using SSH tools.

Web Server (HTTP, HTTPS)


The HTTP and HTTPS protocols are used by Apache (and by other Web servers) to
serve WebPages. If you plan on making your Web server publicly available, enable this option.
This option is not required for viewing pages locally or for developing WebPages. You must
install the httpd package if you want to serve WebPages.
File Transfer (FTP)
The FTP protocol is used to transfer files between machines on a network. If you
plan on making your FTP server publicly available, enable this option. You must install the
vsftpd package in order to publicly serve files.
GRWP,Tasgaon

Page 25

Configuration of Proxy Server

Mail Server (SMTP)


If you want to allow incoming mail delivery through your firewall, so that remote
hosts can connect directly to your machine to deliver mail, enable this option. You do not need to
enable this if you collect your mail from your Internet Service Provider's server using POP3 or
IMAP, or if you use a tool such as fetch mail. Note that an improperly configured SMTP server
can allow remote machines to use your server to send spam.
Three states are available for you to choose from during the installation process:

i)

Disable

Select Disable if you do not want SELinux security controls enabled on this
system. The Disabled setting turns enforcing off and does not set up the machine for the use of a
security policy.

ii)

Warn

Select Warn to be notified of any denials. The Warn state assigns labels to data
and programs, and logs them, but does not enforce any policies. The Warn state is a good starting
place for users who eventually want a fully active SELinux policy, but who first want to see what
effects the policy would have on their general system operation.

iii)

Active

Select Active if you want SELinux to act in a fully active state. The Active
state enforces all policies, such as denying access to unauthorized users for certain files and
programs, for additional system protection. Choose this state only if you are sure that your
system can still properly function with SELinux fully enabled.

Step 8: - Language Support Selection


We select a language to use as the default language. The default language is the
language used on the system once the installation is complete. Typically, the default language is
the language you selected to use during the installation.

GRWP,Tasgaon

Page 26

Configuration of Proxy Server

Figure8.1. Language Support Selection

Step 9:- Time Zone Configuration


Set your time zone by selecting the city closest to your computer's physical location.
There are two ways for you to select your time zone:
Using mouse, click on the interactive map to select a specific city (represented by a yellow dot).
A red X appears indicating your selection.
We can also scroll through the list at the bottom of the screen to select your time zone. Using
your mouse, click on a location to highlight your selection.
GRWP,Tasgaon

Page 27

Configuration of Proxy Server

Figure9.1. Configuring the Time Zone

Step 10:- Set Root Password


Setting up a root account and password is one of the most important steps during
your installation. Your root account is similar to the administrator account used on Windows NT
machines. The root account is used to install packages, upgrade RPMs, and perform most system
maintenance. Logging in as root gives you complete control over your system.

GRWP,Tasgaon

Page 28

Configuration of Proxy Server

Figure 10.1 Root Password

Step 11: - Package Group Selection


The Package Installation Defaults screen appears and details the default package set for
your Red Hat Enterprise Linux installation. This screen varies depending on the version of Red Hat
Enterprise Linux you are installing.
To customize your package set further, select Customize the set of packages to be installed
option on the screen. Clicking Next takes you to the Package Group Selection screen.
You can select package groups, which group components together according to function (for
example, X Window System and Editors), individual packages, or a combination of the two.

GRWP,Tasgaon

Page 29

Configuration of Proxy Server

Figure 11.1 Package Group Selection

Select each component you wish to install. Selecting Everything (at the end of the
component list) installs all packages included with Red Hat Enterprise Linux. Once a package
group has been selected, click on Details to view which packages are installed by default, and to
add or remove optional packages from that group.

GRWP,Tasgaon

Page 30

Configuration of Proxy Server

Figure11.2 Package Group Details

A screen preparing you for the installation of Red Hat Enterprise Linux now appears.

Step 12: - Installation Complete


Congratulations! Your Red Hat Enterprise Linux installation is now complete!

GRWP,Tasgaon

Page 31

Configuration of Proxy Server

SQUID CONFIGURATION
Installing the squid package from RHEL/4-U5 i386 disk1.
Then start the squid service.
# TAG: http_access
#
#

Squid.config located in the etc/squid/ directory.

Allowing or Denying access based on defined access lists

Then configure this file using different acl (Access Control List) statements.

#
Access to the HTTP port:
# ACCESS CONTROLS
#
http_access allow|deny [!]aclname ...
# ----------------------------------------------------------------------------#
#Recommended minimum configuration:
#
NOTE on default values:
acl all src 0.0.0.0/0.0.0.0
#
If there are no "access" lines present, the default is to deny
acl manager proto cache_object
#
the request.
acl localhost src 127.0.0.1/255.255.255.255
#
acl to_localhost dst 127.0.0.0/8
#
If none of the "access" lines cause a match, the default is the
acl SSL_ports port 443 563
#
opposite of the last line in the list. If the last line was
acl Safe_ports port 80
# http
#
deny, the default is allow. Conversely, if the last line
acl Safe_ports port 21
# ftp
#
is allow, the default will be deny. For these reasons, it is a
acl Safe_ports port 443 563
# https, snews
#
good idea to have an "deny all" or "allow all" entry at the end
acl Safe_ports port 70
# gopher
#
of your access lists to avoid potential confusion.
acl Safe_ports port 210
# wais
#
acl Safe_ports port 1025-65535 # unregistered ports
#Default:
acl Safe_ports port 280
# http-mgmt
# http_access deny all
acl Safe_ports port 488
# gss-http
##Recommended minimum configuration:
acl Safe_ports port 591
# filemaker
#
acl Safe_ports port 777
# multiling http
# Only allow cachemgr access from localhost
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
GRWP,Tasgaon
# Deny requests to unknown ports
http_access deny !Safe_ports

Page 32

Configuration of Proxy Server

GRWP,Tasgaon

Page 33

Configuration of Proxy Server

#
# We strongly recommend the following be uncommented to protect innocent
# web applications running on the proxy server who think the only
# one who can access services on "localhost" is a local user
#http_access deny to_localhost
#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS

# Example rule allowing access from your local networks. Adapt


# to list your (internal) IP networks from where browsing should
# be allowed
#acl our_networks src 192.168.1.0/24 192.168.2.0/24
#http_access allow our_networks

# And finally deny all other access to this proxy


http_access allow localhost
http_access deny web_deny
http_access allow allow_network
http_access deny all

# TAG: http_reply_access
#

Allow replies to client requests. This is complementary to http_access.

#
#

http_reply_access allow|deny [!] aclname ...

#
#
#

NOTE: if there are no access lines present, the default is to allow


all replies

GRWP,Tasgaon

Page 34

Configuration of Proxy Server

#
#

If none of the access lines cause a match the opposite of the

last line will apply. Thus it is good practice to end the rules

with an "allow all" or "deny all" entry.

#
#Default:
# http_reply_access allow all
#
#Recommended minimum configuration:
#
# Insert your own rules here.
#
#
# and finally allow by default
http_reply_access allow all

# TAG: icp_access
#

Allowing or Denying access to the ICP port based on defined

access lists

#
#

icp_access allow|deny [!]aclname ...

#
#

See http_access for details

GRWP,Tasgaon

Page 35

Configuration of Proxy Server

# OPTIONS WHICH AFFECT THE CACHE SIZE


# -----------------------------------------------------------------------------

# TAG: cache_mem

(bytes)

#
NOTE: THIS PARAMETER DOES NOT SPECIFY THE MAXIMUM PROCESS
SIZE.
#
IT ONLY PLACES A LIMIT ON HOW MUCH ADDITIONAL MEMORY SQUID
WILL
#
USE AS A MEMORY CACHE OF OBJECTS. SQUID USES MEMORY FOR
OTHER
#

THINGS AS WELL. SEE THE SQUID FAQ SECTION 8 FOR DETAILS.

#
#

'cache_mem' specifies the ideal amount of memory to be used

for:

* In-Transit objects

* Hot Objects

* Negative-Cached objects

#
#

Data for these objects are stored in 4 KB blocks. This

parameter specifies the ideal upper limit on the total size of

4 KB blocks allocated. In-Transit objects take the highest

priority.

#
#

In-transit objects have priority over the others. When

additional space is needed for incoming data, negative-cached

and hot objects will be released. In other words, the

negative-cached and hot objects will fill up any unused space

not needed for in-transit objects.

GRWP,Tasgaon

Page 36

Configuration of Proxy Server

If circumstances require, this limit will be exceeded.

Specifically, if your incoming request rate requires more than

'cache_mem' of memory to hold in-transit objects, Squid will

exceed this limit to satisfy the new requests. When the load

decreases, blocks will be freed until the high-water mark is

reached. Thereafter, blocks will be used to store hot

objects.

#
#Default:
cache_mem 8 MB

# TAG: cache_swap_low

(percent, 0-100)

# TAG: cache_swap_high

(percent, 0-100)

#
#

The low- and high-water marks for cache object replacement.

Replacement begins when the swap (disk) usage is above the

low-water mark and attempts to maintain utilization near the

low-water mark. As swap utilization gets close to high-water

mark object eviction becomes more aggressive. If utilization is

close to the low-water mark less replacement is done each time.

#
#

Defaults are 90% and 95%. If you have a large cache, 5% could be

hundreds of MB. If this is the case you may wish to set these

numbers closer together.

GRWP,Tasgaon

Page 37

Configuration of Proxy Server

# LOGFILE PATHNAMES AND CACHE DIRECTORIES


# -----------------------------------------------------------------------------

# TAG: cache_dir
#

Usage:

#
#

cache_dir Type Directory-Name Fs-specific-data [options]

#
#

You can specify multiple cache_dir lines to spread the

cache among different disk partitions.

#
#

Type specifies the kind of storage system to use. Only "ufs"

is built by default. To enable any of the other storage systems

see the --enable-storeio configure option.

#
#

'Directory' is a top-level directory where cache swap

files will be stored. If you want to use an entire disk

for caching, this can be the mount-point directory.

The directory must exist and be writable by the Squid

process. Squid will NOT create this directory for you.

#
#

The ufs store type:

#
#

"ufs" is the old well-known Squid storage format that has always

been there.

GRWP,Tasgaon

Page 38

Configuration of Proxy Server

# TAG: cache_access_log
#

Logs the client request activity. Contains an entry for

every HTTP and ICP queries received. To disable, enter "none".

#
#Default:
cache_access_log /var/log/squid/access.log

# TAG: cache_log
#

Cache logging file. This is where general information about

your cache's behavior goes. You can increase the amount of data

logged to this file with the "debug_options" tag below.

#
#Default:
cache_log /var/log/squid/cache.log

# TAG: cache_store_log
#

Logs the activities of the storage manager. Shows which

objects are ejected from the cache, and which objects are

saved and for how long. To disable, enter "none". There are

not really utilities to analyze this data, so you can safely

disable it.

#
#Default:
cache_store_log /var/log/squid/store.log

GRWP,Tasgaon

Page 39

Configuration of Proxy Server

# TAG: cache_swap_log
#

Location for the cache "swap.state" file. This log file holds

the metadata of objects saved on disk. It is used to rebuild

the cache during startup. Normally this file resides in each

'cache_dir' directory, but you may specify an alternate

pathname here. Note you must give a full filename, not just

a directory. Since this is the index for the whole object

list you CANNOT periodically rotate it!

#
#

If %s can be used in the file name it will be replaced with a

a representation of the cache_dir name where each / is replaced

with '.'. This is needed to allow adding/removing cache_dir

lines when cache_swap_log is being used.

#
#

If have more than one 'cache_dir', and %s is not used in the name

these swap logs will have names such as:

##

cache_swap_log.00

cache_swap_log.01

cache_swap_log.02

#
#

The numbered extension (which is added automatically)

corresponds to the order of the 'cache_dir' lines in this

configuration file. If you change the order of the 'cache_dir'

lines in this file, these log files will NOT correspond to

better to keep these log files in each 'cache_dir' directory.

GRWP,Tasgaon

Page 40

Configuration of Proxy Server

Web-deny
www.facebook .com
www.youtube.com
www.rediffmail.com

In this way we block this web site using acl statements. We also create recode for cashing most
frequently web pages.

SNAPSHOT 1:GRWP,Tasgaon

Page 41

Configuration of Proxy Server

When requested webpage is accessible then proxy server give response


following response
For e.g. web site is www.google.com

SNAPSHOT 2:GRWP,Tasgaon

Page 42

Configuration of Proxy Server

When the requested web page is not accessible then proxy server give
following response to user.
For e.g. web site is www.facebook .com

ADVANTAGES
GRWP,Tasgaon

Page 43

Configuration of Proxy Server

Faster internet connection for LAN.


Secure the LAN when browsing the internet.
Blocks the unwanted activity by clients on the http.
Allow the internet access to the authorized users only.
Always watch & filter the sensitive data.
Proxy Server is give to speed up access to resource using cashing.
Do the acceleration of web page.

FUTURE ENHANCEMENT
In advance we implement following features of proxy server
SMTP Proxy
Implementation of firewall in proxy server
GRWP,Tasgaon

Page 44

Configuration of Proxy Server

Anonym zing proxy


Open proxy
Forced proxy

9. CONCLUSION
In our project finally we conclude that Proxy Server is a invisible to the user. All
internet request & returned responses appear to be directly with the addressed internet server. It is act as a

GRWP,Tasgaon

Page 45

Configuration of Proxy Server

both server as well as server. It reduces Network traffic and they could regulate, allowing disallowing
certain communication. It is able to share single internet connection.
Proxy server used in LAN connections, school, colleges etc.

10. Bibliography
Books:

Computer Network :- Andrew S. Tanenbumb.

GRWP,Tasgaon

Page 46

Configuration of Proxy Server

The Complete Reference Book :- Oraig Zacker.

Web site:

www.squidproxy.net
www.adeelkml.tk
www.linux.org

GRWP,Tasgaon

Page 47