====== Installation instructions for SQUID proxy cache ======
**If needed, [[https://twiki.cern.ch/twiki/bin/view/Frontier/InstallSquid | the official CERN instructions]] for this installation are available.**
After you login as root, follow these steps carefully:
- Create the squid user and squid groupgroupadd squid
useradd -g squid -d /var/cache/squid -s /sbin/nologin squid
- Mount the partition /var/cache/squid
- Make the partition owned by squidchown squid:squid /var/cache/squid
- Install the yum repository from CERNwget -O /etc/yum.repos.d/cern-frontier.repo http://frontier.cern.ch/dist/rpms/cern-frontier.repo
- Check to see if you can see the repository:yum list frontier-squid
- Install the frontier-squid packageyum install frontier-squid
===== Local configuration steps =====
- The file: **/etc/squid/customize.sh** must be modified before the squid cache server is started.
* Change the line:setoption("acl NET_LOCAL src", "10.0.0.0/8 172.16.0.0/12 192.168.0.0/16")to be:setoption("acl NET_LOCAL src", "146.139.52.0/24 146.139.180.0/25 146.139.30.0/25 146.139.116.0/25 130.202.8.0/24 130.202.237.0/25 130.202.173.0/25 146.139.33.0/25 130.202.96.0/22 130.202.24.0/22 130.202.134.0/24 130.202.131.0/24")
- The firewall for the squid server should have port 3128 opened :
- Add to file **/etc/sysconfig/iptables** the line:-A INPUT -m state --state NEW -m tcp -p tcp --dport 3128 -j ACCEPT
- Remember the squid server will only serve requests from network masks as listed in customize.sh
- Restart iptables/sbin/service iptables restart
- Restart squid server/sbin/service frontier-squid restart
===== Testing the squid server =====
===== Starting/ stopping Squid server =====
* Start the server /sbin/service frontier-squid start
* Stop the server /sbin/service frontier-squid stop
* Turn on runlevels 3, 4, and 5: /sbin/chkconfig --levels 345 frontier-squid on