Ubuntu Unleashed 2019 Edition: Covering 18.04, 18.10, 19.04

(singke) #1
matthew@seymour:~$  sudo    tail    -f  access.log  cache.log

This reads the last few lines from both files and (thanks to the -f flag)
follows them so that any changes appear in there. This allows you to watch
what Squid is doing as people access it. We refer to this window as the “log
window,” and you should keep it open. In the other window (again, with
sudo), bring up the file /etc/squid/squid.conf in your favorite
editor. We refer to this window as the “config editor,” and you should keep it
open, too.


Search for the string acl all; this brings you to the access control section,
which is where most of the work needs to be done. You can configure a lot
elsewhere, but unless you have unusual requirements, you can leave the
defaults in place.


NOTE
The default port for Squid is 3128, but you can change that by editing the
http_port line. Alternatively, you can have Squid listen on multiple
ports by having multiple http_port lines; 80, 8000, and 8080 are all
popular ports for proxy servers.

The acl lines make up your access control lists (ACLs). The first 16 or so of
these lines define the minimum recommended configuration to set up ports to
listen to, and so on. You can safely ignore these. If you scroll down further
(past another short block of comments), you come to the http_access
lines, which are combined with the acl lines to dictate who can do what. You
can (and should) mix and match acl and http_access lines to keep your
configuration file easy to read.


Just below the first block of http_access lines is a comment like #
INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM
YOUR CLIENTS. This is just what you need to do now. First, though, scroll
just a few lines further, until you see the following two lines (which are not
necessarily next to each other in the actual file):


Click here to view code image
http_access allow localhost
http_access deny all


These lines are self-explanatory: The first says, “Allow HTTP access to the
local computer but deny everyone else.” This is the default rule, as mentioned
earlier. Leave it in place for now and run service squid start to start
the server with the default settings. If you have not yet configured the local
web browser to use your Squid server, do so now so that you can test the

Free download pdf