Using SQUID to manage a Linux Internet Gateway

Posted on 2006-05-09
Last Modified: 2013-12-03
   I use a redhat linux box to manage my LAN which has 30 windows XP systems. The linux box has a firewall installed/configured "GUARDDOG". Presently i am having 2 problems that i really need to solve.

1.    I  do not want to make my IP shown to the public. This is a security risk cos i use the 30 windows XP systems to run a public internet cafe. I suppose squid should be able to do this for me and I have squid installed but not yet fully configured. Any suggestion on how to get it properly configured will be appreciated.

2.   The main issue that i will like to solve is setting a bandwidth limit (upload/download)  for users and also how to get some sites restricted. I have read quite a number of post on the site and found a bit of information on using squid to limit bandwidth. I wiould like to know how to configure this as i am new to squid entirely (an intermediate expert in linux).

   Any other advice on how to limit bandwidth usage apart from squid is gladly welcome.

A quick reply will be greatly appreciated.

Question by:deepsee34
    LVL 19

    Expert Comment

    1.- You cannot hide external IP addess. to hide internal ip address you can use a proxy (squid) or NAT (iptables).

    2.- To use squid to give less priority to large downloads (p2p, etc) you can use delay pools:

    2.b.- for restricting sites, use ACLs like this:
    acl bannedurls url_regex "/usr/local/squid/etc/banned_urls"
    acl bannedips  dst       "/usr/local/squid/etc/banned_ips"

    (I have these files, banned_urls and banned_ips and just need to enter the full ip or a part of the URL. be careful since if you put .com then all .com will be filtered)

    Author Comment

    Thanx Redimido,
       I read throgh the links u gave me and was quite helpful but i seem not to understand how to get around it cos i dont want to tamper with my linux box since i havent fully grabbed the explanation. I hv just installed squid on the linux box and every thing set at default.
       I will need a quick jumpstart on proper config so that i can get it up and running. Again, is there anyway in squid that i can specify bandwidth limit (upload and download) for client computers?

    LVL 19

    Accepted Solution

    the answer with squid: no.

    another answer: download wonder shaper. this is an easy script that you need to study, since it makes easy to control bandwidth:

    Featured Post

    Maximize Your Threat Intelligence Reporting

    Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

    Join & Write a Comment

    In my business, I use the LTS (Long Term Support) versions of Linux. My workstations do real work, and so I rarely have the patience to deal with silly problems caused by an upgraded kernel that had experimental software on it to begin with from a r…
    Join Greg Farro and Ethan Banks from Packet Pushers ( and Greg Ross from Paessler ( for a discussion about smart network …
    Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
    Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:

    733 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now