Linux: Squid Proxy Server Profile

Linux: Squid Proxy Server Profile


Squid is a caching and forwarding HTTP web proxy. It has a wide variety of uses, from speeding up a web server by caching repeated requests; to caching web, DNS and other computer network lookups for a group of people sharing network resources, to aiding security by filtering traffic.


Packages :


Service Name:


Default port :


Config File :


Log file Path:


Configuration Steps of Squid Server:

01. Backup the original configuration  file.

# mv /etc/squid/squid.conf /etc/squid/

Create a new /etc/squid/squid.conf file with the following contents. Edit the Access Control List (ACL) line for mynetwork to define source network for your local network. This is the network where client systems use the Squid server as their web proxy.

# vi    /etc/squid/squid.conf

acl mynetwork src
http_access allow mynetwork

02. Add the following lines to the top of the /etc/squid/squid.conf file replacing the example IP address  to make the squid as a HTTP Proxy Server.

cache_dir ufs /var/spool/squid 500 16 256

acl my_machine src #Replace with your IP address

http_access allow my_machine

03. Specifying the HTTP Port

# Squid normally listens to port 3128

http_port 8080 3128 ; [ You can use one or more port ]


04. Block bad sites

acl blocksites url_regex "/etc/squid/blocksites"

http_access deny blocksites

05. Block File downloads

acl restrictfiles urlpath_regex "/etc/squid/blockfiles"

http_access deny restrictfiles

06. Restrict download speed ACL

#The numbers here are values in bytes;

#we must remember that Squid doesn't consider start/stop bits

#524288/524288 are values for the whole network

#52428/52428 are values for the single IP
acl speedcontrol src

delay_pools 1

delay_class 1 2

delay_parameters 1 524288/524288 52428/52428

delay_access 1 allow speedcontrol


07. Save and exit from the squid.conf file.

Write the bad site names in the file.

# vi /etc/squid/blocksites




Write the block file list in the file.

# vi /etc/squid/blockfiles











Start the service and enable it on boot:

#  systemctl enable squid

#  systemctl start squid

If firewall is enabled, allow the Squid port.

#  firewall-cmd --add-port=3128/tcp –permanent

#  firewall-cmd --add-port=8080/tcp --permanent


Abul Faeze Mohammad Bakabillah (Russell)

Abul Faeze Mohammad Bakabillah (Russell)

I am A. F. M Bakabillah . Working as an ICT Consultant since 2008 in a Project ( IsDB-BISEW IT Scholarship Programme ) . Along with MTCNA and MTCRE I am Also MCP, MCSA, MCSA: Messaging, RHCE, ITIL & CEH Certified . I am experienced in Routing (Static, OSPF & BGP), VPN and Tunneling (IPSec, PPtP, L2TP, EoIP), Firewall (Filter, NAT, Mangle) , Bandwidth Management, PPPoE, Policy Routing.

Comments 0

There are no comments yet.
Your message is required.


LINUX Runlevels

sumanbd77 | 03/25/2020 00:30


rbillah | 02/09/2020 22:52