How to use squid as a local proxy switching tool
I'm currently using IE, Firefox, Chrome and Safari for browsing and testing of web apps. I also developing applications with Netbeans, Eclipse and Visual Studio.
I also travel quite a lot between clients, office and home. Each one of these locations have a different network setup and proxy settings. And the settings for HTTPS sometimes differ from the HTTP and FTP settings.
I've been searching for a very good proxy switching tool in order to switch proxies between office, clients and home. I found some network switching tools but the problem is that they do not switch the proxy settings for all my apps I'm running on my desktop. I needed a switching tool that could handle HTTP, HTTPS and FTP.
After some time I though - Why not use a proxy as a proxy switching tool? I figured that proxies can be chained to other proxies, so why not add another one to the chain - at position zero - my local desktop.
I then downloaded and installed squid to test if it possible. After about 2 hours I got it working and here is what I did.
1) Download and Install Squid
http://squid.acmeconsulting.it/download/squid.html - follow the instructions
2) Configure
tweak squid.con and change thecache_peer as follow
2.1) Create list of proxies
cache_peer proxy1.domain.com parent 3128 3130 login=username:password http11 connect-timeout=60 no-query no-digest weight=10 name=proxy1
cache_peer proxy2.domain.com parent 3128 3130 http11 connect-timeout=60 name=proxy2
2.2) Define ip and domains to exclude from proxy
acl skipmyip1 dst 127.0.0.1/32 192.168.10.0/24 xxx.yyy.zzz.123/32
acl skipmydn1 dstdomain localhost domain1.com domainx.com
acl skipmyip2 dst 127.0.0.1/32 192.168.0.0/16 xxx.yyy.zzz.0/24 147.0.0.0/8 172.0.0.0/8
acl skipmydn2 dstdomain localhost domain2.com domainy.com
2.3) Define when to use which proxy
cache_peer_access proxy1 allow !skipmyip1
cache_peer_access proxy1 allow !skipmydn1
cache_peer_access proxy2 allow !skipmyip2
cache_peer_access proxy2 allow !skipmydn2
2.4) Override some
acl mydirectip dst 127.0.0.1/32 192.168.0.0/16 196.36.57.0/24 147.0.0.0/8 172.0.0.0/8
acl mydirectdn dst 127.0.0.1/32 192.168.0.0/16 196.36.57.0/24 147.0.0.0/8 172.0.0.0/8
always_direct allow mydirectip
always_direct allow mydirectdn
2.5) comment out the following
#hierarchy_stoplist cgi-bin ?
3) Test the config with "squid -k parse"
4) create the squid cache via "squid -z"
5) start squid
Now change all you browsers to use the following proxy server: localhost port 3128...
Yes, that will make your browsers to use the proxy running locally on your desktop.
You can even change the proxy settings of your Java apps, Netbeans IDE, Eclipse and other IDE's to use the local proxy.
Since I did this a never had to change a proxy setting in any application again. If any of the proxy server settings change, I only change the squid.conf - not the applications settings
On windows you can make squid run as a windows NT service
To do that you must start a command prompt with Administrator rights
go to c:\squid\sbin
run squid.exe -i -n Squid
Wednesday, April 1, 2009
Subscribe to:
Posts (Atom)
