Transparent Squid Cache Proxy Server Configuration in 5 easy steps on CentOS / RHEL / Fedora Core / Scientific Linux

Transparent Squid Cache Proxy Server Configuration in 5 easy steps on CentOS / RHEL / Fedora Core / Scientific Linux

Configure Transparent Squid cache proxy in 5 Easy Steps on CentOS RHEL Fedora Scientific Linux   

Step 1

[root@squid-server ~]#vim /etc/sysctl.conf
# Controls IP packet forwarding
net.ipv4.ip_forward = 1 #### If it is 0 make it 1 for packet forwarding ####
wq!
[root@squid-server ~]#sysctl -p

Step 2

[root@squid-server ~]#yum install -y squid
[root@squid-server ~]#vim /etc/squid/squid.conf
search these options using / and edit as required
http_port 192.168.1.254:3128 transparent      #### 192.168.1.254 is squid server's ip###
acl our_networks src 192.168.1.0/24
http_access allow our_networks
cache_dir ufs  /var/spool/squid/ 1000 32 256 ##### cache directories must be at /var/spool/squid #####
visible_hostname squidserver-myorg.com
wq!
[root@squid-server ~]#squid -z
[root@squid-server ~]# service squid start

Step 3

[root@squid-server ~]#iptables -F
[root@squid-server ~]#iptables -t nat -A PREROUTING -p tcp -i eth0 –dport 80 -j REDIRECT –to-port 3128
[root@squid-server ~]#iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
[root@squid-server ~]#service iptables save

 

Step 4

[root@squid-server ~]#modprobe ip_conntrack_ftp
[root@squid-server ~]#modprobe ip_nat_ftp
[root@squid-server ~]#chkconfig squid on
[root@squid-server ~]#chkconfig iptables on

Final Step 5

 

Now add all rules into RC Local file to start these rules at booting time of Linux Machine 

[root@squid-server ~]# vi /etc/rc.local
#!/bin/sh
 #
 # This script will be executed *after* all the other init scripts.
 # You can put your own initialization stuff in here if you don't
 # want to do the full Sys V style init stuff.
touch /var/lock/subsys/local
service squid start
iptables -F
iptables -t nat -F
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 3128
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
#Load FTP module
#modprobe ip_conntrack_ftp
#modprobe ip_nat_ftp
modprobe ip_conntrack_ftp
modprobe ip_nat_ftp
wq!
Please make sure the clients should be configured to use Squid server as Gateway IP for accessing Internet