≡ Menu

Linux Iptables allow SQUID proxy incoming client request

SQUID is a high‐performance proxy caching server for web clients, supporting FTP, gopher, and HTTP data objects etc. By default it listen on TCP 3128 port. Following iptables rules allows SQUID incoming client request (open TCP port 3128) for server IP address
iptables -A INPUT -p tcp -s 0/0 –sport 1024:65535 -d –dport 3128 -m state –state NEW,ESTABLISHED -j ACCEPT

iptables -A OUTPUT -p tcp -s –sport 3128 -d 0/0 –dport 1024:65535 -m state –state ESTABLISHED -j ACCEPT

Share this on:
{ 14 comments… add one }
  • suhail ahmad December 1, 2006, 11:41 pm


    how r u.my proluem is i want linux squid proxy server + linux firewall and dhcpd server configur name and mac address based.kindly send me mac address


  • Shahbaz February 26, 2007, 1:08 pm

    plz sir I install linux AS 3 squid is run proprely but Transparent Proxy not run plz sir give me detail information on Transparent Proxy and configuration.



  • Ez April 30, 2007, 11:02 pm


    Both of you dear Contact me at my email address ejaz@beaconet.net

    its a simple and easy configuration ok

    take care

  • rajesh October 28, 2007, 4:51 am

    hi sir some sites not open my local DNS iam useing linux server not open some sites

  • ajay December 28, 2007, 1:42 pm

    i did install a squid proxy server (white box)

    but how to connect a system with this proxy server while the client system ” white box ” in text mode

  • Atif January 19, 2008, 7:23 am

    I want to configure squid as a linux server to sharing of net on xp machine as a client.
    Plz tell me about squid configuration on linux server and xp client.

  • pranav vikash June 5, 2008, 5:05 pm

    sir m using squid for non-transparent proxy server with iptable .plz tell how i will configure it .m using squid 2.6.19 stable

  • Gopionathan February 6, 2009, 6:19 am

    Sir, still iam now using Advanced Server 2. but I am now tray to stable
    2.6 how to configure proxy server and how working in internet ….

  • bimolendu March 23, 2009, 1:03 pm

    Dear sir how can I restrict to browse some sites from my local network using proxy server and how can I configur to all my user control from proxy server?

  • Fernando July 1, 2009, 9:24 pm

    Dear Sir, how to configure the proxy server to allow access to a single site to all clients on my network ?
    Thanks in advance.

  • imran April 19, 2011, 7:02 am

    i am connected internet connection through fedora13 in iptables,
    some web sites are blocking in ip tables, i have accept this website only my pc.

  • steve June 4, 2014, 8:39 am

    tested. not working on centos.

    • steve June 4, 2014, 8:49 am

      Squid doesn’t talk to the internet on 3128. It listens on 3128. So you have to remove –sport 3128 from your OUTPUT chain.

      [you] (random high port) >=====> (3128) [squid]
      [squid] (random high port) >=====> (80) [internet]

      • steve June 4, 2014, 8:50 am

        Also the connection it’s making on your behalf is NEW.

Security: Are you a robot or human?

Leave a Comment