The very first thing I would recommend doing is getting a copy of Squid The Definitive Guide
. I am reading it to help me setup an installation of squid for a small lab setting.
It's ISBN # is 0596001622
. I would recommend Half.com or Amazon.com's Marketplace for a good price.
I've setup logging of hostnames in squid by searching for
in squid.conf and adding
below all of the comments. As the comments say though, this may slow access speed as squid has to lookup each connecting system.
I'm likely to turn this off in the future once I research a program similar to Apache's logresolve
. This will let me resolve the ip addresses before any log analyzers get a hold of it. Because squid would not be doing the dns resolution during access it would speed up requests as well.
Of course for that to work you need your nameserver (mentioned in /etc/resolv.conf of the squid box) to support ip->name lookups.
Lastly, for adding your own rules do a search for
INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
and scroll down. In the squid.conf file for a Gentoo install the first rule after that was
http_access allow localhost
. I left it and added something like the following (different directory structure):
# Authenticate against OpenLDAP directory. Make sure to chmod 600 the pass file
auth_param basic program /usr/lib/squid/squid_ldap_auth -b "ou=users,dc=example,dc=com" 127.0.0.1 -D uid=squidquery,ou=DSA,dc=example,dc=com -W /etc/squid/squid_query.conf -v 3
auth_param basic children 10
auth_param basic realm Squid Proxy Server
auth_param basic credentialsttl 1 hour
# Require that users authenticate in order to use Proxy
acl Authenticated proxy_auth REQUIRED
http_access allow Authenticated
will tell you the different options for the ldap helper. Now you should see the login names and hostnames for your environment. As mentioned previously, resolving hostnames right before or during the log analysis phase should result in less latency for proxy requests.
Last but not least, chapter 12 covers the different helpers for proxy authentication.