In this learning activity, you will need to install and configure squid so that it only permits web access to *linuxacademy.com*.
Successfully complete this lab by achieving the following learning objectives:
- Install Squid
You will need to install Squid on
yum install squid
- Enable and Start Squid
You will need to enable Squid:
systemctl enable squid
And start it:
systemctl start squid
- Permit Squid Client Access through the Firewall
You will need to permit clients to connect to the Squid service through the firewall:
firewall-cmd --permanent --add-service=squid
And reload the firewall configuration to pick up the change:
- Configure Squid
You’ll want to create an ACL that only allows clients to access linuxacademy.com. These go in
/etc/squid/squid.confafter the line that says
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS.
... # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS acl whitelist dstdomain .linuxacademy.com http_access allow whitelist ...
You’ll also need to comment out or remove the line:
#http_access allow localnet
And restart Squid:
systemctl restart squid
- Test from a Client
You’ll need to export the http_proxy value to use
And try curling the header of linuxacademy.com:
curl -I linuxacademy.com
This should work. Verify this is the only site that works by curling a different address:
curl -I apache.org
This should come back as forbidden.