Install Squid Proxy Server on CentOS / Redhat enterprise Linux 5

by on August 30, 2007 · 64 comments· LAST UPDATED February 24, 2008

in , ,

I've already wrote about setting up a Linux transparent squid proxy system. However I'm getting lots of questions about Squid basic installation and configuration:

How do I install Squid Proxy server on CentOS 5 Liinux server?

Sure Squid server is a popular open source GPLd proxy and web cache. It has a variety of uses, from speeding up a web server by caching repeated requests, to caching web, name server query , and other network lookups for a group of people sharing network resources. It is primarily designed to run on Linux / Unix-like systems. Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools.

Install Squid on CentOS / RHEL 5

Use yum command as follows:
# yum install squid
Output:

Loading "installonlyn" plugin
Setting up Install Process
Setting up repositories
Reading repository metadata in from local files
Parsing package install arguments
Resolving Dependencies
--> Populating transaction set with selected packages. Please wait.
---> Package squid.i386 7:2.6.STABLE6-4.el5 set to be updated
--> Running transaction check
Dependencies Resolved
=============================================================================
 Package                 Arch       Version          Repository        Size
=============================================================================
Installing:
 squid                   i386       7:2.6.STABLE6-4.el5  updates           1.2 M
Transaction Summary
=============================================================================
Install      1 Package(s)
Update       0 Package(s)
Remove       0 Package(s)
Total download size: 1.2 M
Is this ok [y/N]: y
Downloading Packages:
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing: squid                        ######################### [1/1]
Installed: squid.i386 7:2.6.STABLE6-4.el5
Complete!

Squid Basic Configuration

Squid configuration file located at /etc/squid/squid.conf. Open file using a text editor:
# vi /etc/squid/squid.conf
At least you need to define ACL (access control list) to work with squid. The defaults port is TCP 3128. Following example ACL allowing access from your local networks 192.168.1.0/24 and 192.168.2.0/24. Make sure you adapt to list your internal IP networks from where browsing should be allowed:
acl our_networks src 192.168.1.0/24 192.168.2.0/24
http_access allow our_networks

Save and close the file. Start squid proxy server:
# chkconfig squid on
# /etc/init.d/squid start

Output:

init_cache_dir /var/spool/squid... Starting squid: .       [  OK  ]

Verify port 3128 is open:
# netstat -tulpn | grep 3128
Output:

tcp        0      0 0.0.0.0:3128                0.0.0.0:*                   LISTEN      20653/(squid)

Open TCP port 3128

Finally make sure iptables is allowing to access squid proxy server. Just open /etc/sysconfig/iptables file:
# vi /etc/sysconfig/iptables
Append configuration:
-A RH-Firewall-1-INPUT -m state --state NEW,ESTABLISHED,RELATED -m tcp -p tcp --dport 3128 -j ACCEPT
Restart iptables based firewall:
# /etc/init.d/iptables restart
Output:

Flushing firewall rules:                                   [  OK  ]
Setting chains to policy ACCEPT: filter                    [  OK  ]
Unloading iptables modules:                                [  OK  ]
Applying iptables firewall rules:                          [  OK  ]
Loading additional iptables modules: ip_conntrack_netbios_n[  OK  ]

Client configuration

Open a webbrowser > Tools > Internet option > Network settings > and setup Squid server IP address and port # 3128.

See also

You may find our previous squid tips useful:

Squid Security and blocking content Related Tips

Squid Authentication Related Tips

Squid Other Tips

TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!

{ 64 comments… read them below or add one }

1 manivannanan September 14, 2007 at 9:24 am

i need linux el e 5 ,how to configure cui mode in

example el 4 netconfig ip ,subnet,gateway

but same command not working in el 5 kindly send to me command

Reply

2 Pkhunter September 17, 2007 at 3:02 pm

Hi,

I just need to use Squid as a cache for Apache’s requests, not for any filtering or such. Is there anyway I can set it up on CentOS?

Thanks!

Reply

3 jessica koh October 4, 2007 at 3:56 pm

thanks for the tutorial.

Now, I got everything working. I am trying to browse google.com using newly configure proxy. I get the below error

“The requested URL could not be retrieved”

Access Denied.

How can I go about this? Thank you.

Reply

4 Abdur Rob Mian May 12, 2010 at 3:57 am
# yum install squid
Loading "installonlyn" plugin
Setting up Install Process
Setting up repositories
Reading repository metadata in from local files
Parsing package install arguments
Resolving Dependencies
--> Populating transaction set with selected packages. Please wait.
---> Package squid.i386 7:2.6.STABLE6-4.el5 set to be updated
--> Running transaction check
Dependencies Resolved
=============================================================================
 Package                 Arch       Version          Repository        Size
=============================================================================
Installing:
 squid                   i386       7:2.6.STABLE6-4.el5  updates           1.2 M
Transaction Summary
=============================================================================
Install      1 Package(s)
Update       0 Package(s)
Remove       0 Package(s)
Total download size: 1.2 M
Is this ok [y/N]: y
Downloading Packages:
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing: squid                        ######################### [1/1]
Installed: squid.i386 7:2.6.STABLE6-4.el5
Complete!
# vi /etc/squid/squid.conf
At least you need to define ACL (access control list) to work with squid. The defaults port is TCP 3128. Following example ACL allowing access from your local networks 192.168.1.0/24 and 192.168.2.0/24. Make sure you adapt to list your internal IP networks from where browsing should be allowed:
acl our_networks src 192.168.1.0/24 192.168.2.0/24
http_access allow our_networks
Save and close the file. Start squid proxy server:
# chkconfig squid on
# /etc/init.d/squid start
Output:
tcp        0      0 0.0.0.0:3128                0.0.0.0:*
Finally make sure iptables is allowing to access squid proxy server. Just open /etc/sysconfig/iptables file:
# vi /etc/sysconfig/iptables
Append configuration:
-A RH-Firewall-1-INPUT -m state --state NEW,ESTABLISHED,RELATED -m tcp -p tcp --dport 3128 -j ACCEPT
Restart iptables based firewall:
# /etc/init.d/iptables restart
Output:
Flushing firewall rules:                                   [  OK  ]
Setting chains to policy ACCEPT: filter                    [  OK  ]
Unloading iptables modules:                                [  OK  ]
Applying iptables firewall rules:                          [  OK  ]
Loading additional iptables modules: ip_conntrack_netbios_n[  OK  ]

Reply

5 Aditya June 18, 2011 at 5:17 am

“-A RH-Firewall-1-INPUT -m state –state NEW,ESTABLISHED,RELATED -m tcp -p tcp –dport 3128 -j ACCEPT ”

I appended this to last of Iptables before COMMIT but when restarting iptables giving error on line 18( same line no. where I entered above lines

Please suggest

Reply

6 Eden March 6, 2014 at 9:24 am

I got the message stating that there’s no package available for squirrelmail.How will I resolve it?

Reply

7 kunal October 7, 2007 at 7:03 am

How to set up reverse squid proxy server2.6 on CentOS

Reply

8 Kunal October 27, 2007 at 2:11 pm

how to install Squid reverse proxy2.6 on CentOS

Reply

9 kunal December 10, 2007 at 12:20 pm

how to install and configure reverse squid proxy for caching images for a long time and please explain refresh_pattern of squid and how to use it in Reverse Squid Proxy.

Reply

10 shankar kumar April 9, 2008 at 1:11 pm

iam shankar kumar from bangalore. i have problem in dansgaudian problem how to configure dansguardian with squid and how to block downloading and uploding and some websites i want to block

Reply

11 Ananda Bhattacharjee June 7, 2008 at 6:30 am

Hello everybody,
Can any body tell me how to block or restrict web sites via squid i386 7:2.6.STABLE6-4.el5 and is it possible to enable content filtering in squid if yes please tell me the steps to.

Thanking You
Ananda Bhattacharjee.
ananda.bhattacharjee@gmail.com

Reply

12 ASP Consultant June 23, 2008 at 7:38 am

how to install squid guard on centos? how to block all external ip and allow some specific one from network?

Reply

13 hasan July 14, 2008 at 4:29 am

i want a brief method to install squid on CentOS 4.3 final….with trouble shooting..send me e books or physical magazine to my home address.Madina Mobiles Chowke Farooq-e-Azam Peco road link Multan road Lahore Pakistan.

Reply

14 Ritesh July 17, 2008 at 11:57 am

Hi!I m Ritesh,
I just want to know what are the proceedures to configure transparent suqid proxy server.can anyone help?

Reply

15 Andy July 26, 2008 at 7:27 pm

Hello, I get an error when I tried to do the command /etc/init.d/iptables restart, here was the output I received:

[root@andydaykin ~]# /etc/init.d/iptables restart
Flushing firewall rules: [ OK ]
Setting chains to policy ACCEPT: mangle filter [ OK ]
Unloading iptables modules: [ OK ]
Applying iptables firewall rules: iptables-restore: line 1 failed
[FAILED]

Reply

16 galleline January 5, 2011 at 9:23 am

same problem here

Reply

17 Mohamed August 31, 2013 at 12:40 am

same problem, did you manage to solve this problem?

Reply

18 Chris March 26, 2014 at 5:36 pm

The writer failed to mention that you need to establish the firewall filter. Add this line directly beneath :OUTPUT ACCEPT [0:0]

:RH-Firewall-1-INPUT – [0:0]

Reply

19 Rabinarayan Nayak August 21, 2008 at 5:25 pm

Hello Sir,
I am rabi from orissa.first time i am installing linux and squid. plz give me details how to install and configure squid in linux server.

Reply

20 mahesh September 12, 2008 at 6:39 am

Plz tell me how to install squid in red hat ver5.

Reply

21 nilay December 10, 2008 at 11:08 am

hello,
red hat proxy use3128 port , is it tcp or udp port?

Reply

22 M.AMJAD July 21, 2013 at 8:18 am

for squid it can be use as a tcp as will as udp, \
for other apps its a tcp.

Reply

23 anbu January 18, 2009 at 7:09 am

i need 2 block particular websites on Konqueror browser ,,,squid server working fine but Konqueror not supporing,it blocks all website instead of few web sites, pls help….

Reply

24 Madness January 27, 2009 at 8:01 pm

Hi
Grand THNX for the tutorial.
But further to i´d like to use Squid as a cache for different requests, not only for filtering. How can I set it up or any URL how to do that?
Thnx

Reply

25 PrzemeQ February 11, 2009 at 4:48 pm

Hi! i need patches to install this programme’s but on the squidy

Reply

26 Nitin Shende February 17, 2009 at 12:24 pm

I want to block some websites . What are the configuration on Redhat Linux 4 squid file?

Reply

27 Jai prakash sukhwal February 17, 2009 at 1:07 pm

Sir,
I want to run to IP in my network one for broad band and second for RF connetivity.
Please tell me what i have to do on linux server 5.0.
Plz responce me soon.
Thanks & Regards

Reply

28 satyajeet tripathi March 7, 2009 at 7:38 am

sir,
I am making a squid proxy server.but a error given when i execute a command service squid start and error is
starting squid: /etc/init.d/squid: line 53: 6522.aborted $ squid_opts>>/var/log/squid/squid.out2>&1 [failed]

plz solve my problem early
Thanks & Regards

Reply

29 Sathish December 9, 2011 at 6:08 am

Hello
Check permissions on cache directory. The premissions should be read and write

Reply

30 amit March 19, 2009 at 6:33 am

I want to block some websites . What are the configuration on Redhat Linux 4 squid file?

Reply

31 Jaganathan April 11, 2009 at 7:19 pm

Hello can anyone explain about squid in detail & how to configure in linux

Reply

32 ROSHAN JALNDHARA May 1, 2009 at 8:48 am

plg send me sharing in internet linux&window

Reply

33 anurag May 4, 2009 at 5:17 pm

when i try to start squid services i got the error
init_cache_dir /var/spool/squid… /etc/init.d/squid: line 54: 5415 Aborted $SQUID -z -F -D >>/var/log/squid/squid.out 2>&1
Starting squid: /etc/init.d/squid: line 53: 5416 Aborted $SQUID $SQUID_OPTS >>/var/log/squid/squid.out 2>&1
[FAILED]

can anyone help me out…..

Reply

34 master May 4, 2010 at 4:13 am

your visible_hostname ????

Reply

35 siyolka June 3, 2009 at 5:55 am

pls some one send me the full guide of Red hat enterprise Linux 5. coz i’ll try it several times but i cant manage it

Reply

36 PALANIVEL June 22, 2009 at 9:15 am

MY SERVER IS RUNNING RHEL-5 .I HAVE CONFIGURED SQUID PROXY SERVER IN RHEL-5. THE DNS SERVER IP IS PINGING.AND GATEWAY ALSO PING . BUT ANY ONE DOMAIN SERVER NOT PING IN MY SERVER. THE ERROE MESSAGE IS UNKNOWN HOST http://WWW.GOOGLE.COM.
PLEASE GIVE ME THE SOLUTION

WITH REGARDS

R.PALANIVEL
CHENNAI

Reply

37 Suprobhat September 4, 2009 at 10:24 am

This method really workable….I had done by this and its working properly….

Reply

38 rajesh September 25, 2009 at 5:20 am

i install all redhat 5 series cds
what is the next setup of install squid proxy server
i required some sites are denayed

Reply

39 Ownvels October 2, 2009 at 4:54 am

Small Mistake Then (55) line missing
Install Squid on CentOS / RHEL 5

Use yum command as follows:

# yum install squid

Output:

Loading “installonlyn” plugin
Setting up Install Process
Setting up repositories
Reading repository metadata in from local files
Parsing package install arguments
Resolving Dependencies
–> Populating transaction set with selected packages. Please wait.
—> Package squid.i386 7:2.6.STABLE6-4.el5 set to be updated
–> Running transaction check

Dependencies Resolved

=============================================================================
Package Arch Version Repository Size
=============================================================================
Installing:
squid i386 7:2.6.STABLE6-4.el5 updates 1.2 M

Transaction Summary
=============================================================================
Install 1 Package(s)
Update 0 Package(s)
Remove 0 Package(s)

Total download size: 1.2 M
Is this ok [y/N]: y
Downloading Packages:
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing: squid ######################### [1/1]

Installed: squid.i386 7:2.6.STABLE6-4.el5
Complete!

Squid Basic Configuration

Squid configuration file located at /etc/squid/squid.conf. Open file using a text editor:
# vi /etc/squid/squid.conf
At least you need to define ACL (access control list) to work with squid. The defaults port is TCP 3128. Following example ACL allowing access from your local networks 192.168.1.0/24 and 192.168.2.0/24. Make sure you adapt to list your internal IP networks from where browsing should be allowed:
acl our_networks src 192.168.1.0/24 192.168.2.0/24
http_access allow our_networks
http_access allow all
Save and close the file. Start squid proxy server:
# chkconfig squid on
# /etc/init.d/squid start
Output:

init_cache_dir /var/spool/squid… Starting squid: . [ OK ]

Verify port 3128 is open:
# netstat -tulpn | grep 3128
Output:

tcp 0 0 0.0.0.0:3128 0.0.0.0:* LISTEN 20653/(squid)

Open TCP port 3128

Finally make sure iptables is allowing to access squid proxy server. Just open /etc/sysconfig/iptables file:
# vi /etc/sysconfig/iptables
Append configuration:
-A RH-Firewall-1-INPUT -m state –state NEW,ESTABLISHED,RELATED -m tcp -p tcp –dport 3128 -j ACCEPT
Restart iptables based firewall:
# /etc/init.d/iptables restart
Output:

Flushing firewall rules: [ OK ]
Setting chains to policy ACCEPT: filter [ OK ]
Unloading iptables modules: [ OK ]
Applying iptables firewall rules: [ OK ]
Loading additional iptables modules: ip_conntrack_netbios_n[ OK ]

Client configuration

Open a webbrowser > Tools > Internet option > Network settings > and setup Squid server IP address and port # 3128.

Reply

40 Rohan Rote November 3, 2009 at 11:33 am

I have configured a squid server in the college. The client nodes are also configured in rhel 5. But they are facing problem while logging in with gmail and yahoo. But at the same time the windows clients are accessing gmail as well as yahoo. Is there any problem with the Mozilla 3 beta 5 version or is there any other problem ? Please help me to solve this problem.

Reply

41 ranjitdo November 15, 2009 at 8:22 pm

how can i activate squid for 5 ips i have ?

Reply

42 www.udiniqgeek.com December 12, 2009 at 7:28 am

Sir,

Thank for this tutorial … its very2 good . Good Luck !

Reply

43 Ravi January 23, 2010 at 5:56 am

i wanna know how to configure the proxy server on linux os?

Reply

44 Ravi Gowda January 28, 2010 at 8:51 am

how to configure dhcp server in centos linux…

Reply

45 Tefi February 28, 2010 at 7:49 pm

Sir ,
I wanna know how to configure Squidguard 1.2 in redhat el5 ?

Reply

46 Ferdaus March 25, 2010 at 11:04 am

I am Ferdaus. I want to know why IP Tables do not save.

Reply

47 zjhack April 8, 2010 at 5:13 pm

hi im zjhack and im using centos5. i wonder how to use squid for site restriction. i want to restrict some site and allow only the sites that my cousin can use to their studies..

pls help me thx
zjhack

Reply

48 Sandeep Hegde April 17, 2010 at 12:49 pm

How about solving this error?

Error: the proxy server (Squid) is not configured to allow SSL tunnel to port 80.
To fix the problem please find and comment the following line in the Squid
configuration file (squid.conf):
http_access deny CONNECT !SSL_ports

Reply

49 wasim May 1, 2010 at 7:05 am

hi
i want learn more squid proxy server.
i want learn how to install squid.
and how to work on them

Reply

50 amirthalingam August 6, 2010 at 7:50 am

hi
i want step by step configuration of squid proxy server in redhat linux 5.

Reply

51 gani October 30, 2010 at 7:42 am

This command did not work and I was unable to view even http://www.google.com also.
[root@sys1 ~]# service iptables restart
Applying iptables firewall rules: iptables-restore: line 1 failed
[FAILED]
[root@sys1 ~]# cat /etc/sysconfig/iptables
-A RH-Firewall-1-INPUT -m state –state NEW,ESTABLISHED,RELATED -m tcp -p tcp –dport 3128 -j ACCEPT
[root@sys1 ~]#

What shoud I do now??

Reply

52 mahesh March 3, 2011 at 11:49 am

i cont intall squid my system.. wat is the main problem….

Reply

53 swafoman March 22, 2011 at 1:28 am

Thank you so much for such a clear and simple set of instructions.
This REALLY made my day.
Got it all installed and up and running in no time.

Thanks.

Reply

54 chetan March 28, 2011 at 7:14 am

thank you so much,,,,,,,,,,,,

for give easy ways of understanding,,,,,,,,,,,,,,,,,,,,,

Reply

55 vinod April 19, 2011 at 7:25 am

how to block some site in our network with the help of squid.
how to put webaddress in squid.conf ?
how to give special host permission for some machine for login gmail.com ?
can u help me

Reply

56 Prashant May 16, 2011 at 12:39 pm

Hello,

I have installed Squid Proxy server( as per the procedure given on your website) for internet access in our LAN. But after configuring IE for using proxy server, the users are not able to get access to Internal SAP Servers. Tried with option “Bypass Proxy for local ..” but didnt work.
Can anyone help?

Reply

57 sunil July 7, 2011 at 6:11 am

hello sir
can please help me i have one public ip address i want share in different private ip in redhat 5.0 linux how i do it please help me and also i block some websit
my public ip is 210.212.11.130 and my private ip is 192.168.2.1-192.168.2.200
please tell me how i config dhcp,and squid

Reply

58 Imran Haider September 5, 2011 at 10:25 am

how to block particular site on squid server like facebook. All site should open by squid in network but not facebook

Reply

59 Techno September 6, 2011 at 7:38 am

Just finished installing squid on my VPS. Thanks for the post.

Reply

60 jose November 24, 2011 at 5:46 pm

Hello, I get an error when I tried to do the command /etc/init.d/iptables restart, here was the output I received:

[root@andydaykin ~]# /etc/init.d/iptables restart
Flushing firewall rules: [ OK ]
Setting chains to policy ACCEPT: mangle filter [ OK ]
Unloading iptables modules: [ OK ]
Applying iptables firewall rules: iptables-restore: line 1 failed
[FAILED]

Reply

61 Rakesh chaudhary July 12, 2012 at 5:40 am

This is very nice site, i tryted last 15 days to configure transparent proxy but not created than i will read this side finalally i create transparent proxy in Redhat linux 5
so i again thank u for this web site.

Reply

62 Jacques March 31, 2013 at 11:14 am

TIP: I create a proxy on my home network behind the firewall listening on localhost:3128. And then I punch a hole through the firewall remotely using ssh to connect to the proxy when I’m away and need to connect to geolocation blocked services.

ssh -L 3128:localhost:3128 my.home.network.org

Then I setup my proxy on my lappie to point to localhost:3128 and voila!

Reply

63 vivek October 24, 2013 at 9:37 am

Hi Vivek,

Can u help me to block https (443) in transparent squid proxy in 3.2.7
Basically i need to block facebook.im using centos

Reply

64 ronnie April 29, 2014 at 9:30 am

when i try restarting squid it gives me this error please help

root@localhost STUDENT1]# /etc/init.d/squid restart
Stopping squid: 2014/04/29 02:26:36| WARNING: Netmasks are deprecated. Please use CIDR masks instead.
2014/04/29 02:26:36| WARNING: IPv4 netmasks are particularly nasty when used to compare IPv6 to IPv4 ranges.
2014/04/29 02:26:36| WARNING: For now we will assume you meant to write /0
……………. [ OK ]
Starting squid: . [ OK ]

Reply

Leave a Comment

Tagged as: , , , , , , , , , , ,

Previous post:

Next post: