Introduction
Squid is a Linux-based proxy application. The Squid proxy server is used to filter traffic, security, and DNS lookups.
In addition, Squid can speed up a web server by caching resources. The Squid Proxy allows a server to cache frequently visited web pages. When the user requests a web page or file, the request goes directly to the proxy server, an intermediary device between the user’s device and the Internet. The proxy server extracts the resources and transmits them to the user.
This guide will walk you through how to set up and install Squid proxy server on Ubuntu.
prerequisites
An Ubuntu
- operating system
- /command line window (Ctrl-Alt-T)
- root or sudo privileges
- The apt package installer, included by default
- A text editor, such as nano
Access to a terminal
An Ubuntu user with
Installing Squid Proxy on Ubuntu
Step 1: Update the software repositories
Make sure you are working with the latest software version available.
Launch a terminal window
, and enter the following: sudo apt-get update Step 2: Install Squid Package on Ubuntu To install Squid, run the command: sudo apt-get install squid The
system should ask for confirmation: enter Y and and allow the process to complete itself
. Squid proxy server configuration The
Squid configuration file is located in /etc/squid/squid.conf.
1. Open this file in your text editor with the command:
sudo nano /etc/squid/squid.conf
2. Navigate to find the http_port option. Typically, this is configured to listen on port 3218. This port usually carries TCP traffic. If your system is configured for traffic on another port, change it here.
You can also set proxy mode to transparent if you want to prevent Squid from modifying your requests and responses.
Change it as follows:
http_port 1234 transparent
3. Navigate to the option http_access deny all. This is currently configured to block all HTTP traffic. This means that web traffic is not allowed.
Change this to the following:
http_access allow
all 4. Scroll down to the visible_hostname option. Add the name you want to this entry. This is how the server will appear to anyone trying to connect. Save the changes and exit.
5. Restart the Squid
service by entering:
sudo systemctl restart squid Configure Squid client All these settings have been done to configure your
Squid
proxy server
. Now, switch to your client machine and open your web browser.
If
you’re using Firefox, you can find your
proxy settings at: Menu > Options > Settings
> Network Settings
Check the radio button for Manual proxy settings
.
If you entered a host name in step 4, you should be able to enter that name plus the port you designated. Otherwise, use the IP address for the system hosting your Squid proxy.
To test it, you can visit https://whatismyipaddress.com/ip-lookup – if your proxy is working, your IP address should be displayed as the IP address of the proxy server.
Add Squid ACLs
Note: After each of these steps, you must save and exit, then restart the Squid service to apply the
new settings.
Create an access control list by editing the squid.conf file again, as in step 4.
Add a new line as follows:
ACL Localnet SRC 192.168.0.15
This will create a rule that only allows the system at this IP address to connect. It is recommended that you comment out the line to identify the rule
: acl localnet src 192.168.0.15 # test computer
Anything after the # sign is ignored by Squid
.
You can specify an IP address range as follows
: Localnet SRC ACL 192.168.0.15/30
Open ports
To open a specific port, add the following:
ACL Safe_ports port 123# Custom port
Configure
proxy authentication
This forces users to authenticate to use the proxy.
Start by installing
apache2-utils: sudo apt-get install apache2-utils Create a passwd file and change the property to the Squid user proxy: sudo touch /etc/squid/passwd sudo chown
proxy: etc/squid/passwd
Add a new username and password
1. To add a new user to Squid, use the command:
sudo htpasswd /etc/squid/passwd newuser
The system will ask you to enter and confirm a password for newuser
. 2. Edit the /etc/squid/
squid.conf file and add the following command lines:
auth_param basic program /usr/lib64/squid/basic_ncsa_auth /etc/squid/passwd auth_param basic children 5 auth_param Basic Realm Squid Basic Authentication auth_param Basic Credentialsssttl 2 hours ACL auth_users proxy_auth REQUIRED http_access allow auth_users
Block websites in Squid Proxy
1. Create and edit a new text file /etc/squid/blocked.acl by entering: sudo nano /etc/squid/blocked.acl
2. In this file, add the websites that will be blocked, starting with a
period: .
facebook.com
.
twitter.com
Note: The period specifies to block all subsites of the main site
. 3. Open the /etc/squid/squid.conf file again: sudo nano /etc/squid
/squid.conf
4. Add the following lines just above your ACL list
: acl blocked_websites dstdomain “/etc/squid/blocked.acl” http_access deny blocked_websites
commands when working with
the Squid service To check the status
of your Squid software, enter
: Sudo systemctl status squid
This will tell you whether the service is running or not.
To start the service, Type
: sudo systemctl start squid Then configure the Squid service to start when the system starts by entering: sudo systemctl enable squid
You can rerun the status command now to verify that the service is up and running.
To stop the
service, use the command
: sudo systemctl stop squid To prevent Squid
from starting at startup, enter:
sudo systemctl disable squid
Conclusion
If you have followed it closely, you should now have a basic understanding of how Squid works and how to install and configure Squid Proxy on Ubuntu.
Proxy servers are a valuable tool for protecting network traffic, Prevent attacks and restrict access.
Check out our article on how to configure your Ubuntu system to work with a proxy server to configure your Ubuntu machine to use a proxy.
Interested in setting up this app on a different operating system? You may want to see how to install Squid on CentOS 7.