Setup a Transparent Proxy using Squid Proxy Server. In this post, we introduce Squid proxy, its advantages, and working principle then show you how to set up a transparent proxy using Squid.
After setting up a transparent proxy, you don’t need to define proxy settings on each user’s web browser. In this setup, the Squid server acts as a gateway between users and the internet. When any user accesses the internet, the transparent proxy redirects all the internet traffic from port 80 to the squid proxy’s port 3128.
Since the internet became publicly available, there has been ongoing competition to achieve the fastest internet connections. Proxycache servers are one of the multiple means used to obtain steadily higher speeds. One of these servers is the Squid Proxy Cache Server. This article discusses Squid Proxy, how it works, and its advantages.
An open source proxy server called Squid serves cache and proxy services for the Web. It operates as a reverse proxy, delivering client requests to servers, or a forward proxy, receiving and transmitting client requests to servers.
To create a new solution for a specific use case, Squid is commonly used in conjunction with a variety of other open source tools, including iptables and dnsmasq. Besides, Squid is designed to run on Unix like systems, including Linux and macOS.
Moreover, Squid is a highly configurable software program that is modified to match the specific needs of an individual or a company. Many companies prefer it due to its flexibility, configurability, and capacity to manage large traffic volumes.
All in all, a proxy server for caching called Squid acts as a link between client computers and the Internet. Caching frequently accessed web pages, files, and other data increases the network speed and decreases the quantity of data transferred over the network.
Squid examines its cache when a client computer requests a website to see whether it already contains a copy of the content. If so, it delivers cached page to the client. If the page isn’t already in the cache, Squid fetches it from the Internet and stores a copy for later use in its cache.
Furthermore, Squid performs various tasks like request filtering, network optimization, and authentication. Let’s have a look at its process:
Client sends a request: A client, such as a web browser, sends a request for a resource, such as a web page, to the Squid proxy.
Squid checks the cache: Checks its cache to see if it already has a copy of the requested resource.
It returns cached resource: If the resource is in the cache, Squid returns the cached resource to the client.
Squid retrieves the resource: If the resource is not in the cache, Squid forwards the request to the appropriate server, retrieves the resource on behalf of the client, and caches the resource for future use.
It returns the resource to the client: Returns the retrieved resource to the client.
Squid proxy not only secures your system proxy but also serves numerous advantages:
Security: Establish an additional layer of security for your network by setting Squid to filter out harmful or unwanted traffic.
Filtering: Squid proxy is beneficial for parental control, network security, and content filtering. You set it up to restrict access to particular sites or kinds of content.
Load balancing: Squid divides incoming requests among several backend servers, helping in load balancing and improving performance.
Access control: Administrators build up authentication and authorization procedures using Squid to control Internet access.
Authentication: Squid is set up to ask for user authentication before providing access to the internet. That proves to be beneficial in a corporate environment.
Customisation: Squid is highly flexible and adaptive to a company’s special needs.
Traffic optimization: Squid proxy compresses data, reduces the number of network requests, and prevents redundant data transfers, which may significantly increase web access speed.
Compatibility:Squid proxy is a flexible solution for various network settings because it supports numerous protocols, including HTTP, HTTPS, FTP, and others.
Overall, Squid proxy is a helpful tool for many users because it can improve the internet connection speed, security, and efficiency for both individuals and organizations.
We have arrived to the main part of of how to Setup a Transparent Proxy using Squid Proxy Server.
Next, you need to install the Squid proxy server package on your server. By default, this package is included in the default repository of all major Linux distributions.
For Ubuntu and Debian based Linux distributions, run the following command to install the Squid package.
apt install squid -y
If you want to install Squid on CentOS, RHEL and Fedora based Linux distributions, run the following command to install the Squid package.
dnf install squid -y
After installing the Squid package, start the Squid service and enable it to start at system reboot.
systemctl start squid
systemctl enable squid
Check the status of Squid with the following command.
systemctl status squid
If you want to verify the Squid version, run the following command.
squid -version
You should see the Squid version information on the following screen.
You need to add modify the eth0 network interface if you have another interface configured on your server. Now, you list all your added rules with the following command.
iptables -t nat -L
You should see all iptables rules on the following screen.
If you did any misconfiguration and want to delete all rules, run the following command.
iptables -t nat -F
Configure Firewalld Firewall for Squid
If you are using Firewalld firewall service then you add all rules with the following commands.
After setting up a Squid as a transparentproxy, you need to configure a client machine to route all internet traffic via the Squid server. Follow the below steps to configure the client machine.
Step 1 – Log in to your Ubuntu desktop in my example or your Windows desktop and open the Network settings. You should see the following screen. If using Windows you find these settings in your browser settings.
Step 2 – Click on the + icon beside the Wired connection. You should see the Network configuration wizard.
Step 3 – Click on the IPv4 tab then provide private IP from Squid IP range, subnet mask, provide Squid server IP in gateway field, DNS IP then click on the Add button to save the changes. You should see the newly added network interface on the following screen.
At this point, your Squid server is configured as a transparent proxy. When any user accesses the internet, all request goes via the Squid server.
Thank you for reading Setup a Transparent Proxy using Squid Proxy Server. We shall conclude.Â
Setup a Transparent Proxy using Squid Proxy Server Conclusion
In this post, you have learned how to install and configure Squid as a Transparent proxy on Linux. You can now track all user’s activity from the Squid server. As more people become aware of the benefits of using web proxies, their use has increased. Lastly, Proxy servers are becoming more common, especially among individual and casual customers, due to improved online security and accessibility.
Following, Squid proxies are often used by those seeking a two in one solution. It works as a caching tool in addition to serving as a reliable proxy server. Using a single Squid proxy does not necessitate the installation of any extra servers.
I am a fan of open source technology and have more than 10 years of experience working with Linux and Open Source technologies. I am one of the Linux technical writers for Cloud Infrastructure Services.
51vote
Article Rating
Subscribe
Login and comment with
I allow to create an account
When you login first time using a Social Login button, we collect your account public profile information shared by Social Login provider, based on your privacy settings. We also get your email address to automatically create an account for you in our website. Once your account is created, you'll be logged-in to this account.
DisagreeAgree
Login and comment with
I allow to create an account
When you login first time using a Social Login button, we collect your account public profile information shared by Social Login provider, based on your privacy settings. We also get your email address to automatically create an account for you in our website. Once your account is created, you'll be logged-in to this account.