Wednesday, January 20, 2010

Squid Proxy: How To Make a Transparent Squid Proxy Server on Ubuntu

Squid is a fully-featured HTTP/1.0 proxy which is almost HTTP/1.1 compliant. Squid offers a rich access control, authorization and logging environment to develop web proxy and content serving applications.

This is a short guide on how to set up a transparent squid proxy server on an Ubuntu Distro. Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. It reduces bandwidth and improves response times by caching and reusing frequently-requested web pages. Squid has extensive access controls and makes a great server accelerator.

So Let's Install Squid!

The first step is to install squid 3

apt-get install squid3

Edit the squid 3 configuration file in your favorite editor
sudo vi /etc/squid3/squid.conf

And set the transparency and the allowed hosts

http_port 3128 transparent
acl our_networks src
acl localnet src
http_access allow our_networks
http_access allow localnet

where is the IP range of local network. Probably you need adjust the swap size
cache_dir ufs /var/spool/squid3 7000 16 256

where the first number denotes the size of cache in megabytes. Save you changes and restart the squid proxy by
sudo /etc/init.d/squid3 restart

For more detailed configuration read the manual of Squid or check the configuration examples on Squid wiki page.
Remember, the memory and processor usage of squid is a function of swap size.
Last but not the least we need to redirect the HTTP traffic to your new shiny proxy
iptables -t nat -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j DNAT --to-destination
iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128

where eth1, eth0 are the LAN, WAN devices and is the IP address of your LAN device.

After all, probably you feel the need to monitor the performance of your proxy. Unfortunately, most of the squid log parsers in the Ubuntu repository are configured for Squid 2.x. Nevertheless, squid 3 uses the same log format, so you can change the log file path in your parser config file (sarg, calamaris, etd.) or simply link the log directory of squid 3 to the correct path
ln -s /var/log/squid3 /var/log/squid

Feel free to share it!

Technorati Digg it Add to Stumble It! Add to Google Bookmarks Twitthis Reddit Blinklist Furl Live Yahoo

Subscribe To Us, It's Free!

Enter your email address:

Delivered by FeedBurner

Related Posts by Categories


hummnod said... [Reply to comment]

woah! thanks for this. can b ported on cygwin?

Post a Comment