Bypassing the Network Proxy with Squid Server and Some Tweaks with Squid - IIT G
Shortcut
For IIT G squid settings there is a script made to automate the Squid Settings, but I strongly recommend not to follow this automated script for the first time you do it as you will not get to know behind the scenes of the script. So those who say "now stop talking and give me the link 😜 " Open Roopansh Bansal-Squid Script , read the readme and proceed with the script.
The Actual Process
- Improved from Sam's Blog
a) Adding Room Ip's (allowing some particular IP's)
Prior-Note: Here commands are based on the version of the Ubuntu you are using { Ubuntu 15.10 and older } or { greater version than Ubuntu 15.10 or the latest }. So please mind which command is suitable for your version.
1. Install Squid :
$ sudo apt-get install squid
For 15.10 and older version:
$ sudo apt-get install squid3
2. Edit the squid.conf file :
$ sudo gedit /etc/squid/squid.conf
For 15.10 and older version:
and then save the file.
This package contails a tool "htpaswd" which we will use later to create and update the flat-files used to store usernames and password for basic authentication of HTTP users.
Will be adding Soon.....
$ sudo gedit /etc/squid3/squid.conf
Note: gedit is just an editor, you can use anyone like vim(vim editor), subl(sublime editor).
Now delete all the content and replace it with the following content
Note: Replace the 202.141.80.24 with that of your proxy and <username> and <password> with that of yours. And Replace 10.9.3.3 with that of yours, you can also add more by giving a space between them.
acl allowed_ips src 127.0.0.1 10.9.3.3
http_access allow allowed_ips
cache_peer 202.141.80.24 parent 3128 0 default no-query proxy-only login=<username>:<password>
never_direct allow all
http_port 3128
cache_effective_user proxy
cache_effective_group proxy
and then save the file.
3.Restart the squid server :
$ sudo service squid restart
For 15.10 and older version:
$ sudo service squid3 restart
4.Change the proxy settings in Network Settings:
Change the proxy to 127.0.0.1:3128(localhost) in Network Settings.
By System Settings → Network → Network Proxy
Now you can use the IP of this computer for proxy authentication for the allowed IP's you havae kept in the squid.conf file.
Note: Allowing IP's with no proxy and using a wifi from that IP to your phone will allow some other apps to run in mobile.
By System Settings → Network → Network Proxy
Now you can use the IP of this computer for proxy authentication for the allowed IP's you havae kept in the squid.conf file.
Note: Allowing IP's with no proxy and using a wifi from that IP to your phone will allow some other apps to run in mobile.
b) Adding Authentication to your Proxy
After doing the above process follow the below steps to add the authentication for your proxy.
1. Install apache2-utils :
$ sudo apt-get install apache2-utils
2. Create the passwords file :
$ sudo touch /etc/squid/passwd
$ sudo chmod 755 /etc/squid/passwd
For 15.10 and older version:
$ sudo touch /etc/squid3/passwd
$ sudo chmod 755 /etc/squid3/passwd
3. Add username and password pair to this file :
$ sudo htpasswd /etc/squid/passwd username1
For 15.10 and older version:
Note: You can add any number of usernames and password and add restructions specifically to some usernames also.
$ sudo htpasswd /etc/squid3/passwd username1
Note: You can add any number of usernames and password and add restructions specifically to some usernames also.
4. Edit the squid.conf file:
auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/passwd
acl ncsa_users proxy_auth REQUIRED
http_access allow ncsa_users
cache_peer 202.141.80.22 parent 3128 0 default no-query proxy-only login=username:password
never_direct allow all
http_port 3128
cache_effective_user proxy
cache_effective_group proxy
For 15.10 and older version: replace "squid" with "squid3".
Note: If you want to allow some IP's with no proxy authentication add a line of allowed ip's (seperated by spaces) and allow its access as shown below.
acl allowed_ips src 127.0.0.1 10.9.X.X 10.0.X.X
http_access allow allowed_ips
auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/passwd
acl ncsa_users proxy_auth REQUIRED
http_access allow ncsa_users
cache_peer 202.141.80.22 parent 3128 0 default no-query proxy-only login=username:password
never_direct allow all
http_port 3128
cache_effective_user proxy
cache_effective_group proxy
4. Restart Squid:
$ sudo service squid restart
For 15.10 and older version:
$ sudo sevice squid3 restart
No comments:
Post a Comment