Scribd
Upload
75 views

Creating An HTTP Proxy Using Squid On Ubuntu 12

This document provides instructions for configuring Squid as an HTTP proxy on Ubuntu 12.04. It describes installing Squid, basic setup using client IP for authentication, advanced authentication using usernames and passwords, and anonymizing traffic by removing IP headers.

Uploaded by

hdarwito
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
75 views

Creating An HTTP Proxy Using Squid On Ubuntu 12

This document provides instructions for configuring Squid as an HTTP proxy on Ubuntu 12.04. It describes installing Squid, basic setup using client IP for authentication, advanced authentication using usernames and passwords, and anonymizing traffic by removing IP headers.

Uploaded by

hdarwito
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 8

11/26/2014

CreatinganHTTPProxyUsingSquidonUbuntu12.04LinodeGuides&Tutorials

Guides&Tutorials(/docs/)
IPs,Networking&Domains(/docs/networking/)
SquidProxy/Cache(/docs/networking/squid/)
CreatinganHTTPProxyUsingSquidonUbuntu12.04

Creating an HTTP Proxy Using Squid on


Ubuntu 12.04
UpdatedMonday,March3rd,2014byAlexFornuto

Squidisaproxy/cacheapplicationwithavarietyofconfigurationsanduses.Thisguide
willcoverusingSquidasanHTTPproxy.Pleasenotethatunlessyoufollowthelast
sectionoftheguideAnonymizingTraffic,thiswillnotanonymizeyourtraffictothe
outsideworld,asyouroriginatingIPaddresswillstillbesentintheXForwardedFor
header.Additionally,thetrafficisnotencryptedandwillstillbevisibleonyourlocal
network.Ifyouarelookingforasolutionthatoffersgreatersecurity,youmaywantto
lookatourguidetoSettingupanSSHTunnel
(https://library.linode.com/networking/socksproxy)orDeployVPNServiceswith
OpenVPN(https://library.linode.com/networking/openvpn).

Note
Thisguideiswrittenforanonrootuser.Commandsthatrequireelevatedprivilegesare
prefixedwith sudo .Ifyourenotfamiliarwiththe sudo command,youcancheckour
UsersandGroups(https://library.linode.com/usinglinux/usersandgroups)guide.

Installing Squid
1. SquidisavailableintheUbunturepositories.Toensureyoursystemisuptodate
andinstallSquid,runthefollowingcommands:
1
2
3

sudoaptgetupdate
sudoaptgetupgrade
sudoaptgetinstallsquid

https://www.linode.com/docs/networking/squid/squidhttpproxyubuntu1204

1/8

11/26/2014

CreatinganHTTPProxyUsingSquidonUbuntu12.04LinodeGuides&Tutorials

2. Copytheoriginalconfigurationfiletokeepasabackup:
1

sudocp/etc/squid3/squid.conf/etc/squid3/squid.conf.default

Configuring Squid as an HTTP proxy


SquidProxycanbeusedasanHTTPproxytobypasslocalnetworkrestrictions,ormask
yourtruelocationtotheworld.

Basic Setup
ThissectioncoverstheeasiestwaytouseSquidasanHTTPproxy,usingonlytheclient
IPaddressforauthentication.
1. EdittheSquidconfigurationfileandaddthefollowinglines:

File excerpt: /etc/squid3/squid.conf


1
2

aclclientsrc12.34.56.78#HomeIP
http_accessallowclient

Besuretoreplaceclientwithanameidentifyingtheconnectingcomputer,and
12.34.56.78withyourlocalIPaddress.Thecomment #HomeIP isntrequired,but
commentscanbeusedtohelpidentifyclients.
2. Onceyouvesavedandexitedthefile,restartSquid:
1

sudoservicesquid3restart

3. Atthispointyoucanconfigureyourlocalbrowseroroperatingsystemsnetwork
settingstouseyourLinodeasanHTTPproxy.Howtodothiswilldependonyour
choiceofOSandbrowser.Onceyouvemadethechangetoyoursettings,testthe
connectionbypointingyourbrowseratawebsitethattellsyouyourIPaddress,
suchasifconfig(http://ifconfig.me),WhatismyIP(http://www.whatismyip.com/),or
byGooglingWhatismyip(https://www.google.com/search?q=what+is+my+ip).

https://www.linode.com/docs/networking/squid/squidhttpproxyubuntu1204

2/8

11/26/2014

CreatinganHTTPProxyUsingSquidonUbuntu12.04LinodeGuides&Tutorials

4. Additionalclientscanbedefinedbyaddingnew acl linesto


/etc/squid3/squid.conf .Accesstotheproxyisgrantedbyaddingthenamedefined
byeach acl tothe http_accessallow line.

Advanced Authentication
ThefollowingconfigurationallowsforauthenticatedaccesstotheSquidproxyservice
usingusernamesandpasswords.
1. Youwillneedthe htpasswd utility.IfyouveinstalledApacheonyourLinode,you
willalreadyhaveit.Otherwiserun:
1

sudoaptgetinstallapache2utils

2. CreateafiletostoreSquidusersandpasswords,andchangeownership:
1
2

sudotouch/etc/squid3/squid_passwd
sudochownproxy/etc/squid3/squid_passwd

3. Createausernamepasswordpair:
1

sudohtpasswd/etc/squid3/squid_passwduser1

Replaceuser1withausername.Youwillbepromptedtocreateapasswordforthis
user:
1
2
3

Newpassword:
Retypenewpassword:
Addingpasswordforuseruser1

Youcanrepeatthisstepatanytimetocreatenewusers.
4. EdittheSquidconfigurationfileandaddthefollowinglines:

File excerpt: /etc/squid3/squid.conf

https://www.linode.com/docs/networking/squid/squidhttpproxyubuntu1204

3/8

11/26/2014

CreatinganHTTPProxyUsingSquidonUbuntu12.04LinodeGuides&Tutorials

1
2
3

auth_parambasicprogram/usr/lib64/squid/ncsa_auth/etc/squid/squid_passwd
aclncsa_usersproxy_authREQUIRED
http_accessallowncsa_users

5. Onceyouvesavedandexitedthefile,restartSquid:
1

sudoservicesquid3restart

6. Atthispoint,youcanconfigureyourlocalbrowseroroperatingsystemsnetwork
settingstouseyourLinodeasanHTTPproxy.Youwillneedtospecifythatthe
serverrequiresauthentication,andprovidetheusernameandpassword.Howtodo
thiswilldependonyourchoiceofOSandbrowser.Onceyouvemadethesettings
change,testtheconnectionbypointingyourbrowseratawebsitethattellsyou
yourIPaddress,suchasifconfig(http://ifconfig.me),WhatismyIP
(http://www.whatismyip.com/),orbyGooglingWhatismyip
(https://www.google.com/search?q=what+is+my+ip).
7. Toremoveausersaccesstotheproxy,youmustdeletetheirentryinthe
squid_passwd file.Eachuserisrepresentedinthefileonasinglelineintheformat
of user:passwordhash :

File: /etc/squid3/squid_passwd
1

user1:\$p948w3nvq3489v6npq396guser2:\$q3cn478554387cq34n57vn

IfyouareusingNano,thecommand Control+k willremovetheentirelinewhere


thecursorrests.Onceyouvesavedandexitedthefile,restartSquid:
1

sudoservicesquid3restart

Anonymizing Traffic
InordertomaskyourIPaddressfromserversyouconnectto,youwillneedtoaddthe
followinglinestotheSquidconfigurationfile.

https://www.linode.com/docs/networking/squid/squidhttpproxyubuntu1204

4/8

11/26/2014

CreatinganHTTPProxyUsingSquidonUbuntu12.04LinodeGuides&Tutorials

/etc/squid3/squid.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30

forwarded_foroff
request_header_accessAllowallowall
request_header_accessAuthorizationallowall
request_header_accessWWWAuthenticateallowall
request_header_accessProxyAuthorizationallowall
request_header_accessProxyAuthenticateallowall
request_header_accessCacheControlallowall
request_header_accessContentEncodingallowall
request_header_accessContentLengthallowall
request_header_accessContentTypeallowall
request_header_accessDateallowall
request_header_accessExpiresallowall
request_header_accessHostallowall
request_header_accessIfModifiedSinceallowall
request_header_accessLastModifiedallowall
request_header_accessLocationallowall
request_header_accessPragmaallowall
request_header_accessAcceptallowall
request_header_accessAcceptCharsetallowall
request_header_accessAcceptEncodingallowall
request_header_accessAcceptLanguageallowall
request_header_accessContentLanguageallowall
request_header_accessMimeVersionallowall
request_header_accessRetryAfterallowall
request_header_accessTitleallowall
request_header_accessConnectionallowall
request_header_accessProxyConnectionallowall
request_header_accessUserAgentallowall
request_header_accessCookieallowall
request_header_accessAlldenyall

Onceyouvesavedandexitedthefile,restartSquid:
1

sudoservicesquid3restart

More Information

https://www.linode.com/docs/networking/squid/squidhttpproxyubuntu1204

5/8

11/26/2014

CreatinganHTTPProxyUsingSquidonUbuntu12.04LinodeGuides&Tutorials

Youmaywishtoconsultthefollowingresourcesforadditionalinformationonthistopic.
Whiletheseareprovidedinthehopethattheywillbeuseful,pleasenotethatwecannot
vouchfortheaccuracyortimelinessofexternallyhostedmaterials.
SquidOfficialSite(http://www.squidcache.org/)
UbuntuDocumentation(https://help.ubuntu.com/12.04/serverguide/squid.html)

ThisguideispublishedunderaCCBYND3.0(http://creativecommons.org/licenses/bynd/3.0/us/)license.

Get paid to write for Linode.


We'realwaysexpandingtheLibrary.Ifyouliketohelppeople,canwrite,and
wanttoearnsomecash,learnhowyoucanearn$100foreveryguideyou
write(/docs/contribute)andwepublish.

Get started in the Linode Cloud today.


Create an Account (https://manager.linode.com/session/signup)

Overview (https://www.linode.com/linodes)
Plans&Pricing(https://www.linode.com/pricing)
Features(https://www.linode.com/linodes)
Backups(https://www.linode.com/backups)
NodeBalancers(https://www.linode.com/nodebalancers)

https://www.linode.com/docs/networking/squid/squidhttpproxyubuntu1204

6/8

11/26/2014

CreatinganHTTPProxyUsingSquidonUbuntu12.04LinodeGuides&Tutorials

Longview(https://www.linode.com/longview)
Managed(https://www.linode.com/managed)
StackScripts(https://www.linode.com/stackscripts)
Mobile(https://www.linode.com/mobile)
CLI(https://www.linode.com/cli)
API(https://www.linode.com/api)

Resources (https://www.linode.com/docs)
GettingStarted(https://www.linode.com/docs/gettingstarted)
MigratingtoLinode(https://www.linode.com/docs/migratefromshared)
HostingaWebsite(https://www.linode.com/docs/hostingwebsite)
Guides&Tutorials(https://www.linode.com/docs)
SpeedTest(https://www.linode.com/speedtest)
Forum(https://forum.linode.com/)
Chat(https://www.linode.com/chat)
SystemStatus(http://status.linode.com/)

Company (https://www.linode.com/about)
AboutUs(https://www.linode.com/about)
Blog(https://blog.linode.com)
Logos(https://www.linode.com/logos)
Careers(https://www.linode.com/careers)
Contact(https://www.linode.com/contact)

https://www.linode.com/docs/networking/squid/squidhttpproxyubuntu1204

7/8

11/26/2014

CreatinganHTTPProxyUsingSquidonUbuntu12.04LinodeGuides&Tutorials

Contact Us (https://www.linode.com/contact)
8554LINODE(tel:+18554546633)
(8554546633)(tel:+18554546633)
Emailus(mailto:[email protected])

Facebook(https://facebook.com/linode)
Twitter(https://twitter.com/linode)
Google+(https://plus.google.com/+linode/)
Linkedin(https://linkedin.com/company/linode)
Github(https://github.com/linode/)

2014Linode,LLC
TermsofService(https://www.linode.com/tos)
PrivacyPolicy(https://www.linode.com/privacy)
Security(https://www.linode.com/security)

https://www.linode.com/docs/networking/squid/squidhttpproxyubuntu1204

8/8

You might also like