Installing Squid on FreeBSD

1) cd /usr/ports/www/squid
2) make install
3) <>

     o You can find the configuration files for this package in the
       directory /usr/local/etc/squid.

     o The default cache directory is /var/squid/cache.
       The default log directory is /var/squid/logs.

       Note:
       You must initialize new cache directories before you can start
       squid.  Do this by running “squid -z” as ‘root’ or ‘squid’.
       If your cache directories are already initialized (e.g. after an
       upgrade of squid) you do not need to initialize them again.

     o The default configuration will deny everyone but local networks
       as defined in RFC 1918 access to the proxy service.
       Edit the “http_access allow/deny” directives in
       /usr/local/etc/squid/squid.conf to suit your needs.

     To enable Squid, set squid_enable=yes in either
     /etc/rc.conf, /etc/rc.conf.local or /etc/rc.conf.d/squid
     Please see /usr/local/etc/rc.d/squid for further details.

     Note:
     If you just updated your Squid installation from 2.6 or earlier,
     make sure to check your Squid configuration against the 2.7 default
     configuration file /usr/local/etc/squid/squid.conf.default.

     Additionally, you should check your configuration by calling
     ‘squid -f /path/to/squid.conf -k parse’ before starting Squid.
===> SECURITY REPORT:
      This port has installed the following files which may act as network
      servers and may therefore pose a remote security risk to the system.
/usr/local/sbin/squid

      This port has installed the following startup scripts which may cause
      these network services to be started at boot time.
/usr/local/etc/rc.d/squid

      If there are vulnerabilities in these programs there may be a security
      risk to the system. FreeBSD makes no guarantee about the security of
      ports included in the Ports Collection. Please type ‘make deinstall’
      to deinstall the port if this is a concern.

      For more information, and contact details about the security
      status of this software, see the following webpage:

4) /usr/local/etc/rc.d/squid onestart (just for testing)
5)  Check which ports its listening on
sockstat |more
USER     COMMAND    PID   FD PROTO  LOCAL ADDRESS         FOREIGN ADDRESS
squid    squid      66128 3  dgram  -> /var/run/log
squid    squid      66128 6  udp4   *:48072               *:*
squid    squid      66128 12 tcp4   *:3128                *:*
squid    squid      66128 13 udp4   *:3130                *:*
squid    squid      66126 3  dgram  -> /var/run/log
agarg    ssh-agent  47049 3  stream /tmp/ssh-NaHhONUHyq/agent.47048
agarg    sshd       47044 3  tcp4   10.48.0.238:22        10.202.70.142:65475
agarg    sshd       47044 4  stream -> ??
root     sshd       47041 3  tcp4   10.48.0.238:22        10.202.70.142:65475
root     sshd       47041 5  stream -> ??

Testing using Telnet

Direct Connection

GET / HTTP/1.1

Squid Connection


telnet proxy.domain.tld 3128
GET http://www.google.com/ HTTP/1.1host:www.google.com

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s