Building a Squid Proxy Server on Linux

What

This article explains how to install and configure a basic Squid proxy server on Linux and how to configure clients to use it.

Why

Squid is a powerful caching proxy server that improves browsing performance, enables web filtering, and provides access control. Proper client configuration ensures traffic is routed through the proxy securely and effectively.

How

Step 1: Install Squid

On RHEL-based systems (AlmaLinux, Rocky, CentOS):

sudo dnf install squid -y

On Debian-based systems (Ubuntu):

sudo apt update
sudo apt install squid -y

Step 2: Configure the Squid Proxy

Edit /etc/squid/squid.conf:

sudo nano /etc/squid/squid.conf

Minimal working config:

http_port 3128

acl localnet src 192.168.0.0/16
http_access allow localnet
http_access deny all

dns_v4_first on

Recommended tuning additions:

cache_mem 64 MB
maximum_object_size_in_memory 512 KB
maximum_object_size 20 MB
access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log

Step 3: Enable and Start Squid

sudo systemctl enable --now squid

Step 4: Configure the Firewall

firewalld:

sudo firewall-cmd --add-port=3128/tcp --permanent
sudo firewall-cmd --reload

UFW:

sudo ufw allow 3128/tcp

Step 5: Configure Client Devices

On Linux (temporary shell setting):

export http_proxy="http://<squid-ip>:3128"
export https_proxy="http://<squid-ip>:3128"

On Linux (persistent system-wide):

Edit /etc/environment:

http_proxy="http://<squid-ip>:3128"
https_proxy="http://<squid-ip>:3128"

On Windows (PowerShell, current user only):

netsh winhttp set proxy <squid-ip>:3128

To reset:

netsh winhttp reset proxy

Step 6: Test the Connection

From a client:

curl -x http://<squid-ip>:3128 http://example.com

On the Squid server:

sudo tail -f /var/log/squid/access.log

Conclusion

This setup provides a simple, functional proxy server and client configuration without relying on PAC files. It offers centralized control, logging, and flexibility for network traffic management.