How to Setup Transparent Squid Proxy Server in Ubuntu
Squid is a fully-featured HTTP/1.0 proxy. Squid offers a rich access control, authorization and logging environment to develop web proxy and content serving applications.
This is a short guide on how to set up a transparent squid proxy server. Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. It reduces bandwidth and improves response times by caching and reusing frequently-requested web pages. Squid has extensive access controls and makes a great server accelerator.
Install Squid
Install squid and squid-common
sudo aptitude install squid squid-common
Edit the squid config file.
sudo vi /etc/squid/squid.conf
Set the allowed hosts.
acl internal_network src 192.168.0.0/24
http_access allow internal_network
Note: Where "192.168.0.0/24" is your IP range.
Set the correct permissions.
sudo chown -R proxy:proxy /var/log/squid/
sudo chown proxy:proxy /etc/squid/squid.conf
You will need to restart squid for the changes to take affect.
sudo /etc/init.d/squid restart
Now open up your browser and set your proxy to point to your new squid server on port 3128. Use WPAD for automatic configuration.
Links
- squid-cache.org - Squid homepage
- ubuntugeek.com - How to Setup Transparent Squid Proxy Server in Ubuntu
- help.ubuntu.com - HowTo Install Squid on Ubuntu 8.04 LTS
Block Malware sites with Squid
Download the malware list from malware.hiperlinks.com.br:
wget -O - http://malware.hiperlinks.com.br/cgi/submit?action=list_squid > /etc/squid/malware_block_list.txt
Add the following lines to /etc/squid/squid.conf
# File which contains the list
acl malware_block_list url_regex-i "/etc/squid/malware_block_list.txt"
# Access Denied
http_access deny malware_block_list
# Redirect message - (You can make your own)
deny_info http://malware.hiperlinks.com.br/denied.shtml malware_block_list
Add the following to your crontab:
* 00,06 * * * wget -O - http://malware.hiperlinks.com.br/cgi/submit?action=list_squid > /etc/squid/malware_block_list.txt
Reload squid configuration using one (1) of the lines below:
service squid reload
/etc/init.d/squid reload
squid -k reconfigure
Links
- experts-exchange.com - Squid - How to make squid proxy prevent malwares
- crashinit6.com - Howto Deny Access to Malware Sites in Squid
- linuxpoison.blogspot.com - Protection from malware using Squid proxy server