Setup a proxy server with Raspberry PI, Raspbian Buster Lite and Squid

What Are Proxy Servers And Why Use Them

Following Wikipedia description, “a proxy server is a server (a computer system or an application) that acts as an intermediary for requests from clients seeking resources from other servers. A client connects to the proxy server, requesting some service, such as a file, connection, web page, or other resource available from a different server and the proxy server evaluates the request as a way to simplify and control its complexity“. A descriptive picture is also showed in the same page:

Wikipedia Proxy Concept

Proxy server are useful in many contexts:

  • in Office context: to control internet traffic by blocking some websites or some keywords, to manage contact with external internet from a single point or to optimize internet bandwidth usage by caching pages at proxy level
  • in Home context: for example to control family internet access to block dangerous websites for childrens
  • in Personal use context: for example to use an anonymous connection or to bypass network ISP blocks

In this article we are going to setup a proxy server with Raspberry Pi Zero W, but this procedure applies also to other Raspberry Pi models.

What We Need

This is a very simple and cheap solution. So, hardware will be only:

  • a Raspberry Pi with its power supply (connected via WiFi)
  • a micro SD card

Step-By-Step Procedure

In this guide we are going to use default Raspbian Buster Lite as OS. Then we’ll install Squid (the most popular open source Proxy) and configure it.

I’ll configure Squid to manage access for all clients on a 192.168.1.0/24 private network to internet. You will need to modify this network depending on your needs and networking configurations.

Install OS And Squid

Start from a fresh Raspbian Buster Lite installation.

Make sure you OS is updated:

sudo apt-get update
sudo apt-get upgrade

Simply install Squid by using Raspbian repository:

sudo apt-get install squid

At installation end, check that squid service is active:

sudo systemctl status squid.service

and you should see the following:

● squid.service – Squid Web Proxy Server
Loaded: loaded (/lib/systemd/system/squid.service; enabled; vendor preset: enabled)
Active: active (running) since Sun 2019-09-29 11:46:06 BST; 1min 39s ago
Docs: man:squid(8)
Main PID: 5481 (squid)
Memory: 11.9M
CGroup: /system.slice/squid.service
├─5481 /usr/sbin/squid -sYC
├─5483 (squid-1) –kid squid-1 -sYC
├─5486 (logfile-daemon) /var/log/squid/access.log
└─5500 (pinger)

Configure Squid

Squid file and locations you should be aware of are:

  • Squid configuration file: /etc/squid/squid.conf
  • Squid Access log: /var/log/squid/access.log
  • Squid Cache log: /var/log/squid/cache.log

Edit configuration file:

sudo nano /etc/squid/squid.conf

in this file I’ll leave the default port used from clients to use proxy. If you want to change it, identify and edit the following line:

http_port 3128

to restrict networks allowed to use squid proxy, I will comment all lines starting with “acl localnet src” just by adding an ashtag (#) at the start of line. I’m going to allow my network by typing the following configuration line:

acl localnet src 192.168.1.0/24

Finally identify default rule which is blocking http access:

http_access deny all

and change it to:

http_access allow all

to start using your Squid proxy server.

Close and save the file. Restart Squid service:

sudo systemctl restart squid.service

Configure Your Client To Use Proxy Server

Now you need to configure you client to use proxy server for internet connections. You have to check this depending on your client OS. For example, on Windows clients you should go on Settings -> Network & Internet -> Proxy. Move On “Use a proxy server” switch and insert your RPI IP address in address field and 3128 in port field.

Close and open again your browser. Now you are using your Squid proxy.

 

Enjoy!

Please follow and like us:
error