Linux Iptables allow SQUID proxy incoming client request

last updated in Categories News

SQUID is a high‐performance proxy caching server for web clients, supporting FTP, gopher, and HTTP data objects etc. By default it listen on TCP 3128 port. Following iptables rules allows SQUID incoming client request (open TCP port 3128) for server IP address 202.54.1.20:
iptables -A INPUT -p tcp -s 0/0 –sport 1024:65535 -d 202.54.1.20 –dport 3128 -m state –state NEW,ESTABLISHED -j ACCEPT

iptables -A OUTPUT -p tcp -s 202.54.1.20 –sport 3128 -d 0/0 –dport 1024:65535 -m state –state ESTABLISHED -j ACCEPT

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.

14 comment

  1. sir,

    how r u.my proluem is i want linux squid proxy server + linux firewall and dhcpd server configur name and mac address based.kindly send me mac address
    configuration.

    Thanx

  2. plz sir I install linux AS 3 squid is run proprely but Transparent Proxy not run plz sir give me detail information on Transparent Proxy and configuration.

    Thanks

    Shahbaz

  5. i did install a squid proxy server (white box)

    but how to connect a system with this proxy server while the client system ” white box ” in text mode

  6. Hello
    I want to configure squid as a linux server to sharing of net on xp machine as a client.
    Plz tell me about squid configuration on linux server and xp client.
    Thanks

  7. hi
    sir m using squid for non-transparent proxy server with iptable .plz tell how i will configure it .m using squid 2.6.19 stable

  8. Sir, still iam now using Advanced Server 2. but I am now tray to stable
    2.6 how to configure proxy server and how working in internet ….

  9. Dear sir how can I restrict to browse some sites from my local network using proxy server and how can I configur to all my user control from proxy server?

  10. Dear Sir, how to configure the proxy server to allow access to a single site to all clients on my network ?
    Thanks in advance.

  11. sir,
    i am connected internet connection through fedora13 in iptables,
    some web sites are blocking in ip tables, i have accept this website only my pc.

    1. Squid doesn’t talk to the internet on 3128. It listens on 3128. So you have to remove –sport 3128 from your OUTPUT chain.

      [you] (random high port) >=====> (3128) [squid]
      [squid] (random high port) >=====> (80) [internet]

    Have a question? Post it on our forum!