Help

Proxy Main Configuration

The proxy parameters will here be configured. After deciding on a few common parameters, you have the option to activate the web filtering or not.

Squid Mode: manual

This field is defined by the Proxy Server Mode you previously chose between "disable", "transparent", "manual" or "manual with authentication". In our example, we chose "manual".

Squid Port (we recommend 3328) 3328

This is the port on the firewall machine on which Squid will listen for requests. There is no need to make any changes here unless this port is to be used by another service.

Squid Cache Size (in Mb) 100

This field lets you control the amount of cached data Squid can store and manage. In order for your cache to be efficient, you need to adjust the cache space to the number of users: more users, more space needed. It may vary between 10 Mb and 10Gb or more.


Select The Authentication Mode Pam

This field will only be displayed if you selected the "manual with authentication" mode. It allows you to choose between PAM (Pluggable Authentication Modules), a flexible mechanism for authenticating users (the default action with MandrakeSecurity); LDAP (Lightweight Directory Access Protocol) which enables access to online directory services; Samba, which will connect you to a Samba Workgroup such as COMPANY if you use such a server; and finally NIS (Network Information Service), which facilitates the communication of critical information to every machine throughout a network.

Squid Admin Email root@company.com

Type the administrator's email in this field (root@company.com in our example), so your users know to whom to refer bugs/problems (if any).


Once you are back on the main Squid proxy server page, you can activate the web filtering. This feature will enable you to deny or restrict access to certain pages on the Internet, depending on their URLs. It is useful to block access to ad banners or adult contents.

You can filter by URL or content. Select the text icon for either one. Then, you can set the filtering rules for Authorized Networks, Time Restriction, Advertising to Be Removed, Banned Destination URLs, Privileged IPs, Banned Source IPs, or do a backup/restore of your data.