Transparent Proxy Browsing with Squid3

3rd place in the Teach something, Win something contest  goes to Mark Mearns for his SQUID installation script.
Mark took 3rd place because of the simplicity he created with this script which will make a great addition in the script collection together with this pptp setup script.
I have made a small addition at the end of this post with simple instructions on how I installed the proxy and instructions on what settings to change in Internet Explorer to use the proxy you created with this script. I have also written down the command to add more users after it has been installed.

I’ll leave you with a quote from Mark that he sent in with this script.

Installing Squid proxy server on a VPS is pretty straightforward. However, it is detectable that you are using a proxy, and your actual IP address is forwarded also. This is no good for accessing IP-geolocation restricted content, such as Hulu outside the US. Therefore, you need a transparent or ‘elite’ proxy. Squid can do this, you just need the correct settings in your squid.conf settings file. This script will install a transparent Squid proxy on a Debian-based VPS without any need for PPP modules etc to be enabled.

 

Login as root to the server that you will install SQUID on and with our favorite text editor and some copy/paste technique we will create the executable script.

Paste the text in the code section above and save the file.

Make it executable with this command

Execute the script and follow the instructions. You will actually only need to enter a username and password that will protect the proxy from anonymous use.

The username and password is shown in clear-text when entering them, this is the only time they will be shown in clear-text so make sure no one is watching over your shoulder.

When everything is installed you will see the IP and username needed to connect to your proxy.

squid3-install-done

 

Adding the proxy settings to Internet Explorer

Open Internet Options and on the Connections tab, click the button LAN settingsIE-Squid_settings1

Fill in the IP address that you got when the script finished installing and port 3128 in the dialog box that opens.

 

IE-Squid_settings2

 

Click OK all the way  until Internet Options are closed.

Open up Internet Explorer and enter your favorite URL and press enter. If everything is done correct you will be prompted with a login box where you enter your username and password that you set when installing Squid3 with the script. Clicking on the OK button afterwards will get you cruising the web using your Squid proxy server.

 

 

 

IE-Squid_settings3

 

Adding another user and password

To add another user you can run this command on the server running your Squid proxy server.

Change username to the username you would like to add and password to the password you would like to use.

 

 

20 comments for “Transparent Proxy Browsing with Squid3

  1. abd
    January 31, 2014 at 11:33

    Very nice, but why IE?

    • February 1, 2014 at 00:54

      Because other installed browsers (in windows) often uses the system settings, which is set in the IE connection properties.

  2. webh
    February 19, 2014 at 01:32

    Hello thank u for the helpful script 🙂

    How we can make it work without password ? I’m stuck on this

    • February 28, 2014 at 11:34

      You should never run a proxy without password.

      • webh
        April 26, 2014 at 03:43

        okay thanks . i’m improving my knowledge with squid

  3. George
    March 16, 2014 at 00:33

    Thanks! There is one small problem though while browsing some sites with .mp4 videos it won’t load them up. Is this related to the proxy?

    • March 18, 2014 at 20:28

      Could be if they are opened over a different port that is not included/allowed in the proxy configuration.
      If you can give an example on a site where you have this problem, I could perhaps give a better answer

      • George
        March 19, 2014 at 18:48

        Self hosted: http://goo.gl/64FMcx

        Thanks!

        • March 19, 2014 at 23:30

          On that link I get am error “html5 : file not found”. Guess you have the path wrong to your video file.

          • George
            March 20, 2014 at 15:05

            That’s exactly the issue. Path is correct. You can try it without using the proxy and it will load up just fine.

          • March 20, 2014 at 17:36

            I suspect it has something to do with the combination of squid and the “plugin” that you are using to play the videos.
            What software are you using on the server side? Does it say anything in the error log? Perhaps a 403 access denied?

  4. hashbak
    April 4, 2014 at 15:38

    how to limit access to certain IP without password ?

    Successfully remove password,

    I already edit and add the following line,but not work with limited IP:
    http://www.linuxquestions.org/questions/linux-networking-3/allowing-only-certain-ip-ranges-to-access-squid-333958/

    -hb-

    • hashbak
      April 4, 2014 at 15:39

      *limited for my IP only*

      • April 7, 2014 at 13:25

        you should add something like
        acl allowed_hosts src /32

        and then
        something like this
        http_access allow allowed_hosts

        this is from memory but you should be able to test your way from there.

        • hashbak
          April 20, 2014 at 07:10

          the problem fixed thanks for keyword. successfully limit based on IP.

          off topic:
          suggestions tutorial panel using ZPanel, VestaCP, webmin e.g. config dns, webserver, mail server, virtualhosts, loadbalancing etc

  5. September 11, 2014 at 23:18

    how can we add an ipv4 or ipv6 block to squid for use by clients and measure the bandwidth usage.

  6. January 1, 2015 at 00:57

    Thanks for the excellent script. It works perfect, no problems.
    Happy 2015 🙂

  7. Rami
    October 26, 2016 at 11:35

    Thanks for the script

    I used it for over 2 weeks without any problem but after that I begun to receive error messages with some of the HTTPS sites “Secure Connection Failed”, Any ideas?

    Thanks

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.