Squid is a widely used open-source proxy server that provides caching and forwarding of HTTP, HTTPS, and FTP web requests between clients and servers. In today's digital world, where data privacy and security are paramount, a Squid proxy can be an essential tool in ensuring the safety of your network. In this article, we will discuss how to install and configure Squid proxy on RHEL 8, set up an SSH tunnel to connect to the proxy server, and configure the browser settings to access the OpenShift web console using Squid.
The first step is to install Squid on your RHEL 8 server. To install Squid, run the following command in your terminal:
sudo dnf install squid
Once the installation is complete, we need to configure Squid. The configuration file for Squid is located in
/etc/squid/squid.conf. Open the configuration file using your preferred text editor.
To change the port on which Squid listens for incoming requests, modify the http_port directive. By default, Squid listens on port 3128. Change the port to 2138 by replacing the existing line with the following:
Save the file and exit the editor.
Next, we can start, stop, or restart Squid using the following commands:
sudo systemctl start squid sudo systemctl stop squid sudo systemctl restart squid
We can use the acl and http_access directives to block access to a specific website. For example, to block access to example.com, add the following lines to the configuration file:
acl blocked_sites dstdomain .example.com http_access deny blocked_sites
Save the file and restart Squid to apply the changes.
We can set up an SSH tunnel to securely connect to the Squid proxy server. An SSH tunnel is a secure encrypted connection between a local machine and a remote server.
We need to create an SSH configuration file on our local machine. The SSH configuration file is located in
~/.ssh/config. Open the file using your preferred text editor.
Add the following lines to the configuration file:
Host jumphost Hostname jumphost.example.com User username IdentityFile ~/.ssh/id_rsa ForwardAgent yes Host squidproxy Hostname squidproxy.example.com User username IdentityFile ~/.ssh/id_rsa ProxyCommand ssh -W %h:%p jumphost LocalForward 2138 localhost:2138
jumphost.example.com with the hostname or IP address of your jumphost and username with your username.
Save the file and exit the editor.
To connect to the Squid proxy server, run the following command in your terminal:
This will create an SSH tunnel between your local machine and the Squid proxy server.
To access the OpenShift web console using Squid, we need to configure the browser settings to use the Squid proxy server.
Open your browser and go to the settings. Under the network settings, find the proxy settings, and select "Manual Proxy Configuration." Enter localhost and 2138 as the proxy server and port, respectively.
Additionally, we need to add entries in the
/etc/hosts file to map the hostname of the OpenShift web console to the IP address of the
keepalived as follows,
192.168.7.144 api.hubztp.telco.ocp.run 192.168.7.145 oauth-openshift.apps.hubztp.telco.ocp.run 192.168.7.145 console-openshift-console.apps.hubztp.telco.ocp.run 192.168.7.145 downloads-openshift-console.apps.hubztp.telco.ocp.run 192.168.7.145 canary-openshift-ingress-canary.apps.hubztp.telco.ocp.run 192.168.7.145 alertmanager-main-openshift-monitoring.apps.hubztp.telco.ocp.run 192.168.7.145 prometheus-k8s-openshift-monitoring.apps.hubztp.telco.ocp.run 192.168.7.145 prometheus-k8s-federate-openshift-monitoring.apps.hubztp.telco.ocp.run 192.168.7.145 thanos-querier-openshift-monitoring.apps.hubztp.telco.ocp.run