How to Set Up Squid Proxy for Private Connections on Rocky/RedHat/CentOS Linux .

Squid is a proxy caching server which provides proxy and cache services for Hyper Text Transport Protocol (HTTP), File Transfer Protocol (FTP), and other popular network protocols

Subtitle for This Block

The diagram below will help you comprehend the Squid Proxy architecture.

Step 1: Update Your System

Before installing any packages

# sudo dnf update -y

Step 2: Enable EPEL Repository on Rocky System

To enable the Epel repo on Rocky system, execute the command:

# sudo dnf install vim epel-release -y

Confirm EPEL has been added to the system:

# sudo dnf repolist

Step 3: Install Squid Server on Rocky System

Next install the Squid Proxy Server by using the below command:

# sudo dnf install squid*

Step 4: Verify Installation Squid proxy

Check the version of Squid proxy

# sudo squid --version

Step 5: Start, enable and restart squid service

Start the Squid service by running the below command.

# sudo systemctl start squid
# sudo systemctl enable squid
# sudo systemctl restart squid
# sudo systemctl status squid

Step 6: Configure Squid proxy server

  1. Backup the default configuration: the below command. 
    # cp -rf /etc/squid/squid.conf /etc/squid/squid.conf.back

  2. Edit the configuration file: Open the Squid configuration file using a text editor vim and nano, the below command 
    # vim /etc/squid/squid.conf

The Access Control List(ACL) defines who is allowed to use Squid as the proxy on your local network.

#ACL Rule
acl allow_network src "/etc/squid/allow_network"
acl blocksites dstdomain "/etc/squid/blocksites"

To allow access to this ACL, add the following line below the line http_access deny blocksites

# http_access allow localhost
http_acess deny blocksites
http_access allow allow_network

Change the default port (if needed): squid proxy

# squid normally listens to port 3128
http_port 3128
# Leave coredumps in the first cache dir
coredump_dir /var/spool/squid
coredump_dir ufs /home/squid_cache 40960 16 256

Step 7: Website blocking

  • Create a file to store the domains to be blocked. the below  command.
# sudo vim /etc/squid/blocksites

Add the websites to be blocked. For example,

.facebook.com
.twitter.com
.example.net
.abc.org

Save the file by pressing :wq and Entering press

 

  • Create a file regex_block to store the domains to be blocked. the below command.
# sudo vim /etc/squid/regex_block

 

Add the website to be blocked.

facebook
twitter

Save the file by pressing :wq and Entering press

 

  • Create a file allow_network to be blocked for you local network. below command
# sudo vim /etc/squid/allow_network

Add the you IP-address of your server system.

192.168.1.8

Save the file by pressing :wq and Entering press

 

  • Create a directory squid_cache . below the command
# mkdir /home/cache

 

  • Change the Owner directorie
    To apply ownership changes to a directorie below the command 
    # chown -R squid:squid /home/squid_cache

Step 8: reload and restart squid service

Restart the Squid service by running the below command.

# sudo systemctl reload squid.service
# sudo systemctl restart squid.service

Step 9: Configure Firewall

If your system has a firewall enabled, allow the Squid port 3128. below command

# firewall-cmd --add-port=3128/tcp --permanent 
# firewall-cmd --reload
 

Step 10: Proxy setting on the browser

It is also possible to connect to the Squid proxy server from the client using browsers, such as firefox/chrome. Navigate to Settings > General > Network Settings > Manual Proxy Configuration and also enable the Use this proxy HTTPS

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

Trends

How to Install and Configure Webmin on Rocky, RedHat and CentOS- 6.XExplore GitLab: Your All-in-One Solution for DevOps ExcellenceHow to reset password in Rocky/Alma Linux?Learn log files on Ubuntu