SQUID proxy server

» Posted by on Mar 1, 2013 in Other news | 0 comments

Good time, dear readers and visitors! In this article, I’ll start a job description caching proxy SQUID. This article will be mostly introductory theoretical.
What is a proxy-server and what is squid

I’ll start with the basics. squid is a caching proxy server for HTTP, FTP and other protocols. Proxy server for HTTP – is a program that performs HTTP-requests on behalf of a client program (either the browser or other software). Proxy may be cached or not cached. Caching, respectively, preserves all requests at any store for a quick return customers, and does not cache – simply translates HTTP, ftp or other requests. Previously, caching traffic can get pretty substantial bandwidth savings, but At the present time, as the speed of the Internet is a little lost its relevance. Proxy servers can build a hierarchy for handling requests. In this case, the proxy server communicate with each other via ICP.

Squid is designed and runs on most operating systems (like unix, and windows). Is licensed under the GNU GPL. Capable of processing and cache HTTP, FTP, gopher, SSL, and WAIS (removed in 2.6) queries, as well as DNS. The most common requests are stored in memory. At the moment there are two stable versions of squid: 2.7 and 3.1. With the differences can be found in the references at the end. All dependencies when installing packages from them are the same. The configuration file is compatible with version 2, version 3, but in 3 versions added new options. In this article I will consider the version squid3. It should also be noted that if you install squid3, it is their config files will be kept in / etc/squid3, and also logs the default squid3 lie in the directory / var/log/squid3 /, not / var / log / squid / as “like to see” many log analyzers. Learn more about buy proxies.

A bunch of times mentioned the word “cache.” And what it actually is – caching? It is a way of storing requested Internet objects on the server that is closer to the requesting computer than the original one. Internet object is a file, document or response to treatment to any service we give to the Internet (eg, FTP, HTTP, or gopher). Client requests a web object from the cache of the proxy if the object is not cached, the proxy server receives the object (either from the host address specified by the requested URL, or from a parent or neighbor cache) and delivers it to the client.
Operating modes proxy Squid

Squid proxy server can operate in three basic modes:
Transparent mode

In this mode, the HTTP connection is made to the customer is redirected to the proxy server without their knowledge or explicit configuration. This mode does not need to configure the client. Disadvantages of this method: the necessary configuration NAT and routing traffic, client authentication is not working, not redirected to HTTPS, and FTP requests.
An authentication mode

To operate in this mode, clients must be configured to work with a proxy server (connection settings must be on the proxy server.) Can perform authentication and authorization clients via Kerberos, Ldap, NTLM, IP and Radius. Possible to build cooperation with Microsoft Active Directory server by authenticating clients – members of the domain, using a protocol Kerberos, and the subsequent authorization of members of groups using the LDAP domain in transparent mode (the user enters their password only when registering a domain). For authorized groups may use different settings for access control and QoS (delay pools).
A reverse proxy server

The proxy server caches outgoing data. A reverse proxy server receives data from the Squid HTTP server on behalf of the client and sends them back to the client (eg, the Internet). This mode makes it possible to:

Caching, which reduces the load on the HTTP server;
Load balancing of HTTP servers;
Disguise HTTP servers and their characteristics;
Prevention of attacks on web servers.