Tuesday, October 20, 2009

Linux Securirty Notes 14: Squid notes 1: Introduction


     Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. It reduces bandwidth and improves response times by caching and reusing frequently-requested web pages. Squid has extensive access controls and makes a great server accelerator. It runs on most available operating systems,
including Windows and is licensed under the GNU GPL.
     Thousands of web-sites around the Internet use Squid to drastically increase their content delivery. Squid can reduce your server load and improve delivery speeds to clients. Squid can also be used to deliver content from around the world - copying only the content being used, rather than inefficiently copying everything. Finally, Squid's advanced content routing configuration allows you to build content clusters to route and load balance requests via a variety of web servers.
" [The Squid systems] are currently running at a hit-rate (the web page that served from cache) of approximately 75%, effectively quadrupling the capacity of the Apache servers behind
them. This is particularly noticeable when a large surge of traffic arrives directed to a particular page via a web link from another site, as the caching efficiency for that page will be nearly 100%. "

     The normal setup is caching the contents of an unlimited number of webservers for a limited number of clients. Another setup is “reverse proxy” or “webserver acceleration” (using http_port 80 accel vhost). In this mode, the cache serves an unlimited number of clients for a limited number of—or just one—web servers.

Initialising SQUID
  1. install the squid
  2. configure the squid
  3. start the squid service

1. install the squid
    Squid can be installed by rpm. Squid uses lot of system resources to server the request. So best configuration on servers will defnitly improve the squid service.It uses the cache so more the RAM better the performance.
For eg:- for a squid server of 100 users
need a /var space of 150G
RAM - the more the better
    Even if you install the squid in lower configuration, to server a large communit squid will still server by optimising the current Hardware config. But for better result it is recommanded with higher configuration.

# rpm -qpl squid.ver.rpm
This will tell us that what are the changes that will be done to the system after the installation of the squid package.
# rpm -ivh squid-ver.rpm
This will install the squid package.
/usr/sbin/squid is the daemon installed by the package
/usr/sbin/squidclient is the binary installed, which is used to make query to the squid server to check whether the cache is available in the local or remote squid server

     Squid has a master process that will spawn the childs to handle the process. it binds to the default port 3128. The child proces is binding to the port 3128 not the master process. The same squid process is also bind to the udp port 3130 which used distribute the load for other squid servers, which is a peer to peer communication to balance the load.

2. configure the squid
     The client makes the request to the proxy server and the proxy server will contact the detination, caches the page and serves content. This cache will be used for later serve .The Access control should be configured to get it working. modify /etc/squid/squid.conf file to configure the squid

3. start the squid service
     The rpm installation can be started using service and can be configured using chkconfig command


Initial/simple configuration:

#vim squid.conf
#Go to Access controls session
acl int src
http_access allow int

   Here the acl is configured for the internal and the permission is given by the operator http_access. The squid operates from the top to bottom of the configuration file. so once if the search pattern is found squid will terminate the search in the config file and will start processing.

Testing the squid by squidclient:

#which squidclient
    This is a small utility that retrieves the objects in the squid server cahce.
#squidclient --help
Shows the options in squidclient
# squidclient -h localhost -p 3128 http://www.google.com
#squidclient http://www.google.com
     This will return the cache from the squid server located at localhost:3128. if the squid is running on localhost with the default port no need to specify the -h (host) of -p (port) options.

# squidclient -g 3 http://www.google.com
     This will tell that how speed the squid preformance to get the page http://www.google.com downloaded. and does for the 3 times (0-for infinite). we can verify the timing and can check whether the pages are cached or not. If there is caching happens then only the initial query will take time and others will take considerable less time. But if the webpage is not serverd from cache then all the request will have the same time. The caching permissions in the website (html code) is honoured by squid.
# squidclient -v http://www.google.com
     This will dump all the contents of the webpage to the STDOUT.
#squidclient -h squidserver.domain.com -g 3 http://www.google.com
     This will make query about the webcache to the given URL with the remote squid server.

Applying the proxy settings for textbased http client/shell based tools.

Steps to enabling the proxy in wget/lftp/lynx
Step 1:
export http_proxy=http://proxy.domain.com:3128
     This variable has been used by almost all the text based http clients.

Step 2:
now start the clients
# wget http://remotewebiste.com
     Now check the squid access log to find out the access request done by the client.
# lftp http://remotewebiste.com
     This will allow to download the http pages. This tool will honour the 'http_proxy' variable.
#lynx http://remotewebiste.com
     This will serve the webpage from the proxy

No comments:

Post a Comment

tag ur valuable ideas below