User Tools

Site Tools


tier3_admin:tier3squid

Installation instructions for SQUID proxy cache

If needed, the official CERN instructions for this installation are available.

After you login as root, follow these steps carefully:

  1. Create the squid user and squid group
    groupadd squid
    useradd -g squid -d /var/cache/squid -s /sbin/nologin squid
  2. Mount the partition /var/cache/squid
  3. Make the partition owned by squid
    chown squid:squid /var/cache/squid
  4. Install the yum repository from CERN
    wget -O /etc/yum.repos.d/cern-frontier.repo http://frontier.cern.ch/dist/rpms/cern-frontier.repo
  5. Check to see if you can see the repository:
    yum list frontier-squid
  6. Install the frontier-squid package
    yum install frontier-squid

Local configuration steps

  1. The file: /etc/squid/customize.sh must be modified before the squid cache server is started.
    • Change the line:
      setoption("acl NET_LOCAL src", "10.0.0.0/8 172.16.0.0/12 192.168.0.0/16")

      to be:

      setoption("acl NET_LOCAL src", "146.139.52.0/24 146.139.180.0/25 146.139.30.0/25 146.139.116.0/25 130.202.8.0/24 130.202.237.0/25 130.202.173.0/25 146.139.33.0/25 130.202.96.0/22 130.202.24.0/22 130.202.134.0/24 130.202.131.0/24")
  2. The firewall for the squid server should have port 3128 opened :
  3. Add to file /etc/sysconfig/iptables the line:
    -A INPUT -m state --state NEW -m tcp -p tcp --dport 3128 -j ACCEPT
  4. Remember the squid server will only serve requests from network masks as listed in customize.sh
  5. Restart iptables
    /sbin/service iptables restart
  6. Restart squid server
    /sbin/service frontier-squid restart

Testing the squid server

Starting/ stopping Squid server

  • Start the server
    /sbin/service frontier-squid start
  • Stop the server
    /sbin/service frontier-squid stop
  • Turn on runlevels 3, 4, and 5:
    /sbin/chkconfig --levels 345 frontier-squid on
tier3_admin/tier3squid.txt · Last modified: 2015/04/13 16:49 by dbenjamin