Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. It reduces bandwidth and improves response times by caching and reusing frequently-requested web pages. Squid has extensive access controls and makes a great server accelerator.

Download the latest stable version of Squid

cd /extra/src
wget http://www.squid-cache.org/Versions/v3/3.5/squid-3.5.3.tar.gz
tar zxf squid-3.5.3.tar.gz
cd squid-3.5.3

Configure Squid as a transparent proxy:

./configure --enable-linux-netfilter --enable-follow-x-forwarded-for
make install

Enable the default cache_effective_user, nobody, to access the log directory:

chown nobody:nobody /usr/local/squid/var/logs

Basic Configuration
The default configuration file is /usr/local/squid/etc/squid.conf. If you are going to proxy requests for your internal network, add a localnet directive for your internal network (if there isn't one already):

acl localnet src

If you don't want to cache any data and only log requests through the Squid proxy, you can use the cache access list to make Squid never cache anything:

cache deny all

Automatic startup
We're going to use daemontools. If you haven't already, install daemontools.

Create a directory for the Squid service:

mkdir -m 1755 /var/service/squid
cd /var/service/squid

Create the /var/service/squid/run script, making sure to change the servername:

rm -f /var/run/squid/squid.pid
exec /usr/local/squid/sbin/squid -N 2>&1

Make the script executable:

chmod 755 run

Our log script comes from John Simpson's:

mkdir -m 755 log
cd log
wget http://qmail.jms1.net/scripts/service-any-log-run
mv service-any-log-run run
chmod 755 run

Finally, add the service to daemontools by creating the symbolic link in /service

ln -s /var/service/squid /service/squid

Confirm that the service is running:

svstat /service/squid /service/squid/log

Transparent Proxy

iptables -t nat -A PREROUTING -s SQUIDIP -p tcp --dport 80 -j ACCEPT
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 3128
iptables -t nat -A POSTROUTING -j MASQUERADE

Restarting Squid
To reload Squid after making configuration changes:

/usr/local/squid/sbin/squid -k reconfigure

Recent Updates

  • 3 months 3 weeks ago
  • 3 months 3 weeks ago
  • 3 months 3 weeks ago
    php 8.x
  • 3 months 3 weeks ago
  • 3 months 4 weeks ago
    Drop Centos 5/6 stuff