--Previous announcement:
http://communities.vmware.com/thread/328648?tstart=0
2013.0325 - Announcing the latest V7 of the KingNeutron (Minimalist) Squid Proxy VM :smileyhappy:
o Now Based on Long-Term-Support Ubuntu 12.04 ( Precise Pangolin ) -- JEOS ( Just Enough OS ) - Upgraded from Hardy!
o Minimal download size
o ESX* Compatible with SCSI vdisks - Plase Test!
o Note: ESXi users will probably have to edit the /etc/network/interfaces after 1st boot.
o Feature: Squid3 (and this release in general) are notably faster than previous releases.
o Takes minimal resources to run -- 128MB RAM alloc, 2 GB Growable Disk ( +4GB 2nd disk on sdb1, INCLUDED! ++ Pre-formatted for ext4 )
- ROOT SSH logins are DENIED, out of the box -- login as " user " instead and SUDO or SU from there
o Bridged networking is used by default, and the VM is expecting to grab a DHCP address on bootup. IPV6 support has again been left Enabled in this release.
(Static MAC address assigned in VMX file - should Just Work anywhere)
o Default STATIC IP: 10.0.244.250
+ This can be changed by editing " /etc/network/interfaces " and then issuing ' /etc/init.d/networking restart '.
Note, this is a TESTING release - PLEASE let me know if there are any bugs!
I have finally been able to test Logfile rotation on ESXi - works Ok out of the box :smileyhappy:
DISCLAIMER *** - Run at your own risk, default build only includes SSH ( port 22 ) and Squid ( 10.0.244.250, port 3128 )
Not Responsible if this Virtual Appliance wows your ponycatbirdlizardbisongoldfish, and makes it run around in excitement! ***
MD5SUM:
45f7a87830f2e846e6084d14eff51110 *squidserver7-kn-JEOS-201303.7z
SHA1SUM:
dae987df025cdf2fa31a04ebee2d52e4e7aa01d1 *squidserver7-kn-JEOS-201303.7z
Filesize: 67160 KB / ~67MB
http://www.filesend.net/download.php?f=3a871137def1d783870969e638e3713f
--Alternate download link:
https://hotfile.com/dl/199891142/1e0c5a5/squidserver7-kn-JEOS-201303.7z.html
** Default ID / password:
root / vmroot
user / vmware
SECURITY NOTE: ** End-users are HIGHLY ENCOURAGED to change these default passwords as soon as possible, to avoid cracker attacks.
As root, ' passwd root ' and ' passwd user '.
- Feature: The 1st time you login as root, you WILL be asked to change the password. ;-) Otherwise, SSH will not be available.
--Please note that the Ubuntu Precise Linux distro uses " upstart " instead of /etc/inittab, so TTY changes should be made in " /etc/init " now.
Features:
Alt-F5: Bandwidth monitor, updates every (5) sec ( Increased from V4 to save CPU interrupts )
Alt-F9: " Top " display, slightly customized
* Easter egg(s) and some minor speed tweaks and fixes
--Suggested additional software: (' apt-get update; apt-get install pkgname ')
o webmin -- For system configuration (Browser-based config: https://10.0.244.250:10000 )
o webmin-squid
o calamaris -- Log analyzer
o sarg -- Squid analysis report generator
o webmin-sarg
o srg -- Detailed log analysis for squid
o squid-cgi -- Cache manager interface
==============================
Quick instructions (HOWTO):
- Fire up the VM
- Hit Alt-F5 and you can watch the bandwidth monitor
Hit Alt+F1, LOGIN AS root and ** CHANGE THE PASSWORDS!! 1st thing **
Client-side instructions:
- Set ALL of your browser's Cache setting really low, like to 5-8 MB - and Delete it! Huge disk space savings!
- Point your browser's Proxy setting to the VM's IP address ( default 10.0.244.250 , port 3128 ) - you can point it to the DHCP address for fast/temporary testing (issue ' ifconfig ' at the root or User prompt to see the squid VM's DHCP IP address) or change it to whatever matches your home network. I put it as a Class A address by default so it matches my home setup and ((hopefully)) shouldn't interfere with other setups.
--Note that this is a security feature as well. I have my home net setup as a Class A with all-static IPs, and everybody (browsers, Win updates, and apt-get) talks to Squid. Squid is usually the only box that has a DHCP address from the router so it can talk to the Internet.
-- Now here's the neat thing - multiple PCs on your network can have *multiple browsers* - Firefox, Chrome, Opera, IE, Safari, Lynx, etc all pointing to the Squid proxy, and it will cache and filter ( ad- and some porn-sites, user definable ) requests for *everybody.*
-- You know how AdBlock Plus works in Firefox? Squid does something very similar, only it does it for ANY browser. Somebody loads the Yahoo website? Well now you'll get it to load -faster- for you because it will be pulled from the Squid cache. Virus updates, ad-aware, apt-get and Windows updates should also be faster because they won't have to be downloaded from the Web multiple times. ( And yes, pretty much all of my physical PCs, laptops, and VMs go through my Squid proxy - I'm "eating my own dog food" here. )
o Basic tutorials here:
http://wiki.squid-cache.org/SquidFaq/ConfiguringBrowsers
http://wiki.squid-cache.org/SquidFaq/WindowsUpdate
http://answers.oreilly.com/topic/1391-how-to-configure-windows-update-to-use-a-proxy-server/
http://ubuntulinuxhelp.com/speed-up-and-improve-web-surfing-with-an-ubuntu-squid-server/
- ACL / file extension filtering:
http://www.cyberciti.biz/faq/squid-content-filter-block-files/
-- There are a *LOT* of config file options; I've done the heavy lifting and marked up /etc/squid.conf with " xxx " marks wherever things have been changed, and it should Just Work out of the box. The maximum filesize that will get stored in-cache is 20MB, set by me. If you're a tweaker though, you can set it up to pretty much store and filter whatever you want. ( Hint: as root, edit the following in /etc/squid3: adsblock.txt, porn.txt, notporn.txt -- and then issue ' squiderr ' )
NOTE: For this release, the /etc/squid3/squid.conf file has been drastically reduced in size (most of the in-file documentation is gone) but you can still search for "xxx" and especially "EDIT ME" strings for important values that may need to be changed.
IMPORTANT NOTE: For this release, Squid is using the "network lockdown" settings - so it may not work "out of the box" like previous versions did. Edit /etc/squid3/squid.conf and change the network ACLs to match your setup, then issue ' squiderr '.
-- If you are really anticipating a lot of usage, you should go ahead and bump up the settings - give the VM 256 MB RAM or more, change /etc/squid3/squid.conf for extra memory and cache space. You may also need to possibly tweak some other settings. Repeat as needed - you can always replace the 2nd vdisk with a bigger one, or add more disks.
NOTE: ' squid -kshutdown; sleep 30; squid -z; squid ' will activate the extra disk space once you are done editing the config file.
--> Look in /etc/squid3 dir for ad-blocking settings, and don't forget to ' squid -kreconfigure ' ( or ' squiderr ' ) if you change things...
-- Note for people who like SANE text editors, that don't remind you of EDLIN - I've included Joe (' jstar ', for those of us who actually miss WordStar), and Midnight Commander, which comes with ' mcedit ' -- you're NOT limited to VI !!! The nano editor is installed as well, if you're used to it.
Have fun...
/ Post bug reports :smileygrin: - If I don't hear anything for (2) weeks, consider it a full release!
----------------------------
--Things to do every so often to keep the appliance up to date:
o It's a good idea to login as " root " once a month or so and run the ' updt ' script. This will update installed packages and apply security updates.
Running ' updt ' will also sync up the VM's time/date.
o Check your logs with ' mc /var/log ' and then use F3 to view the log files
o Check free disk space with ' df -h '
o Check RAM free and swapfile usage with ' free '
- Hit Alt-F9 and you can see your uptime with the running " top " virtual console
--I have had uptimes in excess of 100 days easily with Squid V6 running on ESXi; you just power it on, and it should pretty much take care of itself. :smileyhappy: However, make sure you limit Squid's memory so the OOM-killer doesn't get you.
./. If you have appreciated my response, please remember to apply Helpful/Correct points. TIA
* Note: This VM was built and customized from the following JEOS skeleton appliance - my thanks to the developers: