This article demonstrates how to install and configure a Squid proxy along with a WPAD to assist with client configuration. Paths to configuration files may vary between system types. Both http and https will work through this proxy. We’re going to install the Squid proxy and Apache web server on the same system.
Install Squid and Apache:
(redhat/centos)# yum install squid httpd (ubuntu)# apt install squid apache2
Edit the “/etc/squid/squid/squid.conf” file:
logformat agix %>a %>A %ul %ru %>Hs access_log /var/log/squid/access.log.simple agix # Decide what to allow (the clients) acl mylan src 172.0.0.0/255.0.0.0 http_access allow mylan http_access deny all # Enable the following to disable caching #cache deny all #cache_dir null /tmp http_port 3128 coredump_dir /var/spool/squid
Restart squid:
systemctl restart squid systemctl enable squid
Create the “/var/www/html/wpad.dat” file with the following contents:
function FindProxyForURL(url, host) {
if (host == "127.0.0.1" || isPlainHostName(host) || shExpMatch (host, "(proxy.example.com)")) {
return "DIRECT";
}
return "PROXY proxy.example.com:3128";
}
Replace “proxy.example.com” with the IP/name of the proxy server.
Restart Apache:
(redhat/centos)# systemctl restart httpd (redhat/centos)# systemctl enable httpd (ubuntu)# systemctl restart apache2 (ubuntu)# systemctl enable apache2
Make sure the firewall allows access on TCP port 3128 and 80 to the proxy/web server.
Configure your web browsers to auto configure using the URL “http://proxy.example.com/wpad.dat” and monitor the “/var/log/squid/access.log.simple” log file to see if traffic is passing through the proxy.