My Squid proxy server running on port 3128. Since this is frequently scanned by adversaries looking for proxy servers; I’ve changed port to 10000 and restart squid. But my squid is not working on port # 10000 it only works on port # 3128? How do I force Squid to listen on uncommon port under CentOS Linux v5.3?

Yes, the default listening port for the Squid service is 3128. You can change it to something else to improve security.

Squid Listen on Uncommon Port

Open squid.conf file, enter:
# vi squid.conf
Use an arbitrary port such as 10000:
http port 10000
Save and close the file. Restart squid:
# service squid restart
Verify port is open:
# netstat -tulpn | grep ':10000'
You also need to update SELinux configuration. Type the following command to add a new SELinux port mapping for the Squid service:
# semanage port -a -t http_cache_port_t -p tcp 10000
semanage is used to configure certain elements of SELinux policy without requiring modification to or recompilation from policy sources. Above command will allow Squid to listen on port 10000.

Configure Squid Authentication

You can improve squid security by configuring authentication.

Squid Iptables

Edit your /etc/sysconfig/iptables file and only allow Squid access from for port # 10000:

-A RH-Firewall-1-INPUT -s -m state --state NEW -p tcp --dport 10000 -j ACCEPT

Finally, restart iptables:
# service iptables restart

🐧 Get the latest tutorials on Linux, Open Source & DevOps via RSS feed or Weekly email newsletter.

🐧 6 comments so far... add one

CategoryList of Unix and Linux commands
Disk space analyzersncdu pydf
File Managementcat
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network UtilitiesNetHogs dig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
6 comments… add one
  • Arslan Arif Apr 21, 2009 @ 20:45

    # vi /etc/ squid/squid.conf
    add this line
    http_port 10000
    squid -k reconfigure

  • jpdurai Apr 22, 2009 @ 7:24

    how to do in redhat EL4?

  • Apr 23, 2009 @ 12:02

    what about in Gentoo Linux

  • V.Balaviswanathan May 4, 2009 @ 11:05

    How to manage SElinux in Ubuntu 9.04. Please help

  • Ajido-Marujido Mar 13, 2011 @ 7:44

    make sure you have configured your firewall properly (e.g: iptables) to make the squid works..

  • Maxter Nov 19, 2014 @ 11:05

    I was bought a service that only allow a IP, the IP that i say, only one, but I need use this from more IP’s. I think that I can install in this computer a system to do a transparent proxy for redirect my socks5 requests to this IP from other IP.

    For example, I can buy a server and allow this IP in the service, and later use my home or office computer to access using the server as a tunnel.

    And I need respect the ports.

    My home IP -> Server allowed IP -> Service computer

    My home IP does a request to the IP of server (example: curl -x And my server will do a proxy to service computer (example: with the same port (50000) and the response go back to my curl response.

    How can I do this?

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre> for code samples. Still have questions? Post it on our forum