Install Squid Proxy Server on CentOS / Redhat enterprise Linux 5

I’ve already wrote about setting up a Linux transparent squid proxy system. However I’m getting lots of questions about Squid basic installation and configuration:

How do I install Squid Proxy server on CentOS 5 Liinux server?

Sure Squid server is a popular open source GPLd proxy and web cache. It has a variety of uses, from speeding up a web server by caching repeated requests, to caching web, name server query , and other network lookups for a group of people sharing network resources. It is primarily designed to run on Linux / Unix-like systems. Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools.

Install Squid on CentOS / RHEL 5

Use yum command as follows:
# yum install squid
Output:

Loading "installonlyn" plugin
Setting up Install Process
Setting up repositories
Reading repository metadata in from local files
Parsing package install arguments
Resolving Dependencies
--> Populating transaction set with selected packages. Please wait.
---> Package squid.i386 7:2.6.STABLE6-4.el5 set to be updated
--> Running transaction check

Dependencies Resolved

=============================================================================
 Package                 Arch       Version          Repository        Size
=============================================================================
Installing:
 squid                   i386       7:2.6.STABLE6-4.el5  updates           1.2 M

Transaction Summary
=============================================================================
Install      1 Package(s)
Update       0 Package(s)
Remove       0 Package(s)

Total download size: 1.2 M
Is this ok [y/N]: y
Downloading Packages:
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing: squid                        ######################### [1/1]

Installed: squid.i386 7:2.6.STABLE6-4.el5
Complete!

Squid Basic Configuration

Squid configuration file located at /etc/squid/squid.conf. Open file using a text editor:
# vi /etc/squid/squid.conf
At least you need to define ACL (access control list) to work with squid. The defaults port is TCP 3128. Following example ACL allowing access from your local networks 192.168.1.0/24 and 192.168.2.0/24. Make sure you adapt to list your internal IP networks from where browsing should be allowed:
acl our_networks src 192.168.1.0/24 192.168.2.0/24
http_access allow our_networks

Save and close the file. Start squid proxy server:
# chkconfig squid on
# /etc/init.d/squid start

Output:

init_cache_dir /var/spool/squid... Starting squid: .       [  OK  ]

Verify port 3128 is open:
# netstat -tulpn | grep 3128
Output:

tcp        0      0 0.0.0.0:3128                0.0.0.0:*                   LISTEN      20653/(squid)

Open TCP port 3128

Finally make sure iptables is allowing to access squid proxy server. Just open /etc/sysconfig/iptables file:
# vi /etc/sysconfig/iptables
Append configuration:
-A RH-Firewall-1-INPUT -m state --state NEW,ESTABLISHED,RELATED -m tcp -p tcp --dport 3128 -j ACCEPT
Restart iptables based firewall:
# /etc/init.d/iptables restart
Output:

Flushing firewall rules:                                   [  OK  ]
Setting chains to policy ACCEPT: filter                    [  OK  ]
Unloading iptables modules:                                [  OK  ]
Applying iptables firewall rules:                          [  OK  ]
Loading additional iptables modules: ip_conntrack_netbios_n[  OK  ]

Client configuration

Open a webbrowser > Tools > Internet option > Network settings > and setup Squid server IP address and port # 3128.

See also

You may find our previous squid tips useful:

Squid Security and blocking content Related Tips

Squid Authentication Related Tips

Squid Other Tips
🐧 If you liked this page, please support my work on Patreon or with a donation.
🐧 Get the latest tutorials on SysAdmin, Linux/Unix, Open Source & DevOps topics via:

CategoryList of Unix and Linux commands
File Managementcat
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network Utilitiesdig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
65 comments… add one
  • Mandar Jan 7, 2015 @ 11:30

    I faced following error after I installed squid as per the guide:

    WARNING: Could not determine this machines public hostname. Please configure one or set ‘visible_hostname’.

    To resolve it, just mention your hostname in front of ‘visible_hostname’ in the ‘squid.conf’ file and everything will work perfectly.

  • ronnie Apr 29, 2014 @ 9:30

    when i try restarting squid it gives me this error please help

    root@localhost STUDENT1]# /etc/init.d/squid restart
    Stopping squid: 2014/04/29 02:26:36| WARNING: Netmasks are deprecated. Please use CIDR masks instead.
    2014/04/29 02:26:36| WARNING: IPv4 netmasks are particularly nasty when used to compare IPv6 to IPv4 ranges.
    2014/04/29 02:26:36| WARNING: For now we will assume you meant to write /0
    ……………. [ OK ]
    Starting squid: . [ OK ]

  • vivek Oct 24, 2013 @ 9:37

    Hi Vivek,

    Can u help me to block https (443) in transparent squid proxy in 3.2.7
    Basically i need to block facebook.im using centos

  • Jacques Mar 31, 2013 @ 11:14

    TIP: I create a proxy on my home network behind the firewall listening on localhost:3128. And then I punch a hole through the firewall remotely using ssh to connect to the proxy when I’m away and need to connect to geolocation blocked services.

    ssh -L 3128:localhost:3128 my.home.network.org
    

    Then I setup my proxy on my lappie to point to localhost:3128 and voila!

  • Rakesh chaudhary Jul 12, 2012 @ 5:40

    This is very nice site, i tryted last 15 days to configure transparent proxy but not created than i will read this side finalally i create transparent proxy in Redhat linux 5
    so i again thank u for this web site.

  • jose Nov 24, 2011 @ 17:46

    Hello, I get an error when I tried to do the command /etc/init.d/iptables restart, here was the output I received:

    [root@andydaykin ~]# /etc/init.d/iptables restart
    Flushing firewall rules: [ OK ]
    Setting chains to policy ACCEPT: mangle filter [ OK ]
    Unloading iptables modules: [ OK ]
    Applying iptables firewall rules: iptables-restore: line 1 failed
    [FAILED]

  • Techno Sep 6, 2011 @ 7:38

    Just finished installing squid on my VPS. Thanks for the post.

  • Imran Haider Sep 5, 2011 @ 10:25

    how to block particular site on squid server like facebook. All site should open by squid in network but not facebook

  • sunil Jul 7, 2011 @ 6:11

    hello sir
    can please help me i have one public ip address i want share in different private ip in redhat 5.0 linux how i do it please help me and also i block some websit
    my public ip is 210.212.11.130 and my private ip is 192.168.2.1-192.168.2.200
    please tell me how i config dhcp,and squid

  • Prashant May 16, 2011 @ 12:39

    Hello,

    I have installed Squid Proxy server( as per the procedure given on your website) for internet access in our LAN. But after configuring IE for using proxy server, the users are not able to get access to Internal SAP Servers. Tried with option “Bypass Proxy for local ..” but didnt work.
    Can anyone help?

  • vinod Apr 19, 2011 @ 7:25

    how to block some site in our network with the help of squid.
    how to put webaddress in squid.conf ?
    how to give special host permission for some machine for login gmail.com ?
    can u help me

  • chetan Mar 28, 2011 @ 7:14

    thank you so much,,,,,,,,,,,,

    for give easy ways of understanding,,,,,,,,,,,,,,,,,,,,,

  • swafoman Mar 22, 2011 @ 1:28

    Thank you so much for such a clear and simple set of instructions.
    This REALLY made my day.
    Got it all installed and up and running in no time.

    Thanks.

  • mahesh Mar 3, 2011 @ 11:49

    i cont intall squid my system.. wat is the main problem….

  • gani Oct 30, 2010 @ 7:42

    This command did not work and I was unable to view even http://www.google.com also.
    [root@sys1 ~]# service iptables restart
    Applying iptables firewall rules: iptables-restore: line 1 failed
    [FAILED]
    [root@sys1 ~]# cat /etc/sysconfig/iptables
    -A RH-Firewall-1-INPUT -m state –state NEW,ESTABLISHED,RELATED -m tcp -p tcp –dport 3128 -j ACCEPT
    [root@sys1 ~]#

    What shoud I do now??

  • amirthalingam Aug 6, 2010 @ 7:50

    hi
    i want step by step configuration of squid proxy server in redhat linux 5.

Leave a Reply

Your email address will not be published. Required fields are marked *

Use HTML <pre>...</pre>, <code>...</code> and <kbd>...</kbd> for code samples.