How do you compile and install Squid?
Are you a net surfer?
Do you want to reduce the bandwidth consumption?
Do you want to improve the network performance?
How do we reduce the load on a web server and make web pages load faster?
The answer to the above questions is Squid, web caching software independent of the platform. Squid is a proxy server and web cache daemon. It has various uses, from speeding up a web server by caching repeated requests to caching web, DNS and other computer network lookups for a group of people sharing network resources to aiding security by filtering traffic. So now, the hosting companies have started providing Squid hosting.
Features of Squid:
- It acts as a firewall and proxies your internal web traffic.
- It ensures that only authorized users can surf the Internet, behaves like a parental lock and prevents users from browsing inappropriate websites.
- It filters sensitive information from web requests and enhances your privacy.
- It benefits companies, libraries, organizations, colleges and schools where the iPod is a charm and given to the students of class VI onwards.
- Squid has extensive access controls and makes a great server accelerator. It runs on most available operating systems, including Windows and is licensed under the GNU GPL.
Compiling and Installing Squid:
Compiling Squid is relatively straightforward. You’re probably already familiar with the procedure if you’ve installed several open-source packages. You first use a program called. /configure to probe your system, and then a program is called to compile. To compile Squid, you need an ANSI C compiler. You’ll also need Perl and awk, except for the ANSI C compiler. Awk is a standard program on all UNIX systems, so you shouldn’t worry about it. Perl is typical but may not be installed on your system by default. You may need the gzip program to uncompress the source distribution file.
After compiling, you need to install the programs into their permanent directories. This might require superuser privileges to put files in the installation directories. If you enable Squid’s ICMP measurement features with the enable-ICMP option, you must install the Pinger program. The Pinger program must be installed with superuser privileges because only the root is allowed to send and receive ICMP messages. The following command installs Pinger with the appropriate permissions:
# make install-pinger
Running Squid: Squid typically runs as a daemon process. However, if you are new to Squid, I recommend running Squid in the foreground from a terminal window until you are confident it is working correctly. Following that, you can run Squid as a daemon in the background. You can send signals to the running Squid process to execute various tasks, such as halting and reconfiguring Squid and rotating the log files. Although you can use the kill command to send signals, the Squid -k commands are more accessible. –k is an administrative function with the following functions: reconfigure, rotate, shutdown, interrupt, kill, debug, check, or parse. Before running Squid for the first time, you must initialize the cache directories whenever you add a new cache_dir. The command is:
% squid –z
Using Squid’s sophisticated access controls: As we all know, access and SS controls are essential to any configuration file. We can use them to grant authorized users access and stop unauthorized access. You can use them to restrict, prevent access to, control request rewriting, route requests through a hierarchy, and support different service qualities.
Access controls are built on two different components. You can define several access control list elements. These elements refer to specific aspects of client requests, such as IP addresses, URL hostnames and request methods. After determining the necessary details, combine them into several access list rules. The rules apply to particular services or operations within Squid.
As your access control configuration becomes longer, it also becomes more complicated. I strongly encourage testing your access controls before turning them loose on a production server. Of course, the first thing you should do is make sure that Squid can correctly parse your configuration file. Use the -k parse feature for this:
% squid -k parse
Tuning disk storage for optimal performance: Squid has several different storage schemes. The schemes have other properties and techniques for organizing and accessing cache data on the disk. Most of them use the file system interface system calls. Squid has five storage schemes: ufs, aufs, diskd, coss, and null. The first three use the same directory layout and are thus interchangeable. Coss is an attempt to implement a new file system optimized explicitly for Squid. Null is a minimal API implementation: it doesn’t read or write data to/from the disk.
As long as the total disk usage is below cache_swap_low, Squid doesn’t remove cached objects. As the cache size increases, Squid becomes more aggressive about removing objects. Under steady-state conditions, you should find that disk usage stays relatively close to the cache_swap_low value.
Configuring your operating system for HTTP interception: As we all know, the Squid operating system is configured to accept foreign packets and deliver them to the Squid process. First, to make HTTP interception work, we must configure three separate components: a network device, Squid’s operating system, and Squid itself. The apparent benefit of interception caching is that all HTTP requests leaving your network automatically go through Squid. You don’t need to worry about configuring browsers or that users might turn off their proxy settings. Interception caching puts you, the network administrator, in control of the HTTP traffic. You can change, add, or remove Squid caches from service without significantly interrupting your users’ web surfing.
Forwarding Requests to other web caches: Maybe there can be any reason to find that you want Squid to forward its cache misses to another cache or HTTP proxy. This is necessary, for example, if you are using Squid inside an extensive corporate network with one or more firewalls protecting you from the outside world. And if your caching service is a cluster of Squid caches, you probably want them to cooperate to minimize duplication of cached responses. You can also use Squid as a content router routing web traffic in different directions based on some aspect of the request. Or, perhaps you’d like to participate in an informal collection of caches to improve response time further and reduce wide-area network traffic.
Using redirectors to rewrite user requests: The most crucial fact about Squid is that it can alter requested URLs. If used as an external process, Squid can pass every incoming URL through a helper process that returns either a new URL or a blank line to indicate no change. It allows the administrator to control the locations to which his users go. The redirector feature will enable you to implement several exciting things with Squid. Many sites use them for access controls, removing advertisements, local mirrors, or even working around browser bugs. A redirector is just a program that reads a URI and other information from its input and writes a new URI on its output. Perl and Python are famous for redirectors, although some authors use compiled languages such as C for better performance. We can use redirectors to rewrite user requests.
Monitoring Squid with the cache manager and SNMP: Squid must write various messages to cache.log as it runs. Most of these are abnormal events of one sort or another. But for some reason, Squid isn’t always smart enough to differentiate serious problems from those that can be safely ignored. Without many problems, cache.log is also an excellent place to start investigating a Squid problem. The cache manager and SNMP interfaces allow you to query Squid for various data. The cache manager, which has shortcomings, probably provides the most information in current versions of Squid. Squid supports SNMP as well. Unfortunately, the data available through SNMP is only a subset of the cache-manager information. So, we can easily monitor Squid with the cache managers’ and SNMPs’ help.
Using Squid to accelerate and protect HTTP servers: Server acceleration is generally used to improve the performance of slow or heavily loaded backend servers. It works well because origin servers tend to have a relatively small hot set.
Managing bandwidth consumption with Delay Pools: Bandwidth control in Squid entails two steps. One is to create an ACL (Access Control List), and the other is to create a delay pool. In the Squid configuration menu, go to the Access Control option. Here, you’ll notice that some default ACLs have already been made. Create an access control of your own. Delay pools provide a means to restrict clients’ bandwidth usage. With delay pools, clients can be determined at the individual level or in groups. ACLs are used to apply bandwidth limits to users. TGoo the main Squid configuration interface to create Delay pools d, select the delay pool option.
Ananova 