What
This article explains how to install and configure a basic Squid proxy server on Linux and how to configure clients to use it.
Why
Squid is a powerful caching proxy server that improves browsing performance, enables web filtering, and provides access control. Proper client configuration ensures traffic is routed through the proxy securely and effectively.
How
Step 1: Install Squid
On RHEL-based systems (AlmaLinux, Rocky, CentOS):
sudo dnf install squid -y
On Debian-based systems (Ubuntu):
sudo apt update
sudo apt install squid -y
Step 2: Configure the Squid Proxy
Edit /etc/squid/squid.conf:
sudo nano /etc/squid/squid.conf
Minimal working config:
http_port 3128
acl localnet src 192.168.0.0/16
http_access allow localnet
http_access deny all
dns_v4_first on
Recommended tuning additions:
cache_mem 64 MB
maximum_object_size_in_memory 512 KB
maximum_object_size 20 MB
access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
Step 3: Enable and Start Squid
sudo systemctl enable --now squid
Step 4: Configure the Firewall
firewalld:
sudo firewall-cmd --add-port=3128/tcp --permanent
sudo firewall-cmd --reload
UFW:
sudo ufw allow 3128/tcp
Step 5: Configure Client Devices
On Linux (temporary shell setting):
export http_proxy="http://<squid-ip>:3128"
export https_proxy="http://<squid-ip>:3128"
On Linux (persistent system-wide):
Edit /etc/environment:
http_proxy="http://<squid-ip>:3128"
https_proxy="http://<squid-ip>:3128"
On Windows (PowerShell, current user only):
netsh winhttp set proxy <squid-ip>:3128
To reset:
netsh winhttp reset proxy
Step 6: Test the Connection
From a client:
curl -x http://<squid-ip>:3128 http://example.com
On the Squid server:
sudo tail -f /var/log/squid/access.log
Conclusion
This setup provides a simple, functional proxy server and client configuration without relying on PAC files. It offers centralized control, logging, and flexibility for network traffic management.
