/
How to Enable Squid through SCS with Internet Access

How to Enable Squid through SCS with Internet Access

Owned by Milton Suen
Last updated: Sept 26, 2023
5 min read

  1. Set SELinux to permissive mode in the /etc/selinux/config file.

# This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=permissive # SELINUXTYPE= can take one of three values: # targeted - Targeted processes are protected, # minimum - Modification of targeted policy. Only selected processes are protected. # mls - Multi Level Security protection. SELINUXTYPE=targeted

  1. Change SELinux to permissive mode from the command line:

setenforce 0

  1. Create a log directory for Squid:

mkdir /var/log/squid chmod 777 /var/log/squid

  1. Create the /etc/squid and /var/spool/squid directories:

  1. Create the /etc/squid/squid.conf file and configure it as needed.

  • cache_peer connect to parent proxy server

  • Update local storage network subnet

Note: If the password contains characters have special meanings in URLs (like ‘#', '&', '?', etc.), ensure the special characters are URL-encoded and must be encoded to be represented correctly.

  1. Run the following command to download the Squid container and run it using Podman:

  1. Update /etc/firewalld/zones/swarm_site.xml to allow access Squid on SCS Storage network on port 3128

  1. Reload Firewall rules

  1. Test Squid’s internet access by running a curl command:

 

Offline Installation of Ubuntu/Squid

  1. Export the ubuntu.squid.4.10.tar container tarball:

  1. Copy the tarball to SCS (e.g. /root/dist/ubuntu.squid.4.10.tar)

  2. Set SELinux to permissive mode in /etc/selinux/config file (it not already done).

  1. Change SELinux to permissive mode from the command line (if not already done):

  1. Load the ubuntu/squid container image to Podman:

  1. Create the necessary directories on SCS:

  1. Grant permissions for Squid to output logs to /var/log/squid/access.log:

  1. Create or update the /etc/squid/squid.conf file as needed.

  2. Update /etc/squid/squid.conf with Parent Proxy IP, Port and correct storage subnet.

  3. Update /etc/firewalld/zones/swarm_site.xml to allow access Squid on SCS Storage network on port 3128

  1. Reload Firewall rules

  1. Run the following command to start the Squid container:

 

Adding Squid Container to systemd to ensure start on system boot

  1. To create a systemd service for Squid container (/etc/systemd/system/squid-container.service), use the podman generate systemd command:

  1. Stop Squid container from Podman

  1. Enable and start the service:

  1. Verify the status of the Squid container service:

Related content

How to configure a standalone SCSP proxy
How to configure a standalone SCSP proxy
Knowledge Base
More like this
Deploying a Proxy
Deploying a Proxy
Swarm Documentation
More like this
How to Use Port90 Proxy Container on Swarm Cluster Services (SCS)
How to Use Port90 Proxy Container on Swarm Cluster Services (SCS)
Knowledge Base
More like this
How to disable SCSP Proxy on a CSN
How to disable SCSP Proxy on a CSN
Knowledge Base
More like this
SCSP Proxy 8.2
SCSP Proxy 8.2
Swarm Documentation
More like this
How to enable multicast in an SCS cluster
How to enable multicast in an SCS cluster
Knowledge Base
More like this

© DataCore Software Corporation. · https://www.datacore.com · All rights reserved.