Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


please suggest a good proxy setup tutorial
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

please suggest a good proxy setup tutorial

vanarpvanarp Member
edited May 2013 in General

I have a US based LEB that I want to use as personal web proxy server. Please suggest me a good tutorial to setup the same preferably for Ubuntu/Debian OS.

Comments

  • vanarpvanarp Member
    edited May 2013

    WOW! That is so simple tutorial to set it up. I just got it working. Thanks much!

    Any tips to keep my squid server secure and optimized?

  • limilawlimilaw Member

    Do remember to config some authentication if it is put on the internet, or it'll soon be abused by spam.

  • emreemre Member, LIR

    squid 3 with web based auth - quick way
    tested on ubuntu 10.x
    ``
    1-apt-get install squid3
    2-mv /etc/squid3/squid.conf /etc/squid3/squid.conf.orig
    3-nano /etc/squid3/squid.conf

    and paste following:

    #

    Recommended minimum configuration:

    acl manager proto cache_object
    acl localhost src 127.0.0.1/32
    acl to_localhost dst 127.0.0.0/8
    acl SSL_ports port 443
    acl Safe_ports port 80 # http
    acl Safe_ports port 21 # ftp
    acl Safe_ports port 443 # https
    acl Safe_ports port 70 # gopher
    acl Safe_ports port 210 # wais
    acl Safe_ports port 1025-65535 # unregistered ports
    acl Safe_ports port 280 # http-mgmt
    acl Safe_ports port 488 # gss-http
    acl Safe_ports port 591 # filemaker
    acl Safe_ports port 777 # multiling http
    acl CONNECT method CONNECT
    http_access allow manager localhost
    http_access deny manager
    http_access deny !Safe_ports
    http_access deny CONNECT !SSL_ports
    http_access allow localhost

    http_access deny all

    icp_access deny all
    htcp_access deny all
    http_port 3128
    hierarchy_stoplist cgi-bin ?
    access_log /var/log/squid3/access.log squid
    refresh_pattern ^ftp: 1440 20% 10080
    refresh_pattern ^gopher: 1440 0% 1440
    refresh_pattern (cgi-bin|\?) 0 0% 0
    refresh_pattern . 0 20% 4320

    auth_param basic program /usr/lib/squid3/ncsa_auth /etc/squid3/squid_passwd
    auth_param basic children 5
    auth_param basic realm Squid proxy-caching web server
    auth_param basic credentialsttl 2 hours

    acl ncsaauth proxy_auth REQUIRED
    http_access allow ncsaauth

    forwarded_for off

    #

    IMPORTANT

    change 12.34.56.78 and write down your server ip address below

    #

    acl ip1 myip 12.34.56.78
    tcp_outgoing_address 12.34.56.78 ip1

    request_header_access Allow allow all
    request_header_access Authorization allow all
    request_header_access WWW-Authenticate allow all
    request_header_access Proxy-Authorization allow all
    request_header_access Proxy-Authenticate allow all
    request_header_access Cache-Control allow all
    request_header_access Content-Encoding allow all
    request_header_access Content-Length allow all
    request_header_access Content-Type allow all
    request_header_access Date allow all
    request_header_access Expires allow all
    request_header_access Host allow all
    request_header_access If-Modified-Since allow all
    request_header_access Last-Modified allow all
    request_header_access Location allow all
    request_header_access Pragma allow all
    request_header_access Accept allow all
    request_header_access Accept-Charset allow all
    request_header_access Accept-Encoding allow all
    request_header_access Accept-Language allow all
    request_header_access Content-Language allow all
    request_header_access Mime-Version allow all
    request_header_access Retry-After allow all
    request_header_access Title allow all
    request_header_access Connection allow all
    request_header_access Proxy-Connection allow all
    request_header_access User-Agent allow all
    request_header_access Cookie allow all
    request_header_access All deny all

    #

    save and done (ctrl+x ,y)

    4- touch /etc/squid3/squid_passwd
    5- htpasswd /etc/squid3/squid_passwd yourproxyusername
    and enter your password

    6- service squid3 restart

    All Done!

    your proxy port is 3128

    NOTE: you can use Proxy Selector add-on for Firefox fo quick proxy changing.
    https://addons.mozilla.org/en-US/firefox/addon/proxy-selector/

    ``

  • vanarpvanarp Member

    @emre said: squid 3 with web based auth - quick way

    I followed all the steps and actually had to install apache2 before step 5 as it was not pre-installed. Now it does not prompt me for authentication and simply throws Access Denied error. Any idea what is going on?

    Is there another way to authenticate with username/password without having to install Apache?

  • @bigball said: I use this tutorial though

    Thanks for mentioning my tutorial @bigball :)

Sign In or Register to comment.