Syed Jahanzaib Personal Blog to Share Knowledge !

August 8, 2011

Linux Transparent Squid Proxy Server Guide

Filed under: Linux Related — Syed Jahanzaib / Pinochio~:) @ 6:31 AM

squid

How To Install Squid in Ubuntu Linux

As http://whatis.techtarget.com/definition/squid-proxy-server.html defines, Squid is a Unix-based proxy server that caches Internet content closer to a requestor than its original point of origin. Squid supports caching of many different kinds of Web objects, including those accessed through HTTP and FTP. Caching frequently requested Web pages, media files and other content accelerates response time and reduces bandwidth congestion.

Squid works by tracking object use over the network. Squid will initially act as an intermediary, simply passing the client’s request on to the server and saving a copy of the requested object. If the same client or multiple clients request the same object before it expires from Squid’s cache, Squid can then immediately serve it, accelerating the download and saving bandwidth.

Internet Service Providers (ISPs) have used Squid proxy servers since the early 1990’s to provide faster download speeds and reduce latency, especially for delivering rich media and streaming video. Website operators frequently will put a Squid proxy server as a content accelerator, caching frequently viewed content and easing loads on Web servers. Content delivery networks and media companies employ Squid proxy servers and deploy them throughout their networks to improve the experience of viewers requesting programming, particularly for load balancing and handling traffic spikes for popular content.
Here I will discuss on howto setup it on popular linux flavour “Ubuntu“.
After installing Ubuntu , configure network interface cards, you must have at least 2 LAN cards , one for local LAN, second with internet connection e.g DSL

After configuring networking, make sure you are able to browse the internet. After that install & Configure Squid.

Default login type to linux is GUI (in Ubuntu Desktop or FEDORA) First login as root.

a) Then install SQUID service by issuing following command:

apt-get install squid squid-common 

b) Now configure it using default squid configuration file.

gedit /etc/squid/squid.conf

If you have CLI access, then use nano e.g:

nano /etc/squid/squid.conf

o change squid port  from http_port 3128 to http_port 8080

o find the http_access section, uncomment the following 2 lines and add your own networks (for example 192.168.0.0/24):

acl our_networks src 192.168.0.0/24
http_access allow our_networks

o change hostname in the visible_hostname section after:

#Default: # is none , just add:
visible_hostname proxy.aacable.com

Now save file, and exit and restart squid to implement changes we made to squid configuration:

service squid restart

Now in client browser, set proxy address to SQUID lan ip and port 8080, and test the browsing. If you don’t want to manually set the proxy at client end, setup squid in transparent mode.

Configure Squid as Transparent Proxy (Squid version >= 2.6)

Edit the Squid configuration file
gedit /etc/squid/squid.conf

o change from: http_port 8008 to,
http_port 8080 transparent

Save & Exit. and restart squid proxy server by

service squid restart
OR
squid -k rec


Iptables configuration

Next, add following rules to forward all http requests (coming to port 80) to the Squid server port 8080 :

iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to 192.168.0.1:8080
#iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 8080

Where 192.168.0.1 is the ip of the Proxy LAN interface. & eth0 is LAN , and eth1 is WAN]

*  Save the new iptables:
iptables-save

OR use the following

https://aacable.wordpress.com/2011/06/01/linux-simple-internet-sharing-script/

++++++++++++++++++++++++++++++++++++

Also, following is a great guide which will gonna help you in installing SQUID proxy server in transparent mode.

http://www.cyberciti.biz/tips/linux-setup-transparent-proxy-squid-howto.html

%d bloggers like this: