This is how you configure a transparent caching proxy server (squid) on Linux.

Make sure you have the required package installed

  • Squid-stable : Use the standard package manager to install squid. On rpm bases systems use the command
    rpm -q squid to find out if it is installed
  • Iptables : Usually installed on most linux systems

Edit the squid config file:

# vim /etc/squid/squild.conf

We will be setting up a Transparent Caching web proxy server

— under editing.

  1. Jrc

    How to set up a transparent proxy server on Linux, FreeBSD and NetBSD | Arpan Dubey Great article, exactly what I was looking for.

  2. Hi frnds i have install linux 5.0 and configure squid but there is problem in transparent squid can anybody tell me how to transparent my linux to the clint desktop My squid is working when i manually put the proxy address on internet browser.. I want to make transparent so there is no need to put the proxy on internet brower I have a broadband connection .

    1. You will need to this proxy server to be your network gateway. Set your linux 5.0 box as network gateway to all computers. The following needs to be done to do that:

      You have two lans on your linux box than the setup would be something like ->

      WEB ————– LAN_1 —- LINUX_5.0 —– LAN_2 ————- Your_Lan
      ………………. eth0 …. LINUX_5.0 —– eth1 ————– Your Lan
      ………….. . LINUX_5.0 —– —- Your Lan

      First enable the packet forwarding in Linux with the following command :

      sysctl net.ipv4.ip_forward=1

      Change the settings in the appropriate file to make it permanent or use some config tool linux system-config-network, net-setup etc that comes with your distribution.

      Use the following command to perform SNAT :

      iptables -t nat -I POSTROUTING -s -j SNAT –to-source

      By now your netrowk is working and you can access WEB without running Squid. Stop the squid service and check this. Now remove all the proxy settings that you have put manually on the browser settings and your internet should work fine without proxy (squid).

      If all is will till now, its time to make the proxy server transparent. Assuming that you are running your squid on port 8080, The following command can do the job. Remember to start squid after running this command.

      iptables -t nat -I PREROUTING -p tcp –dport 80 -j REDIRECT –to-port 8080

      Done. Cheers !!

Leave a Reply

Your email address will not be published. Required fields are marked *