In this learning activity, you will need to install and configure squid so that it only permits web access to *linuxacademy.com*.
Learning Objectives
Successfully complete this lab by achieving the following learning objectives:
- Install Squid
You will need to install Squid on
Server1(10.0.1.10):yum install squid- Enable and Start Squid
You will need to enable Squid:
systemctl enable squidAnd start it:
systemctl start squid- Permit Squid Client Access through the Firewall
You will need to permit clients to connect to the Squid service through the firewall:
firewall-cmd --permanent --add-service=squidAnd reload the firewall configuration to pick up the change:
firewall-cmd --reload- Configure Squid
You’ll want to create an ACL that only allows clients to access linuxacademy.com. These go in
/etc/squid/squid.confafter the line that says# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS.... # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS acl whitelist dstdomain .linuxacademy.com http_access allow whitelist ...You’ll also need to comment out or remove the line:
#http_access allow localnetAnd restart Squid:
systemctl restart squid- Test from a Client
You’ll need to export the http_proxy value to use
Server1:export http_proxy="http://10.0.1.10:3128"And try curling the header of linuxacademy.com:
curl -I linuxacademy.comThis should work. Verify this is the only site that works by curling a different address:
curl -I apache.orgThis should come back as forbidden.
