I recently installed Squid, the HTTP Proxy, for the first time. The version I installed was 2.6-STABLE16 and came as part of Solaris Coolstack 1.2. Here are some notes from the installation process:
Installation
The application on Solaris x86 using the pkgadd
utility and the appropriate Coolstack Squid package file (CSKsquid_1.2_x86.pkg). The installation process also created a new SMF service called csk-squid
.
Setup
This was the first time I had installed Squid so, after reading the documentation provided by Coolstack, I tried starting the Squid service. Unfortunately, it kept complaining about missing cache directories and file permissions, and would not start. In the end, a colleague directed me towards the squid -z
command, which carried out all of the required post-installation setup and duly sorted out all of the directory/permissions problems.
Configuration
I only had to make two small changes to the Squid configuration file (/opt/coolstack/squid/etc/squid.conf):
- Squid uses port 3128 by default but, since our corporate firewall permits very few outbound ports, we modified squid to use port 8080 instead:
- We wanted to restrict access to the new HTTP Proxy to only a certain range of corporate IP addresses. This was easily achieved by adding a simple access rule as follows:
http_port 8080
acl my_networks src XXX.XXX.XXX.XXX/24
http_access allow my_networks
Other than this, the process was surprisingly straightforward.