lab9

CIT 436 Lab 9 Due Monday, March 18 by 8 am (emailed to foxr@nku.edu ) You will install and run Squid in this lab. Boot VM2, open three terminal windows and su to root in each. Open your web browser. In this lab you will be asked to clear your browser history several times. To do this, select the menu button (3 horizontal lines) followed by History > Clear Recent History… and select OK (to clear all settings). Boot VM1 (with your Apache server) and start Apache. Make a note VM1’s IP address. WARNING: Step 1d will take 30-60 minutes; make sure you build that time into your schedule. 1. Exploring the Squid open source package a. In your web browser, go to www.squid-cache.org/Versions/v5 and select the most recent version’s tar.gz download (do not select the sig version). Save the downloaded package. In your terminal window, cd to your account’s Downloads directory. Type ls . You should find the downloaded file here named squid- version .tar.gz such as squid-5.9.tar.gz . Type tar xzf filename and cd into the directory created. Type ls . You will notice a configure script and a Makefile . This allows us to either use ./configure to tailor our installation or go right to the make / make install steps. We will use configure . Answer the following questions about the contents of this directory. i. In which directories do you find the .cc (source code) files? ii. In which directory do you find nothing but .h (header) files? iii. The errors directory contains subdirectories of files in different languages. Look in errors/en (English). What are these files used for? They do not have extensions but you can determine their type by viewing one. What type are they? iv. What type of content is stored in the icons/silk subdirectory? v. Type less INSTALL and look at the installation instructions. What three steps are recommended to compile and install Squid? In which location does it state that you should find the squid configuration file? What option should you use to initialize Squid? b. Type ./configure --help | less and scroll through the information. Without using –-prefix , the Squid components are placed in various directories (see pages 412- 413 of the textbook). Another option is to specify locations for these various components. For each of the following, what ./configure option is used to specify its location? i. user executables ii. system administration executables iii. man pages iv. root directory for all documentation c. Continuing to step through ./configure ’s help, answer the following questions. i. How would you specify less verbose build output (V=1)? ii. How would you enable or disable a feature named foo ? iii. How would you enable or disable a package named foo ? d. Type ./configure . What error message arises? Type dnf -y install g++ openssl-devel . g++ is the GNUs C++ compiler, which is different from gcc and needed to install Squid. The second, openssl-devel installs tools needed by Squid to work with HTTPS (which we add in lab 12). Issue the full command as shown below.

./configure --prefix=/usr/local/squid --enable-auth- helpers=NCSA --enable-ssl-crtd --with-openssl The enable / with options will be used in labs 10 and 12. The ./configure script will take several minutes to complete. Next, type make , which will take 40-60 minutes. e. While make is running, research the difference between gcc and g++ and explain why we are using g++ to compile Squid rather than gcc . Return to your web browser and in the left column select About Squid . What does the page say about the protocols that Squid is written for and is mostly written for? What software products is Squid based on? Who funded Squid, at least in part? When make ends, type make install (make sure you are root for this step). This will only take a couple of minutes. 2. Exploring the installed Squid Server a. (1) Type cd /usr/local/squid . What are the top-level directories? In which directory is the squid program stored? In step 1a, we saw directories of errors , icons and man pages. What subdirectory of squid have they been copied into? b. (1) cd into the var subdirectory. You will find three subdirectories, all of which are either empty or contain a single, empty subdirectory. At what point will each of these subdirectories begin to get populated with content? You may want to defer answering part of this question until you have completed 2c and part of this question you should be able to answer by looking at the subdirectory names. cd back to the top-level squid directory. c. (1) cd to squid/sbin . We use squid to run Squid. Type ./squid -h to view the help page. We start Squid with ./squid , but we can add -k to specify other run options. What are the options available when using -k ? By default, Squid runs in the background but -N runs Squid in the foreground. Look at option -z . What does this option do? Go back to answer the rest of 2b’s questions. d. (1) Type ls ../bin . Two additional programs are squidclient and purge . Attempt to view the man page for each of squid , squidclient and purge . What happens? As with Apache, the man pages are not placed in a default location for man to find them. In our case, the Squid man pages are found under /usr/local/squid/share/man . Update manpath by editing /etc/man_db.conf in vi and add MANDATORY_MANPATH /usr/local/squid/share/man after the three existing MANDATORY_MANPATH entries. Save and exit vi . You can now use man on each of squid , squidclient and purge . Use man to answer the following questions. i. What protocols does squid support? (see the 1 st and 3 rd paragraphs of the description) ii. How does squidclient differ from squid? iii. What does purge do? 3. Running Squid a. (1) cd to the sbin directory. Type ./squid -k parse . This command causes Squid to parse the configuration file to look for errors but does not start Squid. You will likely see lines of Startup or Processing. (2) Type cd /usr/local/squid/etc and load squid.conf into vi . Type G to reach the bottom of the file and add a new line with the text foobar . Save the file and (1) repeat squid -k parse command. Near the bottom

f. Type ./squid -Nd1 . -N runs Squid in the foreground and d1 displays continual output as we saw earlier. Because Squid is running in the foreground, you do not regain your prompt. Scroll through the output messages to answer the following. i. To what location is the current directory set? ii. How many estimated objects can be stored? iii. What is the target number of buckets and how many Store buckets are in use? iv. How many total items are found as scanned, invalid, loaded, expired, canceled? Type control+c . More messages will be displayed before you regain your prompt. 4. Using Squid a. (3) Type du -s var/cache/squid . There are no cached items and the size is that of the directories only. (1) Start Squid ( ./squid ) and in your web browser enter the URL (IP address) of VM1 (your Apache server). Repeat the du command. The size of the cache did not change (or perhaps got smaller!). Squid is running but your browser isn’t using it. In your browser, select the menu button (3 lines), scroll down to select Settings , scroll to the bottom and under Network Settings select Settings… and select Manual Proxy Setting filling in VM2’s IP address in the box with port 3128 , and select the checkbox to for HTTPS . Select OK . Refresh your browser. Why is the website is not reachable? Squid’s initial configuration only permits access to the local cache manager. (2) Locate the line #http_access allow localnet and uncomment it. Save your conf file and (1) restart Squid (remember, shut it down twice and then start it). Clear the history of your browser and refresh it, and (3) redo the du command. What size is it now? b. (1) cd to ../bin which stores squidclient and purge . squidclient is a command line program to interact with Squid. Type ./squidclient http: //ipaddress1 followed by http:// ipaddress1 /file1.html (using VM1’s IP address for both). You will see the webpage returned, much like using echo | nc . (3) Redo your du command from 4a. How much has the cache grown by? Type du var/cache/squid/* | egrep -v ‘^0’ . Explain what this command does. You should find 12 for most of the cache directories’ sizes (empty) but one has content, so its size is larger. What size is the larger directory? The directory should be 00 and the contents you have downloaded have been placed in the 00 subdirectory. (3) cd there ( 00/00 ) and type ls -l . You will see two files whose names are probably 00000000 and 00000001 (remember, these are hexadecimal). Use less to view them. What do these files store? c. (1) Type ./squidclient mgr:info | less . This command has Squid’s cache manager report statistics. How many clients have accessed your cache? How many HTTP requests has your cache received? What is the storage swap size? Capacity? What is the mean object size? How may total stored objects are there? d. The purge program allows you to search the caches for items that have been stored. (1) Type ./purge -e “ ipaddress ” (where ipaddress is that of your VM1 or 10.2.56.30; note that this is a regex, so use \. instead . ). What is the response? (1) cd back to sbin and shut Squid down. Remember in future that to shut Squid down you should run the shutdown command twice. You might use the ps command from 3d to make sure you have successfully stopped (or started) Squid. Squid will sometimes abort abnormally without leaving you any messages so remember to use the ps command.