• Italiano
  • English
  • Pусский
  • Español
ubuntu debian

How to setup Squid Transparent Proxy Server on Ubuntu and Debian

18 ago 2023 2 min di lettura
How to setup Squid Transparent Proxy Server on Ubuntu and Debian
Indice dei contenuti

Introduction

Transparent proxy servers sit between clients and the Internet, intercepting all requests without requiring client-side configuration. A popular software solution for implementing a transparent proxy is Squid. In this article, we will go over the process of setting up Squid on Ubuntu and Debian systems.

Prerequisites

  • A system running Ubuntu or Debian.
  • Root or sudo access.

Installation

Update your system's package list.

sudo apt-get update

Install Squid.

sudo apt-get install squid

Configuration

Back up the original configuration file. This is always a good practice.

sudo cp /etc/squid/squid.conf /etc/squid/squid.conf.original

Edit the configuration file.

sudo nano /etc/squid/squid.conf

To configure a basic transparent proxy, make the following changes in the configuration file:

Find the line http_port 3128 and change it to:

http_port 3128 intercept

Allow local network access to the Internet. Replace YOUR_NETWORK with the CIDR of your local network, for example 192.168.1.0/24.

acl localnet src YOUR_NETWORK
 http_access allow localnet

Save the file and exit the editor.

Traffic redirection

For the proxy to function as a transparent proxy, all web traffic must be redirected to go through it. This can be done using iptables.

Redirect HTTP traffic (port 80) to Squid.

sudo iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to 127.0.0.1:3128

Replace eth0 with your network interface if it's different.

Make sure the iptables rules persist after a reboot. One way to achieve this is to install iptables-persistent.

sudo apt-get install iptables-persistent

During installation, you will be asked to save your current rules. Choose "Yes" for both IPv4 and IPv6 rules.

Start and test

Restart Squid to apply the changes.

sudo systemctl restart squid

Check the status of Squid.

sudo systemctl status squid

Test the configuration by attempting to access the Internet from a client computer. You shouldn't need to do any client-side configuration if everything is set up correctly.

Monitoring and logs

To get detailed information about accessed websites, Squid provides logs. The access log can be checked on:

cat /var/log/squid/access.log

Conclusion

A transparent proxy can be beneficial for several reasons, such as bandwidth management, content filtering or monitoring. Squid offers a powerful solution for this purpose. While the previous steps provide a basic setup, Squid offers several advanced features and configurations worth exploring to meet your specific needs.

Buy me a coffeeBuy me a coffee

Supportaci se ti piacciono i nostri contenuti. Grazie.

Successivamente, completa il checkout per l'accesso completo a Noviello.it.
Bentornato! Accesso eseguito correttamente.
Ti sei abbonato con successo a Noviello.it.
Successo! Il tuo account è completamente attivato, ora hai accesso a tutti i contenuti.
Operazione riuscita. Le tue informazioni di fatturazione sono state aggiornate.
La tua fatturazione non è stata aggiornata.