This article tells how to install and configure Squid and Softperfect Bandwidth Manager to enable transparent proxying in a Local Area Network (LAN). Transparent proxying lets you cut usage of your Internet connection and, as the name suggests, this process is invisible to the end users. In order to implement this, you will need to have a running server with Windows 2000 or above, a latest copy of Softperfect Bandwidth Manager and a copy of Squid Cache. Since Squid is shipped in a form of source code, the next chapter will tell you where to get a ready to install Windows build and how to install it.
The latest stable version of Squid available at the time of publication was 2.7 stable 5. You can download it from our server or check whether a newer release is available. Once you have downloaded Squid, unpack the ZIP file to the c:\squid folder. You may want to choose a different folder for Squid, but bear in mind that this will require you to update paths throughout the Squid configuration file. The following instructions assume that you have unpacked Squid to c:\squid.
In order to setup transparent proxying, we will use the port mapping feature available in the bandwidth manager. This feature only works for incoming connections (i.e. requests made from client computers user 1, user 2 and user 3), so you will need to have the bandwidth manager installed on a server with two network cards and NAT or routing configured. In this article we will assume that you have the Windows Internet Connection Sharing (ICS) enabled on this server and all the hardware is connected as shown below.
If your setup is like this, you can proceed with the bandwidth manager configuration. Choose Tools - Port Mapping from the main menu and define a mapping as shown below.
Mapping name: Squid Redirect to local port: 3128
Then define a bandwidth management rule. Set the source and destination according to your needs. In this example we redirect all HTTP traffic coming from client computers in the range 192.168.0.1 - 192.168.0.255. It is important to choose the correct network card to apply the rule on. In this example Internal refers to a network card facing the LAN clients.
General: Rate limit: 100000 Protocol: TCP Interface: Internal Source: Address range: 192.168.0.1 - 192.168.0.255 Port: Any Destination: Address: Any Port: 80 Advanced: Process through mapping: Squid
Now all users in the range 192.168.0.1 - 192.168.0.255 accessing web-resources via port 80 will have their requests processed by Squid. Check c:\squid\var\logs\access.log and c:\squid\var\logs\cache.log to make sure everything is working correctly. Whenever you design bandwidth management rules, bear in mind that it only makes sense to redirect HTTP requests to Squid. This is also the reason why we have set destination port to 80 to filter out all other types of traffic. Attempting to route DNS, SMTP, POP3 or any protocol other than HTTP via Squid will fail.