Squid – more than just an octopus

08/07/2017

Rubber rings at the nirkhole have always been my fave.

So you need squid, huh. Like this. Again, based on #Centos7

Install it, yum yum,

# yum install -y squid.x86_64

Backup the config incase you fuck it up like i commonly do. Note theres a default there too for extreme stupidity on my behalf which is awesome.

# cp /etc/squid/squid.conf /etc/squid/squid.conf.org

Add your localnet and # out the rest – in my case 192.168.0.0/16 works

vi /etc/squid/squid.conf 
#acl localnet src 10.0.0.0/8    # RFC1918 possible internal network
#acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl localnet src 192.168.0.0/24 # RFC1918 possible internal network
#acl localnet src fc00::/7       # RFC 4193 local private network range
#acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged) machines

#cache_dir ufs /var/spool/squid 100 16 256 - unrem this out if you do a lot of http. https won’t be cached

Save that shit

:wq!

Allow port 3128 on the firewall

# firewall-cmd --add-port=3128/tcp --permanent
# systemctl restart firewalld

Open up ports so you can actually connect to it 🙂

# iptables -A INPUT -s 192.168.0.0/24 -p tcp --dport 3128 -j ACCEPT
# iptables -A INPUT -p tcp --dport 3128 -j DROP
# iptables -A OUTPUT -d 192.168.0.0/24 -p tcp --sport 3128 -j ACCEPT
# iptables -A OUTPUT -p tcp --sport 3128 -j DROP

Start that shit up

# service squid start

If you’re permnanent

chkconfig squid on

Add your IP of your squid proxy to your browser listening on 3128 and you are rocking! Enjoy!

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s