Access Control Lists

The main Squid configuration file is /etc/squid/squid.conf, and the default Ubuntu configuration file is full of comments to help guide you. The default configuration file allows full access to the local machine but denies the rest of your network. This is a secure place to start; we recommend you try all the rules on yourself (localhost) before rolling them out to other machines.

Before you start, open two terminal windows. In the first, change to the directory /var/log/squid and run this command:

sudo tail -f access.log cache.log

That reads the last few lines from both files and (thanks to the -f flag) follows them so that any changes appear in there. This allows you to watch what Squid is doing as people access it. We refer to this window as the "log window," so keep it open. In the other window (again, with sudo), bring up the file /etc/squid/squid.conf in your favorite editor. This window is referred to as the "config editor," and you should keep it open, too.

To get started, search for the string acl allthis brings you to the access control section, which is where most of the work needs to be done. You can configure a lot elsewhere, but unless you have unusual requirements, you can leave the defaults in place.

Was this article helpful?

0 0

Post a comment