Installing Transparent Proxy Server on Debian / Ubuntu Squid 2.6
First of all, install squid by using our lovely packaging management “apt-get”
glen@lumanau:~$ sudo apt-get install squid
After all finished, let’s edit the configuration. Use your favorite editor. For this tutorial, I’m using “vi” as the editor
glen@lumanau:~$ sudo vi /etc/squid/squid.conf
Find this in squid.conf and change it
visible_hostname proxy.lumanau.web.id
cache_mgr glen@lumanau.web.id
http_port 3128 transparent
always_direct allow all
cache_dir ufs /var/spool/squid 500 16 256
That’s all you need to change on squid.conf
Now create the cache directory by typing
glen@lumanau:~$ sudo squid -z
Now you can run the squid
glen@lumanau:~$ sudo /etc/init.d/squid start
Finished? NOT YET..
We are now have to set for transparent proxy. Transparent proxy means that we don’t have to enter any proxy address on browser. If we browse a website, we are going to port 80. But with this tutorial, we’re forwarding any connection that’s going to port 80 to our squid server automatically. So let’s start setting this.
glen@lumanau:~$ sudo echo 1 > /proc/sys/net/ipv4/ip_forward
This method is to enabling ip forwarding
Put that script in your startup scripts.
Now you have to put masquerading method so you can forward the connection
glen@lumanau:~$ sudo apt-get install ipmasq
Last step..
glen@lumanau:~$ sudo iptables -A PREROUTING -t nat -p tcp –dport 80 -j REDIRECT –to-port 3128
This command is for forward any request on port 80, will be forwarded to port 3128 (our squid port)
Now you can run transparent squid proxy
glen@lumanau:~$ sudo /etc/init.d/squid start
Congratulations….!!! You have successfully install your Transparent Proxy on your server..
very nice blog site and posts.
wish to be ur friend and share our knowledge. my mail id is reza_nayem2000@yahoo.com .
hope to hear from u soon.
I have installed suid 2.6 with Debian 4.0 but I am not able to run it in transparent mode. yes, I have placed the transparent in the http_port. I can surf the net by adding the proxy info in the browser. I have read that you need to compile squid with the iptable option. Can someone guide me in how to do so?
Thx,
are you sure you already do as I mentioned? You need to install ipmasq and do forwarding using iptables
I install the ipmasq but upon reboot everything failed to work. Why?
Can you see at /var/log/syslog ?
What’s the error msg says?
Make sure it’s already loaded on startup by typing
update-rc.d ipmasq defaults
Bung,, Klo saya memakai 1 lan card saja dan tidak sebagai router, gmn mo set supaya jadi transparent proxy ni? Klo manual, saya bisa
Tidak bisa.. Dikarenakan di komputer si klien sendiri, akan ngecheck melalui gateway yang digunakan. Jadi harus diinstallnya di dalam gatewaynya
Should I install the ipmasq? I’m not able to run the transparent proxy.
I have installed transparent proxy, and the results are running, but when I open the browser, why does not my site that can not block access, please comment
saya telah menginstal transparent squidnya, dan hasilnya berjalan , tapi ketika saya buka browser , kenapa situs yang tidak saya blok tidak bisa di akses,tolong komen
@Argam
It’s not needed actually. You can manually add a firewall rules.
iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -j MASQUERADE
@menk
boleh dijelaskan lebih detailnya? Mungkin bisa diperlihatkan acl rules Anda.