Here are for Squid 2.6+ only and here we go

# yum install squid

Then we need to make a config

# vi /etc/squid/squid.conf

by change these config,

edit http port to use transparent proxy

http_port 8080 transparent

search the line with acl QUERY urlpath_regex cgi-bin \? and add these after it

acl nc_post method POST
acl nc_script urlpath_regex -i \.htm \.php /$
cache deny nc_post
cache deny nc_script


edit the size to fit your server


cache_mem 512 MB
maximum_object_size 8192 KB
minimum_object_size 2 KB
maximum_object_size_in_memory 128 KB
cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF
cache_dir aufs /var/spool/squid 1024 16 256


uncomment the logformat


logformat combined %>a %ui %un [%tl] “%rm %ru HTTP/%rv” %Hs %h” “%{User-Agent}>h” %Ss:%Sh

edit the following *ip change it to fit your server

access_log /var/log/squid/access.log combined
dns_nameservers 127.0.0.1 123.123.123.123

find the line acl CONNECT method CONNECT and add the following

acl to_httpd dst 123.123.123.123
acl to_httpdport port 80
acl to_httpdport port 3080
http_access allow to_httpd to_httpdport

edit the host name

visible_hostname your.hostnameyouwant.here.com

manage service and start it.

# chkconfig --level 345 squid on
# squid -z
# service squid start

now you need to edit iptables to use the proxy

# iptables -t nat -A PREROUTING -p tcp -m tcp -d 123.123.123.123 --dport 8080 -j DROP
# iptables -t nat -A PREROUTING -p tcp -m tcp -d 123.123.123.123 --dport 80 -j REDIRECT --to-ports 8080
# service iptables save

that’s all for running squid as transparent proxy but you need to do a following if you have problem experience with transparent proxy ip capture
add these line to php.ini at line auto_prepend_file


$refip = explode(",", $_SERVER["HTTP_X_FORWARDED_FOR"]);
$_SERVER["REMOTE_ADDR"] = trim($refip[count($refip) - 1]);
$_SERVER["HTTP_X_FORWARDED_FOR"] = "";
for ($i=0; $i $_SERVER["HTTP_X_FORWARDED_FOR"] .= ", ".trim($refip[$i]);
}
if (!empty($_SERVER["HTTP_X_FORWARDED_FOR"]))
$_SERVER["HTTP_X_FORWARDED_FOR"] = substr($_SERVER["HTTP_X_FORWARDED_FOR"], 2);
else
unset($_SERVER["HTTP_X_FORWARDED_FOR"]);
?>

After I have googled for a hole day, I have finished config on idaemon server
so, I have to note this down for future purpose.

We have to edit Bind and Apache to let this work, here are example of config files.

maindomain zone file

maindomain.com. IN SOA ns1.maindomain.com. admin.maindomain.com. (
1164635879
3H
1H
7D
120 )

maindomain.com. IN NS ns1.maindomain.com.
maindomain.com. IN NS ns2.maindomain.com.

maindomain.com. IN A 1.2.3.4

maindomain.com. IN MX 1 apmx.l.google.com.
maindomain.com. IN MX 3 alt1.aspmx.l.google.com.
maindomain.com. IN MX 3 alt2.aspmx.l.google.com.
maindomain.com. IN MX 5 aspmx2.googlemail.com.
maindomain.com. IN MX 5 aspmx3.googlemail.com.
maindomain.com. IN MX 5 aspmx4.googlemail.com.
maindomain.com. IN MX 5 aspmx5.googlemail.com.

mail.maindomain.com. IN CNAME ghs.google.com.

*.maindomain.com. IN A 1.2.3.4

otherdomain zone file

otherdomain.com. IN SOA ns11.otherdomain.com. admin.otherdomain.com. (
1154635879
3H
1H
7D
120 )

otherdomain.com. IN NS ns11.otherdomain.com.
otherdomain.com. IN NS ns12.otherdomain.com.

otherdomain.com. IN A 1.2.3.4

*.otherdomain.com. IN CNAME otherdomain.com.

(more…)