Squid-cache_logoclamDansguardian squidguard_logo


Install squid

Squid is a proxy server and web cache daemon. It has a wide variety of uses, from speeding up a web server by caching repeated requests; to caching web, DNS and other computer network lookups for a group of people sharing network resources; to aiding security by filtering traffic. Although primarily used for HTTP and FTP and limited support TLS, SSL, HTTPS


Web proxy caching is a way to store requested Internet objects (e.g. data like web pages) available via the HTTP, FTP, and Gopher protocols on a system closer to the requesting site. Web browsers can then use the local Squid cache as a proxy HTTP server, reducing access time as well as bandwidth consumption. This is often useful for Internet service providers to increase speed to their customers, and LANs that share an Internet connection. Because it is also a proxy (i.e. it behaves like a client on behalf of the real client).


It can provide some anonymity and security. However, it also can introduce significant privacy concerns as it can log a lot of data including URLs requested, the exact date and time, the name and version of the requester’s web browser and operating system, and the referrer.


A client program (e.g. browser) either has to specify explicitly the proxy server it wants to use (typical for ISP customers), or it could be using a proxy without any extra configuration: “transparent caching”, in which case all outgoing HTTP requests are intercepted by Squid and all responses are cached. The latter is typically a corporate set-up (all clients are on the same LAN) and often introduces the privacy concerns mentioned above.


Squid has some features that can help anonymize connections, such as disabling or changing specific header fields in a client’s HTTP requests. Whether these are set, and what they are set to do, is up to the person who controls the computer running Squid. People requesting pages through a network which transparently uses Squid may not know whether this information is being logged. Within UK organisations at least, users should be informed if computers or internet connections are being monitored.


It is possible for a single Squid server to serve both as a normal and a reverse proxy simultaneously. For example, a business might host its own website on a web server, with a Squid server acting as a reverse proxy between clients (customers accessing the website from outside the business) and the web server. The same Squid server could act as a classical web cache, caching HTTP requests from clients within the business (i.e., employees accessing the internet from their workstations), so accelerating web access and reducing bandwidth demands.





install rmpforge packages

#wget https://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm

#rpm –Uvh rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm


#yum install squid


#vi /etc/squid/squid.conf


acl lan src

http_access allow localhost

http_access allow lan

http_port 3128


request_header_access Referer deny all

request_header_access X-Forwarded-For deny all

request_header_access Via deny all

request_header_access Cache-Control deny all

visible_hostname proxy.sathish.com

forwarded_for off



#service squid restart

#chkconfig squid on


now i tried to open a https://www..sathish.com in the browser of my client machine its shows



add your proxy ip address and poxy port  in the network setting of the client browser.




Install clamAV

ClamAV is an open source (GPL) antivirus engine designed for detecting Trojans, viruses, malware and other malicious threats. It is the de facto standard for mail gateway scanning. It provides a high performance mutli-threaded scanning daemon, command line utilities for on demand file scanning, and an intelligent tool for automatic signature updates. The core ClamAV library provides numerous file format detection mechanisms, file unpacking support, archive support, and multiple signature languages for detecting threats


#yum –enablerepo=rpmforge -y install clamav


#vi /etc/freshclam.conf

#Clamd /etc/clamd.conf


To update the antivrus use the following command



Scan any of the folder in your machine

#clamscan –infected –remove –recursive /home



Install Clamd

clamd – an anti-virus daemon

The daemon listens for incoming connections on Unix and/or TCP socket and scans files or directories on demand. It reads the configuration from /etc/clamd.conf


#yum –enablerepo=rpmforge install clamd


#service  clamd start

#chkconfig clamd on



 Install c-icap

c-icap is an implementation of an ICAP server. It can be used with HTTP proxies that support the ICAP protocol to implement content adaptation and filtering services.Most of the commercial HTTP proxies must support the ICAP protocol.Web antivirus service, using the clamav open-source antivirus engine basic URL filtering service.


#wget https://ftp.jaist.ac.jp/pub/sourceforge/c/project/c-/c-icap/c-icap/0.1.x/c_icap-0.1.6.tar.gz

#tar zxvf c_icap-0.1.6.tar.gz

#cd c_icap-0.1.6



#make install




#cp /usr/local/etc/c-icap.conf /etc


#vi /etc/c-icap.conf

ServerAdmin root@sathish.com

ServerName proxy.sathish.com

Service squidclamav squidclamav.so

7 8


#vi /etc/rc.d/init.d/c-icap


# c-icap: Start/Stop c-icap

# chkconfig: – 70 30

# description: c-icap is an implementation of an ICAP server.

# processname: c-icap

# pidfile: /var/run/c-icap/c-icap.pid

. /etc/rc.d/init.d/functions

. /etc/sysconfig/network




start() {

echo -n $”Starting c-icap: ”

daemon /usr/local/bin/c-icap -f $CONFIG_FILE



[ $RETVAL -eq 0 ] && touch /var/lock/subsys/c-icap

return $RETVAL


stop() {

echo -n $”Stopping c-icap: ”

killproc c-icap

rm -f /var/run/c-icap/c-icap.ctl



[ $RETVAL -eq 0 ] && rm -f $PID_DIR/c-icap.pid /var/lock/subsys/c-icap

return $RETVAL


case “$1″ in








status c-icap







echo $”Usage: $0 {start|stop|status|restart}”

exit 1


exit $?


#chmod 755 /etc/rc.d/init.d/c-icap



Install squidclamav

#wget https://ftp.jaist.ac.jp/pub/sourceforge/s/project/sq/squidclamav/squidclamav/6.3/squidclamav-6.3.tar.gz

#tar zxvf squidclamav-6.3.tar.gz

#cd squidclamav-6.3



#make install




#vi /etc/squidclamav.conf

redirect https://www.sathish.com/error.html

clamd_local /var/run/clamav/clamd.sock



#/etc/rc.d/init.d/c-icap start


#chkconfig –add c-icap

#chkconfig c-icap on


Add the following lines in the end of the conf file

#vi /etc/squid/squid.conf

icap_enable on

icap_send_client_ip on

icap_send_client_username on

icap_client_username_header X-Authenticated-User

icap_service service_req reqmod_precache bypass=1 icap://

adaptation_access service_req allow all

icap_service service_resp respmod_precache bypass=1 icap://

adaptation_access service_resp allow all


#/etc/rc.d/init.d/squid restart




 Install  SquidGuard

#yum –enablerepo=rpmforge -y install squidguard

#mv /etc/squid/squidguard.conf /etc/squid/squidguard.conf.bk

#vi /etc/squid/squidguard.conf

dbhome /var/lib/squidguard/db

logdir /var/log/squidguard

dest deny {

domainlist deny/domains

urllist deny/urls


acl {

default {

pass !deny all

redirect https://www.sathish.com/error.html





#mkdir /var/log/squidGuard

#mkdir -p /var/lib/squidGuard/db/deny


#vi /var/lib/squidGuard/db/deny/domains

# write domains you’d like to prohibit to access




#vi /var/lib/squidGuard/db/deny/urls

#write URLs you’d like to prohibit to access




#squidGuard -C all



#chown -R squid. /var/lib/squidGuard/db/deny


#vi /etc/squidclamav.conf

squidguard /usr/bin/squidguard

#/etc/rc.d/init.d/c-icap restart



Install DansGuardian

DansGuardian is an award winning Open Source web content filter which currently runs on Linux, FreeBSD, OpenBSD, NetBSD, Mac OS X, HP-UX, and Solaris. It filters the actual content of pages based on many methods including phrase matching, PICS filtering and URL filtering. It does not purely filter based on a banned list of sites like lesser totally commercial filters.

DansGuardian is designed to be completely flexible and allows you to tailor the filtering to your exact needs. It can be as draconian or as UN obstructive as you want. The default settings are geared towards what a primary school might want but DansGuardian puts you in control of what you want to block.

#yum –enablerepo=rpmforge -y install dansguardian


#vi /etc/dansguardian/dansguardian.conf

filterport = 8080

proxyport = 3128



#/etc/rc.d/init.d/dansguardian start

#chkconfig dansguardian on


#vi /etc/dansguardian/lists/bannedsitelist




#/etc/rc.d/init.d/dansguardian restart

now  i tried to open the https://www.sathish.com  in my browser show its banned site