How to configure linux squid server step by step guide Example and Implementation

Proxy servers operate as an intermediary between a local network and Internet. Requests from local clients for web services can be handled by the proxy server. Squid is a high-performance HTTP and FTP caching proxy server. It is also known as a Web proxy cache. As it stores data from frequently used Web pages and files, it can often give your users the data they need without their systems having to look to the Internet.

From squid web proxy server you can control what should be access on your network from internet. It could be act as a filter that could filter everything from porn site to advertise , videos.

In our example we will configure squid web proxy server and filter sites and deny permission to specific host from accessing internet.

Configure squid web proxy server

squid rpm is required to configure squid web proxy server check it for install if not found install it.

check the hostname and ip address of server it will be use in editing of squid.conf


Main Squid configuration file is squid.conf in the /etc/squid/ directory. This file contains over 4000 lines in , but only a few are active by default. Most of this file is filled with comments that describe most directives and associated options. To make editing easier use show line numbers options and locate desire tag from line number. We suggest you not to cram line number use them only to locate the desire tag as a simple enter can change the number of all lines in file.

open /etc/squid/squid.conf for editing

show hidden line with : set nu option on vi command mode

You need to add three lines to the squid.conf file in the /etc/squid/ directory before activating Squid

First editing is about hostname locate visible_hostname tag near about line no 2835

Go in the end of this tag near about line no and add the hostname which you have checked in pervious command


By default squid works on port no 3128 but can change this. Port tag is located near line no 73

For our example we using the default port.

Next editing is to create access control list. Access control tag is located near the line no 2226


We will create three access list.

• First to block host with ip address 192.168.1.7 from accessing internet.
• Second to block a particular site.
• Third to allow our lab network for accessing internet.

Go in the end of access control tag near about line 2410 and create access list as show here


Final editing is to implement whatever access list you have configured in access list tag go to http access tag near line no 2482

In the end of this tag near line no 2529 apply the configured access list


Be very careful about the order of access list alway put http_access deny all line in the end of all line. Whatever access list defined below the http_access deny all line will never be checked.

You have made necessary changed in squid.conf now save it and return to command prompt.

We have created a access list web_deny to filter the web traffic. We have set http_access deny web_deny tag in squid.conf. Now you can add the url of those websites in this file which you want block.

Now create /etc/squid/web_deny file.

for testing purpose in our example we are blocking www.google.com

you can add any sites url in this file which you want to block.

You have completed all necessary steps now start the squid service.


Squid client configuration

On client set the ip configuration. Set proxy servers ip 192.168.1.3 to default getway anddns server ip on client system.

Now open the web browser and set the port number and ip address of proxy server in connection tab

If you can successful retrieve website mean squid is working correctly


Now try to open www.google.com


Now go system which ip address is 192.168.1.7 and try to access after doing same setting


How to configure linux dns slave server step by step guide Example and Implementation

A DNS server, or name server, is used to resolve an IP address to a hostname or vice versa.
You can set up four different types of DNS servers:

• A master DNS server for your domain(s), which stores authoritative records for your domain.
• A slave DNS server, which relies on a master DNS server for data.
• A caching-only DNS server, which stores recent requests like a proxy server. It otherwise refers to other DNS servers.
• A forwarding-only DNS server, which refers all requests to other DNS servers.

In our pervious article we have configured Master dns server. In this tutorial we will extended pervious article andconfigure salve dns server. This article is the second part of How to configure dns server step by step guide. We suggest you to review pervious article before starting it.

Configure dns server step by step guide part1

Configure dns slave server

For this example we are using three systems one linux server one linux clients and one window clients.

We have configured master DNS server with ip address of 192.168.0.254 and hostname server.example.com on linux server. Now we will configure slave DNS server on linux clients

To configure slave DNS server go on client1 system.

First test connectivity from dns server by ping commands and check necessary rpm. bindand caching-nameserver rpm is required to configure dns. check them for install if not found install them.

set hostname to client1 and ip address to 192.168.0.1 And create a new named.conf file


We are using bind's chroot features so all our necessary files will be located in chroot directory. Set directory location to /var/named. As we are configuring slave server so we need not to define the location of zone database files. Zone database file can be created and modified only on master server. A slave server only copied it's from master server.

Do editing exactly as shown here in image in named.conf

save this file with :wq and exit

If you cannot create this file manually then download this pre configured file and copy to/var/named/chroot/etc/named.conf

To download do right click here and choose save link As..
named.conf

Now restart the named service. It should be start without any error.


Congratulation you have configured both Master and client DNS server. Now we will configure dns client and test it with dns server.

Configure Window DNS Client

Now go on windows xp system and test connectivity from DNS server. And set DNS ip address in LAN card properties.

Now go on commands prompt and ping from other client by name to test dns.

Alternately You can also verify DNS server by nslookup command

Test also by pinging server from name


Configure Linux DNS clients

RHCE Exam question 
Dig Server.example.com, Resolve to successfully through DNS Where DNS server is 192.168.0.254.

RHCE Exam question2 Your System is configured in 192.168.0.0/24 Network and your nameserver is 192.168.0.254. Make successfully resolve to server.example.com.

On command line interface you don't have any options to set DNS ip in network configuration window. IP of DNS server can be set from /etc/resolv.conf file. Each nameserver line represents a DNS server, and the search line specifies domain names to try if only the first part of a hostname is used. For example, if just the name client1 is used as a hostname, client1. example.com will also be tried if the /etc/resolv.conf file is configured as shown in image below on the system.

To set DNS ip open /etc/resolv.conf file

set nameserver ip to 192.168.0.254 and search option to example.com

After saving /etc/resolv.conf file restart the network service


dig server.example.com to test dns server

now verify by pinging to other client from name


How to configure linux dns server step by step guide Example and Implementation

A DNS server, or name server, is used to resolve an IP address to a hostname or vice versa.
You can set up four different types of DNS servers:

• A master DNS server for your domain(s), which stores authoritative records for your domain.
• A slave DNS server, which relies on a master DNS server for data.
• A caching-only DNS server, which stores recent requests like a proxy server. It otherwise refers to other DNS servers.
• A forwarding-only DNS server, which refers all requests to other DNS servers.

Before configuring BIND to create a DNS server, you must understand some basic DNS concepts.

The entire hostname with its domain such as server.example.com is called a fully qualified domain name (FQDN). The right-most part of the FQDN such as .com or .net is called the top level domain, with the remaining parts of the FQDN, which are separated by periods, being sub-domains.

These sub-domains are used to divide FQDNs into zones, with the DNS information for each zone being maintained by at least one authoritative name server.

The authoritative server that contains the master zone file, which can be modified to update DNS information about the zone, is called the primary master server, or just master server.

The additional name servers for the zone are called secondary servers or slave servers. Secondary servers retrieve information about the zone through a zone transfer from the master server or from another secondary server. DNS information about a zone is never modified directly on the secondary server

chroot features

chroot feature is run named as user named, and it also limit the files named can see. When installed, named is fooled into thinking that the directory /var/named/chroot is actually the root or / directory. Therefore, named files normally found in the /etc directory are found in /var/named/chroot/etc directory instead, and those you would expect to find in /var/named are actually located in /var/named/chroot/var/named.

The advantage of the chroot feature is that if a hacker enters your system via a BIND exploit, the hacker's access to the rest of your system is isolated to the files under the chroot directory and nothing else. This type of security is also known as a chroot jail.

Configure dns server

In this example we will configure a dns server and will test from client side.

For this example we are using three systems one linux server one linux clients and one window clients.

bind and caching-nameserver rpm is required to configure dns. check them for install if not found install them.

set hostname to server.example.com and ip address to 192.168.0.254


main configuration file for dns server is named.conf. By default this file is not created in /var/named/chroot/etc/directory. Instead of named.conf a sample file /var/named/chroot/etc/named.caching-nameserver.conf is created. This file is use to make a caching only name server. You can also do editing in this file after changing its name to named.conf to configure master dns server or you can manually create a new named.conf file.

In our example we are creating a new named.conf file


We are using bind's chroot features so all our necessary files will be located in chroot directory. Set directory location to /var/named. Further we will set the location of forward zone and reverse lookup zone files. If you cannot create this file manually then download this file and copy to /var/named/chroot/etc/

To download do right click here and choose save link As..
named.conf

Or do editing exactly as shown here in image

save this file with :wq and exit

Configure zone file

We have defined two zone files example.com.zone for forward zone and 0.168.192.in-addr.arpa for reverse zone. These files will be store in /var/named/chroot/var/named/ location. We will use two sample files for creating these files.

Change directory to /var/named/chroot/var/named and copy the sample files to name which we have set in named.conf


Now open forward zone file example.com.zone

By default this file will look like this

Change this file exactly as shown in image below

If you feel difficulty to modify this file then download this configured file and copy to/var/named/chroot/var/named

To download do right click here and choose save link As..
example.com.zone

Now open reverse lookup zone file 0.168.192.in-addr.arpa

By default this file will look like this

Change this file exactly as shown in image below

If you feel difficulty to modify this file then download this configured file and copy to/var/named/chroot/var/named

To download do right click here and choose save link As..
0.168.192.in-addr.arpa

Now changed the ownership of these zone files to named group


Now start the named service


If service restart without any error means you have successfully configured master name server in our next article we will learn how to configure salve dns server and test it.

How to configure linux vnc server step by step guide Example and Implementation

VNC server is a used to share desktop with remote computer. VNC works on client server architecture. To share desktop you need vnc-server package and to access from other computers you need vnc-viewer. In this tutorials I will show you how to configure vnc server.

For demonstration purpose we will use two linux systems. Both systems should have graphics installed.

To configure VNC- Server

Boot system in init 5 or graphic mode. vnc-server rpm is required to configure server check it if not found install it.

now click on preferences from system and select remote desktop

This will launch a new window where you can set sharing and security for remote desktop

Allow other users to view your desktop check this option if you to present your desktop on other computer
Allow other users to control your desktop Check this options if you want to grant permission to control user desktop to other user
In security tab you can set password for the user who want to connect with server[Recommended]

Configure Linux client

Go on client system and ping server. vnc-viewer rpm is required to configure clients

check it and if not found install

Now select accessories from application menu and click on vnc viewer

this will launch a window Give vnc server ip in it and click on ok

Once connected it will ask for password Give the password which you set on server

On server side it will show a pop up and ask for permission click on allow

After getting permission from server side you can use server desktop on client side