How to block flash videos using Squid ? : rep_mime_type
To
block certain content types. Squid currently can not do “content
inspection” to decide on the file type based on the contents, but it is
able to block HTTP replies based on MIME ( file extension type)
Block flash video
The MIME type for such content is “video/x-flv”. Edit /etc/squid/squid.conf
Create an ACL
acl block-flashvideos rep_mime_type video/x-flv
Set Action
http_reply_access deny block-flashvideos
It will block flash videos
The MIME type for such content is “video/x-flv”. Edit /etc/squid/squid.conf
Create an ACL
acl block-flashvideos rep_mime_type video/x-flv
Set Action
http_reply_access deny block-flashvideos
It will block flash videos
How to Block Internet Explorer Browser With Squid ?
acl syntax :
acl <acl name> browser <UserAgent> Edit squid.conf for
acl block_browser browser MSIE
http_access deny block_browser
is also possible to block specific version or other browsers too:
acl block_bad_browser browser MSIE.9
acl block_bad_browser browser MSIE.10
acl block_bad_browser browser Firefox
acl block_bad_browser browser Chrome/38
http_access deny block_bad_browser
acl <acl name> browser <UserAgent> Edit squid.conf for
acl block_browser browser MSIE
http_access deny block_browser
is also possible to block specific version or other browsers too:
acl block_bad_browser browser MSIE.9
acl block_bad_browser browser MSIE.10
acl block_bad_browser browser Firefox
acl block_bad_browser browser Chrome/38
http_access deny block_bad_browser
How to configure squid to use multiple outgoing IP addresses ?
We
have a Linux PC with multiple IP Address and Squid Proxy Server
configured, Our browser to use that proxy on one of these IP and go out
from that server with the same IP and not with the default ip .
This is very useful if you have services that require 1 specific IP to be allowed, or if you want to give the proxy server to different people and still be able to trace what they do. To implement this follow the steps
Use multiple IP addresses based on the squid’s IP being used as proxy server
acl IPADDRESS-1 myip 192.168.0.20
acl IPADDRESS-1 myip 192.168.0.21
acl IPADDRESS-1 myip 192.168.0.23
tcp_outgoing_address 192.168.0.20 IPADDRESS-1
tcp_outgoing_address 192.168.0.21 IPADDRESS-2
tcp_outgoing_address 192.168.0.23 IPADDRESS-3
This is very useful if you have services that require 1 specific IP to be allowed, or if you want to give the proxy server to different people and still be able to trace what they do. To implement this follow the steps
Use multiple IP addresses based on the squid’s IP being used as proxy server
acl IPADDRESS-1 myip 192.168.0.20
acl IPADDRESS-1 myip 192.168.0.21
acl IPADDRESS-1 myip 192.168.0.23
tcp_outgoing_address 192.168.0.20 IPADDRESS-1
tcp_outgoing_address 192.168.0.21 IPADDRESS-2
tcp_outgoing_address 192.168.0.23 IPADDRESS-3
How to Clear Squid Proxy Cache Directory and Re-create ?
We can clear cache by deleting these, and recreate , follow steps
# squid -k shutdown
or
# service squid stop
# cd /var/spool/squid <—This is cache dir
# rm -rf *
# squid -z
2015/06/13 12:13:24| Creating Swap Directories
Note: this will recreate cache directories again
# ls
00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F
# service squid start
Note : Its better to use ‘squid -k reconfigure’ rather thant restarting squid as it wont have to stop the cache, so its almost instant.
Verify Squid for up and running
# netstat -tulpn | grep :3128
# tail -f /var/log/squid/access.log
# tail -f /var/log/squid/cache.log
or
# service squid stop
# cd /var/spool/squid <—This is cache dir
# rm -rf *
# squid -z
2015/06/13 12:13:24| Creating Swap Directories
Note: this will recreate cache directories again
# ls
00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F
# service squid start
Note : Its better to use ‘squid -k reconfigure’ rather thant restarting squid as it wont have to stop the cache, so its almost instant.
Verify Squid for up and running
# netstat -tulpn | grep :3128
# tail -f /var/log/squid/access.log
# tail -f /var/log/squid/cache.log
About Squid Logs
/var/log/squid/ is the default directory for squid logs
there are three logs
/var/log/squid/access.log : Surfing details, we can view who is doing what in this log.
/var/log/squid/cache.log : The cache.log file contains the debug and error messages that squid generates
/var/log/squid/store.log : The store.log file covers the objects currently kept on disk or removed ones.
To disable access log, edit /etc/squid/squid.conf
access_log none
To disable store log, edit /etc/squid/squid.conf
cache_store none
To disable cache log, edit /etc/squid/squid.conf
cache_log /dev/null
logfile_rotate 0
/var/log/squid/access.log : Surfing details, we can view who is doing what in this log.
/var/log/squid/cache.log : The cache.log file contains the debug and error messages that squid generates
/var/log/squid/store.log : The store.log file covers the objects currently kept on disk or removed ones.
Disable logging in Squid Proxy
If we have any requirements of disabling logs of squid proxy service. Follow these simple steps to disable all kind of logging by squid service.To disable access log, edit /etc/squid/squid.conf
access_log none
To disable store log, edit /etc/squid/squid.conf
cache_store none
To disable cache log, edit /etc/squid/squid.conf
cache_log /dev/null
logfile_rotate 0
Post a Comment