Configuring squid with Squish

From Notes_Wiki

Home > CentOS > CentOS 6.x > Squid proxy server configuration > Configuring squid with Squish

To configure squid with Squish use following steps:

  1. Verify that proxy server is working properly without squash
  2. yum -y install perl-CGI perl-GD
  3. Download latest version of squash from http://www.mcgill.org.za/software/squish/
  4. tar xzf squish.tar.gz
  5. cd squish-<version>
  6. make install
  7. cp /usr/local/squish/apache-squish.conf /etc/httpd/conf.d
  8. edit /etc/squid/squid.conf
    1. replace hostname appropriately as necessary
    2. Move lines from 'added by squish (begin)' to end before generic 'http_access allow' line
  9. edit /etc/squid/squish.conf and set something like 
    #Try higher limit for saurabh.barjatiya
    

    saurabh.barjatiya	5Gb/day		50Gb/week
    

    #Generic limit for everyone else
    

    *	2Gb/day	10Gb/week
    Comment all other existing lines
  10. service squid restart
  11. service httpd restart
    Note that squid restart is only required once. Later just changed squish.conf and new settings will get automatically applied

Test by running '/usr/local/squish/squish.cron.sh' manually. This line in present in /etc/crontab. Based on this /etc/squid/squished file is generated by cron once every five minutes.

Example squid configuration with both squish and LDAP authentication

Example configuration with LDAP authentication is: 

#Saurabh - Require http authentication for all
auth_param basic program /usr/lib64/squid/squid_ldap_auth -b "dc=sbarjatiya,dc=com" -f "uid=%s" -h ldap.sbarjatiya.com
acl ldapauth proxy_auth REQUIRED

### added by squish (begin)
# acl's for squish - autodetected, sometimes
acl SQUISHLOC dst proxy.sbarjatiya.com
acl SQUISHED1 proxy_auth -i "/etc/squid/squished"
# acl SQUISHED2 ident    "/etc/squid/squished"
#acl SQUISHED3 src        "/etc/squid/squished"
# Error info that says you're squished
deny_info http://proxy.sbarjatiya.com/squish/?squished& SQUISHED1
# deny_info http://proxy.sbarjatiya.com/squish/?squished& SQUISHED2
deny_info http://proxy.sbarjatiya.com/squish/?squished& SQUISHED3
# HTTP access controls for squish
http_access allow SQUISHLOC
http_access allow ldapauth !SQUISHED1
 http_access deny SQUISHED1
# http_access deny SQUISHED2
#http_access deny SQUISHED3
### added by squish (end)

http_access allow ldapauth



squish setup on CentOS 7.0

Compared to above steps on CentOS 7.0 use following additional steps:

  1. Edit /usr/local/squish/squish.pl and change reload command to: 
    systemctl reload squid
  2. Edit /etc/httpd/conf.d/apache-squish.conf to have 
    Require all granted


Home > CentOS > CentOS 6.x > Squid proxy server configuration > Configuring squid with Squish

Retrieved from "http://www.sbarjatiya.com/notes_wiki/index.php?title=Configuring_squid_with_Squish&oldid=6466"