How to Control Web Traffic Using Squid Cache and Cisco Router in Linux. One important task in a network is control and manage staffs web surfing traffics, there are many solutions that can handles this issue, one of the best solutions is using squid cache on a Linux machine. Squid can inspect, limit and cache web traffics flow from one network to another network for example from a LAN to the Internet. Traffic Control Using Squid and Cisco Router in Cent. OSThere is a few ways for redirecting clients web requests to squid machine, in this article we will show you how to redirect web traffic from a CISCO router to a Squid Cache machine using WCCP protocol. The picture below is an example of a basic scenario. Control Web Traffic Using Squid Cisco Router. As you see in above picture all clients web traffics first goes to Cisco Router That is their default gateway, then router silently redirect packets to squid machine, now squid can play its roles, the main roles is caching web contents, limit access based on domains, time intervals, ip addresses, size of files, etc. We review this scenarios configuration in two Major steps, first we should install and configure squid and Linux, then configure router to redirecting web traffic packets into squid using WCCP protocol. Testing Environment. In this scenario I use CENTOS 6. Patrick Debois Independent ITconsultant Bridging the gap between projects and operations by using Agile techniques both in development,project management and system. H2rZ7Ia8Oe0/VwV7AHmOXSI/AAAAAAAABD4/frRFy-fHKfEUDx28m52OSxoCS292bj72g/w1200-h630-p-k-no-nu/squid_www.hackthesec.co.in.png' alt='Install Squid Reverse Proxy Centos' title='Install Squid Reverse Proxy Centos' />After i updated to Pfsense version 2. If you dont know what a proxy server is, you are properly askin. JenkinsWinstone Web8080JenkinsSSL. Free Download Tv Serials 3Gp Video. Proxy. squid locahost Proxy Server. In this article we will show you how to redirect HTTP web traffic from a CISCO router to a Squid Cache machine in CentOS system using WCCP protocol. The site for people who want to establish the Network Server with CentOS, Ubuntu, Fedora, Debian. In this article, well see how to remotely manage our Samba AD Domain controller DNS from Microsoft DNS Manager and create a domain policy via Group Policy. LINUX server and Cisco 2. Router system. Operating System CENTOS 6. Application Squid. Router Cisco 2. 69. Step 1 Installing Squid Cache. DHCP is configured to use both DNS and Gatway 192. De Patch Para Fm 2008. If you are trying to assign clients on the 192. Install Squid Reverse Proxy Centos' title='Install Squid Reverse Proxy Centos' />Squid is available on default repository of CENTOS, we first install it using lovely yum command and then start their services and finally set automatic starting of squid service. Step 2 Preparing Squid Cache. Now we must change some default behaviors of centos operation system, we need to enable packet forwarding and disable reverse Path filter RPF, we enable packet forwarding to let the centos acting as a transparent forwarder like a router. Let me explain in more detail, when traffics gets in centos it have their source and destination addresses, for example when a client enter www. So, when packet received by centos it detect as an wrong packet because centos ip address is not as destination address of the packet, for security reasons centos drop the packet, but we want from squid to act in transparent mode. We tell this situation to centos by enabling packet forwarding potion. Reduce bandwidth use and deliver your most frequently requested web pages more quickly with Squid Proxy Server. This guide will introduce you to the fundamentals of. Install Squid Reverse Proxy Centos' title='Install Squid Reverse Proxy Centos' />Next we should disable Reverse path Filtering to let the centos accepting packets that not accessible by squid machine or it packets that do not have ip address in the same subnet of squid machine. Next we need to create a GRE interface on CENTOS machine, for what Let me explain more, the WCCP protocol works through a GRE Tunnel, it means the language between router and Squid is GRE, so centos need to have a GRE interface for De encapsulate GRE packets. We should create the configuration file for GRE interface in etcsysconfignetwork scriptifcfg gre. Enter below codes in ifcfg gre. El Pentateuco De Isaac Pdf more. DEVICEgre. 0. BOOTPROTOstatic. IPADDR1. 0. 0. 0. NETMASK2. 55. 2. After creating a GRE interface we need to restart network service. Step 3 Configuring Squid Cache. We need to tell squid accepting WCCP packets from router. Enter below codes in etcsquidsquid. Define SQUID listening port. Save the configuration file and restart squid service. Squid listen for packets in 3. NAT rule on CENTOS integrated firewall that named iptable. A PREROUTING i gre. REDIRECT to port 3. A POSTROUTING j MASQUERADE. Step 4 Cisco Router Configurations. First we should enable WCCP on cisco router. R1config ip wccp version 2. Then we must use an ACL for introducing SQUID cache machine to router. R1config ip access list standard SQUID MACHINE. R1config std nacl permit host 1. Next we define another access list for two different purpose first we should except SQUID traffics from redirecting by WCCP protocol if not we fall into an infinite loop second we define which LAN traffics we want to passing through WCCP and SQUID. R1configip access list LAN TRAFFICS. R1config ext nacldeny ip host 1. Prevent SQUID to get in loop. R1config ext naclpermit tcp 1. LAN Traffics. After creating our access list we must configure WCCP protocol on router. R1config ip wccp web cache redirect list LAN TRAFFIC group list SQUID MACHINE. Every things is ready for final step, we must tell the router that in which interfaceinterfaces it must redirect traffics using their WCCP configuration. R1configinterface fast. Ethernet 00. R1config if ip wccp web cache redirect in. Summary. Its time to summarize all commands and texts in a few lines for better understanding, according to the scenario we redirect staffs web surfing packets that is on TCP port 8. ROUTER that is default gateway of the clients toward the squid cache machine using WCCP protocol. All these process happened silently and there is no additional configuration on client side. So we can control and set policies on web traffics in the LAN. For example, we can gain web surfing access just in a limited time, limit maximum download size, define our custom blacklist and whitelist, generate full reports of internet activity usage and etc. If you have any questions regarding to this article please leave a reply through below comment box.