If you don't want to build Squid from scratch, you can simply Setup a Squid anonymous proxy
Please note that this whole manual refers to the version 3.5.23 of Squid. You probably would have to adapt some commands to the version you will actually download.
Read the install script before using it.
You may want to understand what the script is doing before executing it.
I will not be responsible for any damage caused to your server.
wget -qO- https://gist.githubusercontent.com/e7d/1f784339df82c57a43bf/raw/squid-install.sh | sh
Edit your /etc/apt/sources.list
file, and check that you have deb-src
entries like the following sample.
deb http://httpredir.debian.org/debian stable main
deb-src http://httpredir.debian.org/debian stable main
deb http://security.debian.org/ stable/updates main
deb-src http://security.debian.org/ stable/updates main
Build Squid 3 dependencies
apt-get update
apt-get install build-essential libssl-dev apache2-utils
apt-get build-dep squid3
cd /usr/src
wget http://www.squid-cache.org/Versions/v3/3.5/squid-3.5.23.tar.gz
tar zxvf squid-3.5.23.tar.gz
cd squid-3.5.23
./configure --prefix=/usr \
--localstatedir=/var/squid \
--libexecdir=${prefix}/lib/squid \
--srcdir=. \
--datadir=${prefix}/share/squid \
--sysconfdir=/etc/squid \
--with-default-user=proxy \
--with-logdir=/var/log/squid \
--with-pidfile=/var/run/squid.pid
make -j$(nproc)
make install
Extract the content of squid-lib-3.4.8.tar.gz to /usr/lib
cd /usr/lib
wget -O /usr/lib/squid-lib.tar.gz http://e7d.github.io/resources/squid-lib-3.4.8.tar.gz
tar zxvf squid-lib.tar.gz
rm squid-lib.tar.gz
Copy squid.conf contents to /etc/squid/squid.conf
.
rm -rf /etc/squid/squid.conf
wget --no-check-certificate -O /etc/squid/squid.conf https://gist.githubusercontent.com/e7d/1f784339df82c57a43bf/raw/squid.conf
With this sample configuration file, you can use a Htpasswd file at /etc/squid/users.pwd
to manage a basic authentication.
rm -rf /etc/squid/users.pwd
htpasswd -cbd /etc/squid/users.pwd proxy proxy
This this authentication is enabled by default/ To disable it you will have to comment the Authentication section of the sample
squid.conf
configuration file. See Disable authentication.
You can create your users entries using the htpasswd tool from Apache. See Manage user accounts.
You can directly use the users.pwd sample, providing you a basic user named proxy, using also proxy as password.
Copy squid.sh contents to /etc/init/squid
and make it executable.
wget --no-check-certificate -O /etc/init.d/squid https://gist.githubusercontent.com/e7d/1f784339df82c57a43bf/raw/squid.sh
chmod +x /etc/init.d/squid
Optionally, you can make it run automatically at server startup with
update-rc.d squid defaults
.
mkdir /var/log/squid
mkdir /var/cache/squid
mkdir /var/spool/squid
chown -cR proxy /var/log/squid
chown -cR proxy /var/cache/squid
chown -cR proxy /var/spool/squid
squid -z
Try to start your brand new Squid with service squid start
Squid offers some interesting customisation options you should have a look at. This modifications implies to edit the file located at /etc/squid/squid.conf
.
With the provided configuration, your proxy will be listening on HTTP port 3128, which is the squid default. You can change it to any available port that suits you with:
http_port 3128
Your proxy will respond to any request. If you want to limit its accessibility to a set of users, you may want to enable authentication, by uncommenting the following section:
#acl Users proxy_auth REQUIRED
#http_access allow Users
This authentication relies on a password file you will find at /etc/squid/users.pwd
. A sample user is included, defined with the following identification:
- username :
proxy
- password :
proxy
This user file may be modified following the next section instructions.
Using the command htpasswd, you can manage the users able to use the proxy:
- create/update a user:
htpasswd -bd /etc/squid3/users.pwd myuser mypw
- remove a user:
htpasswd -D /etc/squid3/users.pwd myuser
NOTE: Provided authentication relies on CRYPT algorithm. Information defined in users.pwd
must respect that, meaning that passwords can only be up to 8 characters.
authentication not working
it work for transparent proxy?
many time try.. still get error request pass
thank you