How to Setup Squid3 as Transparent Proxy on Ubuntu Server 12.04

In How To 598 views

Previously I have posted about installation proxy server with squid3 on Ubuntu Server 12.04, on this post I’ll shown How to Set up/Configure Squid3 as Transparent Proxy. by activate squid3 as Transparent Proxy you no longer need to configure all the machines on your network to connect to Squid proxy server manually. All traffic will be routed to the Squid listening port automatically and your Ubuntu Server will act as routers.

Follow the guide Setup Transparent Proxy Server with Squid3 on Ubuntu server 12.04 LTS

Step 1. Make sure squid3 is installed correctly on ubuntu server, you can found tutorial squid3 the installation here

Step 2. Configure  network interfaces with static IP address, on this case proxy server using 2 network card

sudo nano /etc/network/interfaces
auto eth0
iface eth0 inet static
address 192.168.1.10
netmask 255.255.255.0
network 192.168.1.0
broadcast 192.168.1.255
gateway 192.168.1.1
post-up iptables-restore < /etc/iptables.up.rules
auto eth1
iface eth1 inet static
address 192.168.2.10
netmask 255.255.255.0
network 192.168.2.0
broadcast 192.168.2.255

Step 3. Edit file /etc/squid/squid.conf, add the word “transparent” on “http_port 3128” 

# NETWORK OPTIONS
# —————
#
http_port 3128 transparent

Change IP address on options “acl localnet src 192.168.1.0/24 # Your network here”

acl localnet src 192.168.2.0/24 # LAN Ip Address

save and exit.

Step 4. Edit /etc/sysctl.conf

sudo nano /etc/sysctl.conf

Replace with configuration below:

net.ipv4.ip_forward=1
net.ipv6.conf.all.forwarding=1

Save and exit

Step 5. define IPTABLE rules for port forwarding with Editing /etc/iptables.up.rules,

sudo nano /etc/iptables.up.rules
*nat -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.2.10:3128 -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128 -A POSTROUTING -s 192.168.2.0/24 -o eth0 -j MASQUERADE COMMIT

Save and exit..

Step 6. Edit /etc/rc.local, and add this script on end of file

iptables -t nat -A POSTROUTING -s 192.168.2.0/24 –o eth0 -j MASQUERADE

Step 7. Restart squid3 and network

sudo /etc/init.d/squid3 restart && sudo /etc/init.d/networking restart

On client set IP address manually:

IP address : 192.168.2.11 
Netmask: 255.255.255.0
Gateway: 192.168.2.10
DNS: 192.168.2.10 # or you can use Google DNS 8.8.8.8, 8.8.8.4;

Tags: #Proxy Server #Squid3 #Transparent Proxy

Must read×

Top