Configure Squid 3.x as Transparent Proxy on CentOS 7 / RHEL 7

There are several benefits of using a transparent proxy. First of all, for end users, a transparent proxy can enhance their web browsing performance by caching frequently accessed web content, while introducing minimal configuration overhead for them. For administrators, it can be used to enforce various administrative policies such as content/URL/IP filtering, rate limiting, etc.

A proxy server acts as an intermediary between a client and a destination server. The client sends requests to the proxy server which then evaluates the requests and takes necessary actions. In this tutorial, we will be setting up a web proxy server using Squid, which is a robust, customizable and stable proxy server. Personally, I had administered a Squid server with 400+ client workstations for about a year. Although I had to restart the service about once a month in average, CPU and storage utilization, throughput and client response time were all great.
Squid Installation and Configuration
# yum install squid –y
Edit squid configuration file
Before you edit default configuration file it is highly recommended to keep backup.
# cp /etc/squid/squid.conf /etc/squid/squid.conf.bk-26-05-2016
Open configuration file and add below mentioned parameters
# vi /etc/squid/squid.conf
Add transparent proxy setting and add and allow our network
# vi /etc/squid/squid.conf
# Allow LAN Network
acl our_network src

# Allow Network ACL Allow/Deny Section#
http_access allow our_network

# Transparent Proxy Parameters
http_port 3128 intercept

Save & Exit
Now start squid service and make sure it is added on startup.
# systemctl start squid
# systemctl enable squid
Add necessary iptables rules to setup squid as transparent proxy.
ptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 3128
iptables --t nat -A POSTROUTING --out-interface eth1 -j MASQUERADE
Now you can save your iptable rules by following command:
service iptables save
That’s It, Now squid should work smoothly in transparent proxy mode.

About Author:

I am a Linux Administrator and Security Expert with this site i can help lot's of people about linux knowladge and as per security expert i also intersted about hacking related news.TwitterFacebook

Newer Post
Older Post


Post a Comment