Skip to content

Setting up a proxy for testing

Jump to bottom
Tim S edited this page Mar 18, 2020 · 1 revision

Setting up a Squid Proxy server on Ubuntu 16.04

Login to the server and update the package list.

sudo apt update -y

Install Squid Proxy server.

sudo apt -y install squid

Start and enable squid service to start on system boot.

sudo systemctl start squid
sudo systemctl enable squid

Verify the squid service status. You should be seeing the “active” status.

sudo systemctl status squid

Verify squid is running on the default port 3128

netstat -tnlp

Configuration

The Squid proxy configuration file is located in /etc/squid/squid.conf

It can be edited using sudo nano /etc/squid/squid.conf

To allow access from the whole internet add the following line

http_access allow all

To limit access to a limited IP address of range, replace the above line with

http_access allow localnet

And add the following line

acl localnet src [source-ip-range]

Example for a specific IP

acl localnet src 51.91.11.62

Example for a CIDR range

acl localnet src 51.0.0.0/28

Example for an IP range

acl localnet src 0.0.0.1-0.255.255.255

After making changes, restart the proxy with sudo systemctl restart squid

Testing Connectivity

Use the following curl command to test connectivity to the proxy

curl -x http://[YOUR-PROXY-IP]:3128 -I http://google.com

The response should contain a 200 OK code.

Setting Authentication

Install apache utils.

sudo apt install apache2-utils -y

Create a passwd file and change the ownership to proxy user.

sudo touch /etc/squid/passwd
sudo chown proxy /etc/squid/passwd

Create a user named proxyuser(or any username of your choosing) using the following command. It will prompt for a password. Provide a secure password.

sudo htpasswd /etc/squid/passwd proxyuser

Open the squid.conf file.

sudo nano /etc/squid/squid.conf

Add the following content to the file.

auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/passwd
auth_param basic children 5
auth_param basic realm Squid Basic Authentication
auth_param basic credentialsttl 2 hours
acl auth_users proxy_auth REQUIRED
http_access allow auth_users

Restart Squid server for the changes to take place.

sudo systemctl restart squid

Test squid proxy authentication

Test squid proxy authentication using curl. You can use the following syntax.

curl -x http://[squid-server-IP]:3128 --proxy-user proxyuser:[proxy-password] https://www.google.com

If you get a 407 code it means you entered the wrong username or password. The response should be a 200 code.

Conclusion

Your squid proxy is now installed and configured.

Clone this wiki locally