Transparent proxy running cache on ramdisk.

Transparent proxy running cache on ramdisk.

Hi my name is Sami.
This is my first blog post so it might not make sense at all to some.

We wanted to run a transparent proxy for the SSWC event here in Sweden.
What we ended up with was pretty nice actually.

So, we started with installing squid and dhcp3-server on a new machine.
We are using a fresh install of debian 5 (Lenny).

apt-get install dhcp3-server
apt-get install squid

I wont go through how to setup dhcp-server. We just set the scope for 192.168.1.0/24 net.
Now that we have the squid installed we need to configure it.

As they say, the default configuration in squid will take you very far.

What our configuration does is the following:
Transparency:

http_port 8080 transparent

YouTube caching for videos:

refresh_pattern -i \.flv$ 10080 90% 999999 ignore-no-cache override-expire ignore-private
quick_abort_min -1 KB
maximum_object_size 4 GB
acl youtube dstdomain .youtube.com
icp_access allow youtube
cache allow youtube

Ramdisk caching:
Since some 2.4 and all 2.6 there is a tmpfs driver that uses ramdisk.
Although you might want to setup some boot options like; when you reboot your memory will be cleaned out.
So our squid directory will no longer exist and the permissions will be gone aswell.

cache_dir aufs /dev/shm/squid 1014 16 256

Caching webdata:

cache allow all


Even though http_port 8080 transparent is set that is not enough.
Out server must intercept all port 80 connections and redirect them to :8080 on the squid server.
This is easily done with iptables.

iptables -t nat -A PREROUTING -i 192.168.1.1 -p tcp --dport 80 -j REDIRECT --to-port 8080

This is all that is needed for the squid.