December 7, 2024

Squid proxy howto

Proxies allow you to cache content so you don’t have to reload it twice, make it seem like you’re coming from somewhere else, create content scanners against things like viruses so you don’t get infected, and other stuff. They’ll speed up your internet with the cached content so it might seem faster if you go to the same page frequently. There are lots of ways to do this, but this howto is just a down-and-dirty cut/paste to get squid proxy working on a debian server

Squid proxy setup

apt-get install squid3

Now we set up the anonymizing features

cp /etc/squid/squid.conf /etc/squid/squid.conf.orig
vi /etc/squid/squid.conf
  acl localnet src 192.168.1.0/24 <- uncomment this, and change to match yours
  http_access allow localnet <- uncomment
 
  http_port 3128 <--- set the port to what you want your browser to connect on, 3128 is default
  tcp_outgoing_address pub.lic.ip.address public_ip <--- your public IP, add this line
  acl public_ip pub.lic.ip.address <--- add this line, set to your public IP
  acl remote your.clients.ip.address
  http_access allow manager localhost
  (change to)
  http_access allow manager localhost remote
 (uncomment the following lines)
  header_access Allow allow all
  header_access Authorization allow all
  header_access WWW-Authenticate allow all
  header_access Proxy-Authorization allow all
  header_access Proxy-Authenticate allow all
  header_access Cache-Control allow all
  header_access Content-Encoding allow all
  header_access Content-Length allow all
  header_access Content-Type allow all
  header_access Date allow all
  header_access Expires allow all
  header_access Host allow all
  header_access If-Modified-Since allow all
  header_access Last-Modified allow all
  header_access Location allow all
  header_access Pragma allow all
  header_access Accept allow all
  header_access Accept-Charset allow all
  header_access Accept-Encoding allow all
  header_access Accept-Language allow all
  header_access Content-Language allow all
  header_access Mime-Version allow all
  header_access Retry-After allow all
  header_access Title allow all
  header_access Connection allow all
  header_access Proxy-Connection allow all
  header_access All deny all