In this lab, we will provision and configure a simple Squid proxy server and test it with a client. We will also use an external web client system to test that it is caching web pages. This hands-on lab can be taken stand-alone or as part of the LPIC-2: Linux Engineer Exam 202 preparation.
Successfully complete this lab by achieving the following learning objectives:
- Install Squid Proxy Server Software
Using the appropriate commands install the squid proxy server:
sudo yum install squid
- Walk through the Configuration and Make Changes If Appropriate
Make any changes to the squid configuration to suit the Lab environment if required:
cd /etc/squid vi squid.conf
NOTE: For this lab, you are not required to make any changes, the ACL for the local network (private) and the default port (3128) will
meet our requirements.
- Enable and Start the Service
Using the correct commands, start the service and enable it to restart on a system reboot:
sudo systemctl enable squid sudo systemctl start squid
You can check it is listening via:
telnet localhost 3128
- Install and Configure a Web Client for Proxy Use
Using the approriate commands, configure a web client for use with the proxy server.
On the second server, export the ‘http_proxy’ variable to the private IP of the squid server:
export http_proxy=[squid server IP]:3128
- Use the Client Web Browser to Verify Functionality
Check functionality of the Squid proxy server using a web browser or client.
Use the text web browser ‘lynx’ on server 2 to verify that a website comes up:
- Stop the Squid Proxy Service to Understand the Various Errors and What They Mean. Once Tested, Start the Service Again.
Using the correct system commands, stop the service, examine the errors. Start the service and examine any errors or messages.
Back on Server 1 (where squid is installed), stop the squid service:
sudo systemctl stop squid
Verify it is stopped, the following should now fail:
telnet localhost 3128
- Change the Proxy Configuration to Block Access from the Second Server. Examine the Message When You Try Access Again.
Note: You will need to restart the proxy server.
Edit the ACL for the private network to exclude access:
vi /etc/squid/squid.conf sudo systemctl restart squid
Check your client with Lynx and verify the error message.
- Change the Proxy Server to Re-enable Access from server2
Re-enable the access to the second server.