Using Squid As A Proxy

From VVCWiki
Revision as of 09:03, 10 July 2009 by Vvc (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search

Overview

My nephew says "I can't reach some websites a work. How do I get around that". I thought about it for a moment and said to my self..."Who would know how to circumnavigate web commies???" The answer was "ask a former citizen of the USSR" :)

I'm sure there are many ways, but Squid was easy to setup, and not only did do what I what I wanted, it also did things that were important that I didn't consider. I say it was easy, but it was only easy when being directed by my friend and ex patriot of the Ukraine.

Assuming you are using Redhat variant, here we go...

Major steps:

  1. Install Squid
  2. Configure Squid
  3. Add user
  4. Start Squid
  5. Configure Your Browser

Now every time you first start your browser, it will ask you for your super secret username and password. After that go to whatever URL you want. All the traffic from your browser will go to your proxy. Your proxy will be the host opening the URL you requested, so the web commies will just see a connection to your innocent little proxy :)

Enjoy,
Dennis Burdick

Install Squid

This couldn't be easier. First lets find out what which version we should install. It should install the correct architecture, but I don't trust it.

sudo -i
yum search squid

Make sure it matches your architecture. I am running 32 bit, so I want to see i386 architecture...

yum -y install squid.i386

Configure Squid

This is the hardest part, unless you have a Vadym sitting next to you. Here is what I did...

  • First allow port 3128 to pass through your firewall.
  • Enable authorization

Find "auth_param basic program" in your squid.conf. Uncomment this line. You will want to change the directories. Here is what mine looks like..

auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/squid.passwd
  • Now let's add the ACL entries. Put this at after the auth_param line, or Vadym will call you a dork. (I know this from experience) I recommend in the section that starts with...
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
acl my_users proxy_auth REQUIRED
http_access allow my_users
  • Dance, because you are finished with the hard part.

Add user

Let's add a user using the apache tool

htpasswd -c /etc/squid/squid.passwd <username>

Of course replace <username> with the desired username. You will be prompted for your super secret password.

Start Squid

Simple enough..

service squid restart

If you want it to start on reboot...

chkconfig squid on

Configure Your Browser

This part obviously depends on your browser. This is how I did it in Firefox.

  • Go to "Tools", then "Options..."
  • Pick the "Advanced" Icon
  • Pick the "Network" tab.
  • Click on "Settings..." button
  • Choose radio button labeled "Manual proxy configuration:"
  • In the edit box labeled "HTTP Proxy:" enter the host name where squid is running.
  • In the edit box labeled "Port:" enter 3128

Hit the "Okay" buttons until you out of both modal dialog boxes.