Post

Squid Proxy on Ubuntu

Posted
By Sena Perdiana 2 min read


Squid is a free and open-source caching proxy server for HTTP, HTTPS, FTP, and other popular network protocols. It acts as an intermediary between web servers and clients, caching frequently requested content to improve performance and reduce bandwidth usage.



Connection Topology

Here’s the connection topology, where all the HTTP/HTTPS traffic from client will go through the proxy server first before going to the firewall then the internet

x



Installing Squid Proxy on Ubuntu

Run this command to install Squid Proxy on Ubuntu

1

sudo apt install squid


After installed, run this command to see the service status

1

sudo systemctl status squid

x



Configuring Squid Proxy

Now let’s configure the proxy. First rename the original config file so we can start with a clean sheet

1

sudo mv /etc/squid/squid.conf /etc/squid/squid.conf.original


Then create a new one with this command

1

sudo nano /etc/squid/squid.conf


This simple configuration starts the proxy on 8080 port and allows all traffic from the client on 62.0.0.0/24 segment

1
2
3
4

http_port 8080
acl localnet src 62.0.0.0/24
http_access allow localnet
http_access allow localhost


Run this command to validate the configuration

1

sudo squid -k parse

x


Then restart the service for the configuration to take effect

1

sudo systemctl restart squid


Now let’s try connecting to internet using proxy with this command

1

curl -v -x http://62.0.0.10:8080 https://www.x.com


We can see the connection to proxy is working and we’re able to access the internet

x


Run this command to see the traffic logs

1

sudo tail -n 100 /var/log/squid/access.log

x



Firewall Configuration

Next is to allow web access only if the clients use the proxy, to do that we create two rules on the firewall

x

The first rule allows web access only for traffic originating from the proxy server, and the second one blocks all web traffic from other clients



Testing from Client PC

On the client PC, configure it to use the proxy

x


Now only the connection using proxy will be able to access internet

x

chrome (left) doesnt have proxy configured, while firefox (right) does


Checking the traffic logs on the firewall, we should see only traffic from the proxy server is allowed

x


Traffic logs can also be seen on the squid proxy server

x



Proxy Server Site Blocking

Now lets try blocking traffic to facebook and reddit, on the sqiuid.conf file add these lines

1
2

acl block_sites dstdomain .facebook.com .reddit.com
http_access deny block_sites

x


Now if we access facebook or reddit, we should see error saying proxy refuses the connection

x


On the squid logs we can also see the denied traffic

x


Proxy, Squid
Proxy
This post is licensed under CC BY 4.0 by the author.