Well, being an EE graduate student I often need to access online scientific journals, most of which limit access based on the user's IP address. Therefore, at school I can access these sites directly, while at home I have to use an http proxy provided by the school (of course a login and a password is needed on the proxy so that only students can access it, otherwise the owner of the journals would croak).

The problem is that I have to access other sites at home as well, which are preferably accessed directly, since accessing unrelated sites using the school proxy is both slow and wasteful. Maybe certain recent browsers have better support for automatically switching on and off proxies depending on the site you are accessing, but at the time I set up this, in most browsers quite a few clicks are needed to turn on the proxy, and as many are needed to turn it off --- if I had forgotten to turn it off I would silently waste the school proxy's bandwidth until I noticed the slowness. Some classmates suggest JavaScript for the job but I really don't know how. Therefore I make use of Squid (an HTTP proxy server) to choose the proxy automatically for me, by starting a proxy locally and accessing outside proxies through it:

  1. Install Squid and make it start automatically upon boot. I don't know much about Windows versions, but in Linux it involves nothing more than installing the rpm package and switching it on using chkconfig. Remember to set up your firewall correctly to close the Squid port from outside access, if you don't want to spend a lot of time in security patches.
  2. Append the following stuff to the squid configuration file, which should be /etc/squid/squid.conf in Linux:
    acl school dstdomain .ieeexplore.ieee.org
    acl school dstdomain .lib.tsinghua.edu.cn
    acl school dstdomain .ams.org
    cache_peer_access SCHOOL_PROXY_HOSTNAME allow school
    cache_peer_access SCHOOL_PROXY_HOSTNAME deny all
    never_direct allow school
    never_direct deny all
    Remember to replace the capitalized parts with relevant values, and replace the "acl school" lines with the sites that you need the proxy to access. The meanings of these commands are well documented in that same configuration file. Basically they define your school proxy as a "cache peer", and declare that all the sites listed in the ACL "school" should be accessed via the proxy and never directly. Restart Squid after saving the configuration file.
  3. In your web browser, set the HTTP proxy to port 3128 (or whichever port your Squid uses). You can also turn off the disk cache in your web browser, retaining only a small amount of memory cache, since Squid does its own caching and there is no need to cache the same thing twice. Now try accessing a restricted site and an unrestricted site; they should both work, and in the Squid log file (/var/log/squid/access.log under linux) you should see FIRST_UP_PARENT in lines involving the restricted site, and DIRECT in those involving the unrestricted site. If so, everything is working properly, otherwise look in various log files in /var/log/squid to find out what is wrong.

Now you will never need to change the proxy settings in your browser again!

One remaining problem is that your password appears in plain text in the squid.conf file, which is by default world-readable. So if you are security-conscious, set its permission bits properly.

The above setup has an additional benefit if you use multiple web browsers or switch browsers often: since the local proxy's cache is shared by all web browsers (and other applications using it), you can turn off caches in individual browsers and improve speed as well as save disk space by avoiding duplication of the same page in the cache of individual browsers. Personally I use both Mozilla-based browsers and a text-mode browser such as links, the latter used when browsing API documentation, so this feature is very useful to me.

Log in or register to write something here or to contact authors.