How to Install SQUID Proxy server in RHEL/CENTOS

Preamble

This guide will walk you through how to install Squid Proxy server on CentOS 8 / RHEL 8 Linux. Squid is a web proxy server application that gives organizations proxy and cache services for the Web supporting HTTP, HTTPS, FTP, and more. It reduces bandwidth and improves response times by caching and reusing frequently-requested web pages. Squid has extensive access controls and makes a great server accelerator. It runs on the most available operating systems, including Windows and is licensed under the GNU GPL. To install Squid on a CentOS 8/RHEL 8 server, proceed by following these steps.

Step 1: Update your server

Let us make sure our house is completely fresh before we embark on getting our server installed in a comfortable place.

sudo dnf update

Step 2: Install Squid

Squid is available on Yum repositories. Run the command below to install it in our clean server.

sudo dnf install squid -y

Step 3: Configure forward proxy settings

You send a connection request to a forward proxy, and then it retrieves data from the internet on your behalf. This way, it can act as a caching server as well by keeping all the pages being frequently visited within it. Next time you access pages that have been cached, your request does not need to go all the way to the internet. The browser retrieves it from the cache.

Before we go on, let us back up the default configuration file.

sudo cp /etc/squid/squid.conf /etc/squid/squid.conf.ori

Open squid’s main configuration file and add/edit the following

sudo vim /etc/squid/squid.conf

Comment out all of the default network ACL’s as shown below

#acl localnet src 0.0.0.1-0.255.255.255  # RFC 1122 "this" network (LAN)
#acl localnet src 10.0.0.0/8             # RFC 1918 local private network (LAN)
#acl localnet src 100.64.0.0/10          # RFC 6598 shared address space (CGN)
#acl localnet src 169.254.0.0/16         # RFC 3927 link-local (directly plugged) machines
#acl localnet src 172.16.0.0/12          # RFC 1918 local private network (LAN)
#acl localnet src 192.168.0.0/16         # RFC 1918 local private network (LAN)
#acl localnet src fc00::/7               # RFC 4193 local private network range
#acl localnet src fe80::/10              # RFC 4291 link-local (directly plugged) machines

#Add the subnet that will be using the proxy. This is typically your local area network(s). You can give them anyname.
 acl my_proxynet src 172.20.0.0/24
 http_access deny to_localhost
#Comment out the line below
#http_access allow localnet
#Allow the defined network acl above
 http_access allow my_proxynet
#Hide your IP address
 forwarded_for off
#Extra Settings
 request_header_access From deny all
 request_header_access Server deny all
 request_header_access Referer deny all
 request_header_access X-Forwarded-For deny all
 request_header_access Via deny all
 request_header_access Cache-Control deny all

Configure the cache type, the path to the cache directory, the cache size, and further cache type-specific settings in the cache_dir parameter.

#Uncomment the line below in the same config file
cache_dir ufs /var/spool/squid 10000 16 256

Step 4: Start Squid and allow its service on your firewall

In case your server has FirewallD running, we need to allow it so that clients can reach it. Run the commands below to Start/Enable then allow squid on your firewall.

sudo firewall-cmd --add-service=squid --permanent
sudo firewall-cmd --reload

Test if your proxy works. It should download the index.html file

curl -O -L "https://www.redhat.com/index.html" -x "localhost:3128"

Step 5: Configure CentOS client

On your CentOS client, you have the option of setting the proxy server system-wide or on a per-application basis. In order not to waste a lot of time doing the per-application basis, let us set our proxy server system-wide.

Open the file below and add the settings accordingly

sudo vim /etc/profile.d/proxyserver.sh

Add proxy settings:

MY_PROXY_URL="192.168.120.15:3128"  ## If your server has a domain name, you can replace the IP with it. 
HTTP_PROXY=$MY_PROXY_URL
HTTPS_PROXY=$MY_PROXY_URL
FTP_PROXY=$MY_PROXY_URL
http_proxy=$MY_PROXY_URL
https_proxy=$MY_PROXY_URL
ftp_proxy=$MY_PROXY_URL

Then source the file

source /etc/profile.d/proxyserver.sh

Conclusion

Now we have our Squid Proxy installed. Play around with it and check out what it can achieve in your set up. If you’d like to build more stuff, please throw your eyes below for the guides shared. We appreciate your stay on the blog and we hope it was helpful.

source: https://computingforgeeks.com/install-and-configure-squid-proxy-on-centos-rhel-linux/

Tags: ,