Squid is a free & open-source full featured web proxy cache server released under GPL 3, which can be used in many other ways like a web server caching daemon to speed up websites loading, cache DNS lookups, filter the traffic and many other network protocols, right now, Squid server supports HTTP and FTP protocols, there is a limited support to other protocols like TLS and SSL, it was first released in 1996.

Installation

Squid it’s available on Debian, so we can install Version 3 with the command:

aptitude -y install squid3

This automatically install also all the requirements that we need.

Configuration

The default configuration file for squid is located under /etc/squid3/squid.conf  . This file contains some configuration directives that needs to be configured to affect the behavior of the Squid.

For a simple setup, we just need to change some parameters to allow only our IP or LAN to use Squid and change the listening port.

Open this file for editing using Vi or your favorite editor and make changes as shown below.

vi /etc/squid3/squid.conf

Find the following line

#acl localnet src 10.0.0.0/8

This line create an acl (access control list) with name localnet, declaring as ip belonging to this rule all those in the LAN 10.0.0.0/8

Add your IP or LAN to localnet access list.

acl localnet src yourIP 

or

acl localnet src yourIP/24 

now you must add another parameter to match this change, search for the string:

http_access allow localhost

and ADD also the line

http_access allow localnet 

Change standard port

For security reasons it is recommended not to use the default port when possible, so I suggest to search for this line:

http_port 3128

And change the 3128 to any other port number > 1024.

After making above changes, you may restart the Squid proxy server using the command.

sudo service squid3 restart OR sudo /etc/init.d/squid3 restart

Now to test that your proxy server is working or not, you may open Firefox and go to Menu –> Options –> Advanced –> Network –> Settings and select “Manual proxy configuration” and enter your proxy server IP address and Port to be used for all connection as it follows.

Once you fill all the required proxy details, you will be able to surf the Web using your Squid proxy server, you may do the same thing in any other browser or program you want.

To make sure that you are surfing the web using your proxy server, you may visit http://www.whatismyip.net/ .

Anonymous Browsing

By default squid forwards the client IP to the respective website, but to set up an anonymous proxy we will disable it to hide client IPs and send only IPs which are configured on the squid server. Find the following line in the file /etc/squid3/squid.conf:

forwarded_for on

Change it to:

forwarded_for off

And add at the bottom of the squid.conf file the following instructions:

All done, save the file and restart squid with the command:

sudo service squid3 restart OR /etc/init.d/squid3 restart