Linux Proxy Server Advice

I'm looking for a Internet Proxy solution to monitor the usage of bandwidth in our company.
We have 40 staff overloading our connection at some times of the day.
I want to police our internet connection and find out if someone is using illegal downloading software.( Torrents etc )   At the very least identify the highest user of internet bandwidth.

The ideal solution I'm looking for will do the following:

1) Display current connections (LAN IP Address and Destination)
2) Log usage
3) Show Torrent usage
4) Display usage in a chart -  or at least export data so I can use reporting tools
5) Show a top 10 Users and top 10 Sites by Hit Count or Megabyte

We also have 3 internet connections, so it would be great if this proxy was able to load balance.

Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

As far as I know you should be able to achieve all of that using the free version of smoothwall. There are lots of great mods around to extend functionality.

Smoothwall express 3 is really good and its free to use:

They also have a commercial version if you require additional features and professional support, have a look at
You have SQUID that would do it or most of it but you will have to configure rules into it.  You can sure dump the rejected connections into logs and then read that from web browser but you have to be Linux savvy.
The good thing is that Squid is open source and free to use.
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

Squid is built into Smoothwall express.

The bonus with smoothwall is that its very quick and easy to install with minimal linux knowledge, if you are more comfortable with linux you can also ssh into smoothwall to do more.

Nothing wrong with squid at all, but smoothwall adds more features - particularly QoS that can be particularly useful for a shared connection.
Oh and Smoothwall express is Open Source and covered under the GPL - see the section "GPL and Open Source Software" at the following location:

Note that link is one mirror from sourceforge, you can select the download direct from sourceforge at

There are also mods available as a seperate sourceforge project at
MchallinorAuthor Commented:

I've heard a lot about Squid.  Interesting that Smoothwall makes the deployment easier for me.

From the screen shots its looks very much like the kind of UI you get with any appliance firewall.

We have a firewall already in place and ideally I just want this to sit on the LAN side of the network (behind the existing firewall)  - configured like a proxy server so all internet traffic from our staff is going through this (Linux) web proxy.

The key objective is to identify the heaviest Internet user and discover what websites they are viewing.  At this stage we are not interested in blocking anything, just monitoring usage.

As you can imagine, if the company internet is getting throttled by people using Itunes, Limewire, BitTorrent etc, I want to know who is the culprit.

Thanks,  I will keep looking at Smoothwall and the mods you have discussed.
I don't have a smoothwall set up here at the minute so I cant describe where it is, but Smoothwall Express 3 has some really nice real time traffic graphs that can show you at any time how much bandwidth any device is using. It may give you that information by IP, but you can work out which machine/user it is from that.
It is designed to be quick to setup and easy to use so you should find your way around pretty quickly.

I'm not sure what the best way of setting smoothwall up will be for you, when I used smoothwall I let it act as the DHCP server for the network. In your case you may well have something else in place doing that. If its your existing firewall appliance then no problem, disable that and let smoothwall take over and there should be no other config on the client side - they will just use the smoothwall as the gateway (the green interface in smoothwall terms).
If you have another machine already doing dhcp inside your network then you may have to configure the clients to use the smoothwall as the gateway - it just depends what your setup is.

From what you've said so far I'm guessing you'd just need 2 network cards in a computer - these will be a red interface (for the external connection - in your case the existing firewall will connect to this) and a green interface (for all your clients in your secure network).

If you have a need for it you can also use a third network card for a DMZ (orange interface). It can even do a fourth interface if you need it (Blue - for a wireless network kept seperate from your wired network for example - but this isn't necessary and it sounds like you won't need it).

Basically you just need to remember that smoothwall is more than just a proxy, it is also a firewall - its designed to be a single system to do proxy, QoS, firewall etc so be aware of this when setting it up.

You will need hardware to run it on with a minimum of 2 network cards (you shouldn't need that much performance in that hardware for the setup you describe) and you should be able to configure it to do as much or as little as you need, however even if you find it wont work for you, you can always wipe the machine and fall back to using sqiud on the same hardware.

Good luck with it =)

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.