Configure Squid Proxy Server - Firewall Analyzer


    For Squid v2.7 and above carry out the following configuration:

    Carry out the following changes in the services file:

    • Edit the services file in the /etc directory
    • Check the port in the syslog server settings UDP 514/1514 is UP
    • Save the file and exit the editor 

    Device Side Configuration

    • Open the squid.conf file and find the below command:
    access_log <location of file> squid
    • Append the new command after the above command:
    access_log udp://<Firewall Analyzer IP Address>:514/1514 squid
    • Restart the Squid Service

    For Squid v2.6 carry out the following configuration:

    Device Side Configuration

    • Open the squid.conf file and find the below command:
    access_log <location of file> squid

    Append the new command after the above command:

    access_log syslog squid
    • Restart the Squid Service

    Carry out the following changes in the syslog.conf file:

    • Login as root user and edit the syslog.conf/rsyslog.conf file in the /etc directory
    • Append *.*<space/tab>@<server_name> at the end, where <server_name> is the name of the machine on which Firewall Analyzer is running
    • Save the configuration and exit the editor

    Carry out the following changes in the services file:

    • Edit the services file in the /etc directory
    • Check the port in the syslog server settings UDP 514/1514 is UP
    • Save the file and exit the editor 

    Restart the syslog service on the host using the command: 

    /etc/rc.d/init.d/syslog restart

    Configuring syslog-ng daemon in a Linux host 

    • Append the following entries at the end of syslog-ng.conf file in the /etc/syslog-ng/ directory:
    destination firewallanalyzer { udp("<server_name>" port(514)); };
    log { source(src); destination(firewallanalyzer); };

    where <server_name> is the IP address of the machine on which Firewall Analyzer is running.

    • Restart syslog service