This tutorial is to show you how to install a proxy on Debian 7 using SQUID3
In order for this to work correctly you will need to follow these instructions.
#!/bin/bash # ©2013-14 Mark Mearns. All Rights Reserved. # This script is distributed under a Creative Commons ShareAlike 3.0 licence. # http://creativecommons.org/licenses/by-sa/3.0/ clear echo " " echo "*****************************************************" echo "WELCOME TO THE SQUID PROXY SERVER INSTALLATION SCRIPT" echo "-----------------------------------------------------" echo " " echo " This script will set up a password protected, elite" echo " proxy on your target server" echo " " echo "*****************************************************" echo " " echo " " echo "Please enter a user name for Squid:" read u echo " " echo "Please enter a password (will be shown in plain text while typing):" read p echo " " clear a="`netstat -i | cut -d' ' -f1 | grep eth0`"; b="`netstat -i | cut -d' ' -f1 | grep venet0:0`"; if [ "$a" == "eth0" ]; then ip="`/sbin/ifconfig eth0 | awk -F':| +' '/inet addr/{print $4}'`"; elif [ "$b" == "venet0:0" ]; then ip="`/sbin/ifconfig venet0:0 | awk -F':| +' '/inet addr/{print $4}'`"; fi apt-get update apt-get -y install apache2-utils apt-get -y install squid3 rm /etc/squid3/squid.conf cat > /etc/squid3/squid.conf <<END acl ip1 myip $ip tcp_outgoing_address $ip ip1 auth_param basic program /usr/lib/squid3/ncsa_auth /etc/squid3/squid_passwd acl ncsa_users proxy_auth REQUIRED http_access allow ncsa_users acl manager proto cache_object acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access deny all http_port 3128 hierarchy_stoplist cgi-bin ? coredump_dir /var/spool/squid3 cache deny all refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern . 0 20% 4320 icp_port 3130 forwarded_for off request_header_access Allow allow all request_header_access Authorization allow all request_header_access Proxy-Authorization allow all request_header_access Proxy-Authenticate allow all request_header_access Cache-Control allow all request_header_access Content-Encoding allow all request_header_access Content-Length allow all request_header_access Content-Type allow all request_header_access Date allow all request_header_access Expires allow all request_header_access Host allow all request_header_access If-Modified-Since allow all request_header_access Last-Modified allow all request_header_access Location allow all request_header_access Pragma allow all request_header_access Accept allow all request_header_access Accept-Charset allow all request_header_access Accept-Encoding allow all request_header_access Accept-Language allow all request_header_access Content-Language allow all request_header_access Mime-Version allow all request_header_access Retry-After allow all request_header_access Title allow all request_header_access Connection allow all request_header_access Proxy-Connection allow all request_header_access User-Agent allow all request_header_access Cookie allow all request_header_access All deny all END htpasswd -b -c /etc/squid3/squid_passwd $u $p service squid3 restart clear echo " " echo "***************************************************" echo " Squid proxy server set up has been completed." echo " " echo "You can access your proxy server at $ip" echo "on port 3128 with user name $u" echo " " echo "***************************************************" echo " " echo " "
Login as root to the server that you will install SQUID on and with our favourite text editor and some copy/paste technique we will create the executable script.
nano squid-install.sh
Paste the text in the code section above and save the file.
Make it executable with this command
chmod +x ./squid-install.sh
Execute the script and follow the instructions. You will actually only need to enter a username and password that will protect the proxy from anonymous use.
The username and password is shown in clear-text when entering them, this is the only time they will be shown in clear-text so make sure no one is watching over your shoulder.
./squid-install.sh
When everything is installed you will see the IP and username needed to connect to your proxy.
To add another user you can run this command on the server running your Squid proxy server.
htpasswd -b /etc/squid3/squid_passwd username password
Change username to the username you would like to add and password to the password you would like to use.
A good place to get a VPS to get take advantage of this tutorial is www.owned-networks.net