Squid Proxy Server Configuration in debian


Squid is a proxy server. It separates the internal network from the Internet for HTTP and FTP access. This way no user can access the Internet directly.


The official web site is not as may be expected, but

Squid Installation

#apt-get install squid


The squid configuration can be found in /etc/squid/squid.conf


Configuration Sections Explained Below


http_port 3128
icp_port 3130
htcp_port 4827
cache_mem 16 MB
refresh_pattern . 0 20% 8640
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
# snews 563
# gopher 70
# wais 210
acl www_ports 80 443
acl ftp_ports 21
acl localhost src
acl all src
acl manager proto cache_object
acl PURGE method PURGE
http_access allow manager localhost
http_access deny manager
http_access allow PURGE localhost
http_access deny PURGE


acl executables url_regex [.]exe$
http_access deny executables
authenticate_program /usr/lib/squid/smb_auth -W DOMEIN -U SERVER
acl network proxy_auth REQUIRED
http_access allow users network
cache_peer parent 3128 7 no-query default


acl wwwusers src
http_access allow wwwusers www_ports


ftp_user [email protected]
ftp_passive off
acl ftpusers src
http_access allow ftpusers ftp_ports

Deny all

never_direct allow all
always_direct deny all
http_access deny all
icp_access allow all
miss_access allow all 

Reference links