Squid Proxy
squid is a popular proxy server, if one wishes to access the outside world pretending to be the droplet in wherever it is… Handy for various things.
Install
apt-get update && apt-get upgrade -y
apt-get install squid3
# Backup original configuration to file named squid.conf.factory
cp -v /etc/squid/squid.conf{,.factory}
Firewall Configuration
See notes under: Firewall
ufw status ufw allow squid ufw status
Configure Squid
View the existing squid conf (with comments/documentation cut out)
cat /etc/squid/squid.conf | grep -v -e '^\#' -e '^$'
Configure password store using apache, see docs online… I didn't set this up yet (I limited by IP).
400 apt-get install apache2-utils 401 sudo touch /etc/squid/passwd 402 sudo chown proxy: /etc/squid/passwd 403 ls -l /etc/squid/passwd 405 htpasswd /etc/squid/passwd david
Toggle blanket allow/deny rule (debugging to see if its your rule, or your application trying to connect which isn't configured properly)
sed -i 's,http_access deny all,http_access allow all,g' /etc/squid/squid.conf sed -i 's,http_access allow all,http_access deny all,g' /etc/squid/squid.conf
# Add rule (BEFORE line matching sed pattern) sed -i '/http_access deny all/i http_access allow my_allow_ip' /etc/squid/squid.conf sed -i '/http_access allow my_allow_ip/i acl my_allow_ip src xxx.xxx.xxx.xxx' /etc/squid/squid.conf # Delete rule by sed pattern sed -i '/acl my_allow_ip src xxx.xxx.xxx.xxx/d' /etc/squid/squid.conf
# Test config squid -k parse # Refresh configuration squid -k reconfigure
Stopping
# Kill squid sudo squid -k shutdown # Restart Daemon: http://etutorials.org/Server+Administration/Squid.+The+definitive+guide/Chapter+5.+Running+Squid/5.5+Running+Squid+as+a+Daemon+Process/ squid -s
ps aux | grep squid
Check cache usage:
sudo du -h /var/spool/