Setting up a squid proxy and performing basic configuration.
Install squid from synaptic or from command-line using
sudo apt-get install squid
Test if it works…
Just configure your browser to use the proxy in “localhost” using 3128 port.
If get a connection refuse message, check your firewall settings.
Open config file using sudo vi /etc/squid3/squid.conf
You can change the default access port by modifying:
Run htpasswd to create the password file.
htpasswd /etc/squid/squid_passwd user
The “user” parameter is the username and can be altered freely.
This is not an open proxy, so we have to add some password protection.
This can be a bit tricky, but definitely worths the time.
Add this line
http_access allow ncsa_users
on the http_access section.
Add these lines
auth_param basic children 5
auth_param basic realm Vasilis Proxy. #Vasilis Proxy is the authentication box text
auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/squid_passwd #squid_passwd is the filename of the password file
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
on auth_param section.
Add this line
acl ncsa_users proxy_auth REQUIRED
on the bottom of acl section.
After finishing confinguration run:
sudo /etc/init.d/squid restart
and you should get:
* Restarting Squid HTTP proxy squid OK
then try to open a webpage with your browser using the squid proxy…
If it works, you are done!
If not, start checking your syntax, if all lines are in the right place and your firewall configuration.
Some nice tips are:
> Keep backup of the original squid.conf file.
> Keep backup of your last working squid.conf file.
> Run squid in backup mode using:
sudo squid -NCd10
Next step is to harden the proxy.We will discuss more on this in another post!