Markus Blog What’s going on Internet?

9Oct/091

Installing TinyProxy as Squid Proxy Server Alternative

Tinyproxy is a light-weight HTTP proxy daemon for POSIX operating systems. It is distributed using the GNU GPL license version 2 or above, so we can download it and install it on our Linux server freely.

Tinyproxy is a light-weight alternative for the well known Squid proxy server. It’s really memory efficient so it will run perfectly fine in small VPS (Virtual Private Server) and being used for several users. Several features of Tinyproxy are:

  • Small footprint: Tinyproxy requires very little in the way of system resources. The memory footprint tends to be around 2 MB with glibc, and the CPU load increases linearly with the number of simultaneous connections (depending on the speed of the connection). Thus, Tinyproxy can be run on an older machine, or on a network appliance such as a Linux-based broadband router, without any noticeable impact on performance.
  • Minimal requirements: Tinyproxy doesn't require anything more than a POSIX environment to build and operate. It can use additional libraries to add functionality though.
  • Easily modified: If you're looking to build a custom web proxy, Tinyproxy is very easy to modify to your custom needs. The source is straightforward, adhering to the KISS principle. As such, it can be used as a foundation for anything you may need a web proxy to do.
  • Anonymous mode: Allows you to specify which HTTP headers should be allowed through, and which should be blocked. This allows you to restrict both what data comes to your web browser from the HTTP server (eg., cookies), and to restrict what data is allowed through from your web browser to the HTTP server (eg., version information).
  • Remote monitoring: Using the remote monitoring feature, you can access proxy statistics from afar, letting you know exactly how busy the proxy is.
  • Load average monitoring: Tinyproxy can be configured to watch the load average on most platforms, and start refusing requests when the load reaches a certain point. You may recognize this feature from Sendmail.
  • Access control: You can configure Tinyproxy to only allow requests from a certain subnet, or from a certain interface, thus allowing you to ensure that random, unauthorized people will not be using your proxy.
  • Secure: With a bit of configuration (specifically, making the log file owned by nobody and running it on a port > 1024), Tinyproxy can be made to run without any special privileges, thus minimizing the chance of system compromise. Furthermore, it was designed with an eye towards preventing buffer overflows. The simplicity of the code ensures it remains easy to spot such bugs.

In this tutorial, we’ll install Tinyproxy on Linux Centos 5.3 VPS, the first step is to add EPEL yum repository:

rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-3.noarch.rpm

Then run a yum update and install Tinyproxy:

yum update
 
yum install tinyproxy

After installation finished now we need to modify its configuration file to match with our requirements.

nano /etc/tinyproxy/tinyproxy.conf

Search  for:

#
# Port to listen on.
#

and change the port number to 8080 (you can change to other port number) so it’ll look like:

Port 8080

Next step is to configure Tinyproxy to only accept connection from our IP address. Search for:

#
# The following is the authorization controls. If there are any access
# control keywords then the default action is to DENY. Otherwise, the
# default action is ALLOW.
 
#
# Also the order of the controls are important. The incoming connections
# are tested against the controls based on order.
#

And add this text under it:

Allow <your public ip number>

So it’ll look like:

Allow 192.168.1.1

To check what your IP address is, go to www.whatismyip.com

Now close and save the configuration file by pressing ctrl + x and then press enter

Start Tinyproxy by executing this command:

service tinyproxy start

Next step is to configure your browser to use proxy server. Add your VPS’ IP address on the proxy server address on your browser and port 8080 as the port number. To check whether you are now connected through the proxy server or not, go to www.whatismyip.com and you’ll see “Possible Proxy Detected” under your IP address information.

Bookmark and Share

Related Article

Tagged as: , , Leave a comment
Comments (1) Trackbacks (0)
  1. Blogger Karo
    February 15th, 2010 - 02:32

    bisa dijadikan alternatif nih :) dan ga seberat squid kan?

    ( REPLY )

Leave a comment


*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word

No trackbacks yet.

» «