VMware Communities
kingneutron
Expert
Expert

New version of Squid appliance (KingNeutron v5) available now!

--Previous announcement:

http://communities.vmware.com/message/1714784

2011.0915 - Announcing the latest V5 of the KingNeutron (Minimalist) Squid Proxy VM Smiley Happy

o Still Based on Long-Term-Support Ubuntu 8.04.4 ( Hardy ) -- JEOS ( Just Enough OS )

o Minimal download size

o ESX* Compatible with SCSI vdisks - Plase Test!

o Note: ESXi users will probably have to edit the /etc/network/interfaces after 1st boot.

o  Takes minimal resources to run -- 128MB RAM alloc, 1.7 GB Disk ( +2GB 2nd disk on sdb1, INCLUDED! ++ Pre-formatted for JFS )

    • ROOT SSH logins are DENIED, out of the box -- login as " user " instead and SUDO or SU from there

    • Vmware Tools is NOT installed, for space reasons.

    • NO FIREWALL rules

    • NO GUI

               o  Bridged networking is used by default, and the VM is expecting to grab a  DHCP address on bootup.  IPV6 support has again been left Enabled in  this release.

    (Static MAC address assigned in VMX file - should Just Work anywhere)

    o Default STATIC IP: 10.0.244.250

    + This can be changed by editing " /etc/network/interfaces " and then issuing ' /etc/init.d/networking restart '.

      • Note, this is a TESTING release - PLEASE let me know if there are any bugs!

      • I have finally been able to test Logfile rotation on ESXi - works Ok out of the box Smiley Happy

      • IMPORTANT  NOTE: When powering on the VM, tell Vmware you MOVED IT - not Copied it  -- this may eliminate the hassle that some users have been seeing  with " NIC creep ", where eth0 migrates to eth1 😉

        • DISCLAIMER *** - Run at your own risk, default build only includes SSH ( port 22 ) and Squid ( 10.0.244.250, port 3128 )

        • Not Responsible if this Virtual Appliance wows your birdcatponylizardfish, and makes it fall over in excitement! ***

    MD5SUM:

    c7c58e6abdb66a9d67a362d2d93ce11e *squidserver5-kn-JEOS-201109.7z

    SHA1SUM:
    194ae3980638dc328e400d694532f4b9561c8034 *squidserver5-kn-JEOS-201109.7z

    Filesize: 101,214 KB / ~99MB

    • Download Link:

    http://www.megaupload.com/?d=2PABZ6KU

    ** Default ID / password:

    root / vmroot

    user / vmware

      • SECURITY  NOTE: ** End-users are HIGHLY ENCOURAGED to change these default  passwords as soon as possible, to avoid cracker attacks.

      • As root, ' passwd root ' and ' passwd user '.

      • Feature: The 1st time you login as root, you WILL be asked to change the password. 😉  Otherwise, SSH will not be available.

    --Please  note that the Ubuntu Hardy Linux distro uses " upstart " instead of  /etc/inittab, so TTY changes should be made in " /etc/event.d " now.

      • Ctrl-Alt-Del has been set to SHUTDOWN the VM, NOT REBOOT **

    Features:

    Alt-F5: Bandwidth monitor, updates every (4) sec ( Increased from V4 to save CPU interrupts )

    Alt-F9: " Top " display, slightly customized

    * Easter egg(s) and some minor speed tweaks and fixes

    --Suggested additional software: (' apt-get update; apt-get install pkgname ')

    o webmin -- For system configuration (Browser-based config: https://10.0.244.250:10000 )

    o webmin-squid

    o calamaris -- Log analyzer

    o sarg -- Squid analysis report generator

    o webmin-sarg

    o srg -- Detailed log analysis for squid

    o squid-cgi -- Cache manager interface

    ==============================

    Quick instructions (HOWTO):

    - Fire up the VM

    - Hit Alt-F5 and you can watch the bandwidth monitor

    Hit Alt+F1, LOGIN AS ROOT and ** CHANGE THE PASSWORDS!! 1st thing **

    Client-side instructions:

    - Set ALL of your browser's Cache setting really low, like to 5 MB - and Delete it!  Huge disk space savings!

    - Point your browser's Proxy setting to the VM's IP address ( default 10.0.244.250 , port 3128 ) - you can point it to the DHCP address for fast/temporary testing (issue ' ifconfig ' at the root or User prompt to see the squid VM's DHCP IP address) or change it to whatever matches your home network. I put it as a Class A address by default so it matches my home setup and ((hopefully)) shouldn't interfere with other setups.

    --Note that this is a security feature as well.  I have my home net setup as a Class A with all-static IPs, and everybody (browsers and apt-get) talks to Squid.  Squid is usually the only box that has a DHCP address from the router so it can talk to the Internet.

    -- Now here's the neat thing - multiple PCs on your network can have *multiple browsers* - Firefox, Chrome, Opera, IE, Safari, Lynx, etc all pointing to the Squid proxy, and it will cache and filter ( ad- and some porn-sites, user definable ) requests for *everybody.*

    -- You know how AdBlock Plus works in Firefox?  Squid does something very similar, only it does it for ANY browser.  Somebody loads the Yahoo website? Well now you'll get it to load -faster- for you because it will be pulled from the Squid cache.  Virus updates, ad-aware, apt-get and Windows updates should also be faster because they won't have to be downloaded from the Web multiple times.  ( And yes, pretty much all of my physical PCs, laptops, and VMs go through my Squid proxy - I'm "eating my own dog food" here. )

    o Basic tutorials here:

    http://wiki.squid-cache.org/SquidFaq/ConfiguringBrowsers

    http://wiki.squid-cache.org/SquidFaq/WindowsUpdate

    http://ubuntulinuxhelp.com/speed-up-and-improve-web-surfing-with-an-ubuntu-squid-server/

    - ACL / file extension filtering:

    http://www.cyberciti.biz/faq/squid-content-filter-block-files/

    -- There are a *LOT* of config file options; I've done the heavy lifting and marked up /etc/squid.conf with " xxx " marks wherever things have been changed, and it should Just Work out of the box.  The maximum filesize that will get stored in-cache is 20MB, set by me.  If you're a tweaker though, you can set it up to pretty much store and filter whatever you want. ( Hint: as root, edit the following in /etc/squid: adsblock.txt, porn.txt, notporn.txt -- and then issue ' squiderr ' )

    -- If you are really anticipating a lot of usage, you should go ahead and bump up the settings - give the VM 256 MB RAM or more, and activate the built-in 2nd disk in /etc/squid.conf for extra cache space.  You will need to un-comment the cache_dir line for the extra space, and possibly tweak some other settings.  Repeat as needed - you can always replace the 2nd vdisk with a bigger one, or add more.

    NOTE: ' squid -kshutdown; sleep 30; squid -z; squid -D ' will activate the extra disk space once you are done editing the config file.

    --> Look in /etc/squid dir for ad-blocking settings, and don't forget to ' squid -kreconfigure ' ( or ' squiderr ' ) if you change things...

    -- Note for people who like SANE text editors, that don't remind you of EDLIN - I've included Joe (' jstar ', for those of us who actually miss WordStar), and Midnight Commander, which comes with ' mcedit ' -- you're NOT limited to VI !!!  You should easily be able to apt-get install nano as well, if you're used to it.

    Have fun...

    / Post bug reports :smileygrin:

    ./. If you have appreciated my response, please remember to apply Helpful/Correct points. TIA

    ./. If you have appreciated my response, please remember to apply Helpful/Correct points. TIA
    Reply
    0 Kudos
    10 Replies
    kingneutron
    Expert
    Expert

    --Alternate download link:

    http://hotfile.com/dl/130385588/7a26a5f/squidserver5-kn-JEOS-201109.7z.html

    / Sorry if anyone has been having trouble with Megaupload

    ./. If you have appreciated my response, please remember to apply Helpful/Correct points. TIA
    Reply
    0 Kudos
    kingneutron
    Expert
    Expert

    --2nd alternate download link:

    http://www.filesend.net/download.php?f=fe07492a0575053000a6a408730b54e4

    --Sorry about megaupload, folks; I've been using them for years, but they deleted my file this time with no explanation.

    --Please note: I do provide support for this Squid virtual appliance for a fee.  Please feel free to contact me if you have questions, or need support with setup or implementation.

    ./. If you have appreciated my response, please remember to apply Helpful/Correct points. TIA
    Reply
    0 Kudos
    kingneutron
    Expert
    Expert

    Standard Maintenance

    --Things to do every so often to keep the appliance up to date:

    o It's a good idea to login as " root " once a month or so and run the ' updt ' script.  This will update installed packages and apply security updates.

    Running ' updt ' will also sync up the VM's time/date.

    o Check your logs with ' mc /var/log ' and then use F3 to view the log files

    o Check free disk space with ' df -h '

    o Check RAM free and swapfile usage with ' free '

    - Hit Alt-F9 and you can see your uptime with the running " top " virtual console

    --I have had uptimes in excess of 100 days easily with Squid V4 running on ESXi; you just power it on, and it should pretty much take care of itself.  Smiley Happy

    ./. If you have appreciated my response, please remember to apply Helpful/Correct points. TIA
    Reply
    0 Kudos
    kingneutron
    Expert
    Expert

    Squid network connection diagrams - See attached

    ./. If you have appreciated my response, please remember to apply Helpful/Correct points. TIA
    Reply
    0 Kudos
    kingneutron
    Expert
    Expert

    --Somewhat related project - my Squid virtual appliance adapted to QEmu, complete emulation of an ARM CPU with 256 MB RAM for the Raspberry Pi:

    http://www.raspberrypi.org/forum/projects-and-collaboration-general/emulating-a-raspberry-pi-on-wind...

    --More info on the Raspberry Pi:

    http://www.raspberrypi.org/faqs

    --Network diagram -- see attmt

    ./. If you have appreciated my response, please remember to apply Helpful/Correct points. TIA
    Reply
    0 Kudos
    damirbb
    Contributor
    Contributor

    Nice job ... working very nice , Im install also webmin , calamaris and squid-cgi. How I see this versin of squid is old (2.6 stable18) is it posible to upgrade or install 2.7 version ? I dont know how ? Can you help?

    kingneutron
    Expert
    Expert

    Thanks Smiley Happy

    --Since this is basically a drop-in-and-use Appliance, if you want to upgrade the Squid version then I would ' wget ' the latest package from squid-cache and then ' deldeb squid ' (use builtin alias to uninstall the packaged version):

    http://wiki.squid-cache.org/SquidFaq/BinaryPackages

    --If you want to compile squid from source code, you should probably ' apt-get update; apt-get install build-essential ' and download the latest code from here:

    http://www.squid-cache.org/Download/

    --Note: You will quite probably have to make some (possibly extensive) changes to /etc/squid/squid.conf after changing versions -- I know I had to when I upgraded.  Best of luck!  ( And feel free to post your squid.conf changes in this thread! )

    ./. If you have appreciated my response, please remember to apply Helpful/Correct points. TIA
    Reply
    0 Kudos
    kingneutron
    Expert
    Expert

    --Well, hopefully I've just saved you a bunch of work. 😉  You got me curious, so I'm releasing a BETA squidserver V6 based on Squid 3.

    --DL from here:

    http://www.filesend.net/download.php?f=dee15e6aa858b73bfa155b6024929ed4

    md5sum:

    dcd3a2d1ad3b42b3827a1a1d2022984e *squidserver6-kn-JEOS-201201.7z

    sha1sum:

    e38bb616bc7c2608e32cb90b49e8da4de1993f6b *squidserver6-kn-JEOS-201201.7z

    ** Note: This is a BETA release.  (This is why there is no separate thread/announcement for V6 yet.) 

    Please test and post bugreports!!  If no bugreports, hopefully I'll prolly rev V6 as a "stable" release in about a month.

    --I basically modified the squid.conf file to match squid3's expectations and made a few minor mods.  ACLs have NOT been extensively tested, but appear to be working OK.

    --More ACL help for Squid3 can be found here:

    http://ubuntuforums.org/archive/index.php/t-1419364.html

    ./. If you have appreciated my response, please remember to apply Helpful/Correct points. TIA
    Reply
    0 Kudos
    rodge28
    Contributor
    Contributor

    Hi,

    This is nice had tried it and worked perfectly on my friends computershop running 20 computers, i'm just thinking, can it handel more clients like 200+ or more?

    thanks again.

    kingneutron
    Expert
    Expert

    The only thing I can recommend is to try it.  Since it's running in a VM, you could try allocating more RAM and disk space, modify /etc/squid.conf accordingly to take advantage of it, and see if it slows down appreciably.

    If it slows down, you could fire up another VM on a separate disk/spindle (or RAID10) with a different IP address, and have ~100 clients connect to each; or divide according to whatever makes sense given your load/response testing.  Postulate worst-case scenario with *all* clients trying to download something at once.

    TL;DR - Try scaling it and find out Smiley Happy  It should scale pretty well.

    ./. If you have appreciated my response, please remember to apply Helpful/Correct points. TIA
    Reply
    0 Kudos