the luxury of invaluable experience.
9 Apr
Here are for Squid 2.6+ only and here we go
# yum install squid
Then we need to make a config
# vi /etc/squid/squid.conf
by change these config,
edit http port to use transparent proxy
http_port 8080 transparent
search the line with acl QUERY urlpath_regex cgi-bin \? and add these after it
acl nc_post method POST
acl nc_script urlpath_regex -i \.htm \.php /$
cache deny nc_post
cache deny nc_script
edit the size to fit your server
cache_mem 512 MB
maximum_object_size 8192 KB
minimum_object_size 2 KB
maximum_object_size_in_memory 128 KB
cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF
cache_dir aufs /var/spool/squid 1024 16 256
uncomment the logformat
logformat combined %>a %ui %un [%tl] “%rm %ru HTTP/%rv” %Hs %h” “%{User-Agent}>h” %Ss:%Sh
edit the following *ip change it to fit your server
access_log /var/log/squid/access.log combined
dns_nameservers 127.0.0.1 123.123.123.123
find the line acl CONNECT method CONNECT and add the following
acl to_httpd dst 123.123.123.123
acl to_httpdport port 80
acl to_httpdport port 3080
http_access allow to_httpd to_httpdport
edit the host name
visible_hostname your.hostnameyouwant.here.com
manage service and start it.
# chkconfig --level 345 squid on
# squid -z
# service squid start
now you need to edit iptables to use the proxy
# iptables -t nat -A PREROUTING -p tcp -m tcp -d 123.123.123.123 --dport 8080 -j DROP
# iptables -t nat -A PREROUTING -p tcp -m tcp -d 123.123.123.123 --dport 80 -j REDIRECT --to-ports 8080
# service iptables save
that’s all for running squid as transparent proxy but you need to do a following if you have problem experience with transparent proxy ip capture
add these line to php.ini at line auto_prepend_file
Leave a reply