Squid
From LinuxReviews
Jump to navigationJump to search
Squid is a software proxy server and web caching daemon which can be used as a web proxy for browsing the Internet and a reverse proxy to take load off web-servers.
Web proxy[edit]
Squid can be used as a personal web proxy cache to reduce bandwidth consumption. This is specially nice if you have little bandwidth. Squid leaks too much information. This configuration will allow you to use Squid together with Privoxy.
The chain will go Browser -> Squid -> Privoxy (-> Tor) -> Websites you visit
File: /etc/squid/squid.conf
httpd_accel_port 3128 httpd_accel_host virtual httpd_accel_with_proxy on httpd_accel_uses_host_header on cache_peer localhost parent 8118 7 no-query default header_access Via deny all header_access From deny all forwarded_for off
File: /etc/privoxy/config
listen-address 127.0.0.1:8118 forward-socks4a / 127.0.0.1:9050 .
Transparent proxy[edit]
Using iptables:
INTF=eth1 # internal network interface ONTF=eth0 # external default route / public interface
File: iptables config script
$IPTABLES -A FORWARD -i $INTIF -o $EXTIF -p tcp -m state --state ESTABLISHED,RELATED -j ACCEPT $IPTABLES -t nat -A PREROUTING -i $INTIF -p tcp --dport 80 -j REDIRECT --to 3128
This configuration may leak DNS requests, so you may want a rule which prevents this:
File: iptables config script
$IPTABLES -t nat -A PREROUTING -i $INTIF -p udp --dport 53 -j REDIRECT --to 65533
..where 65533 is where dns-proxy-tor is listening.