commit fbb26f586d3a2239eb9d70de9166322fc6ecc095 Author: Yujin Boby Date: Mon Feb 6 13:53:42 2017 +0530 initial commit diff --git a/README.md b/README.md new file mode 100644 index 0000000..b2ad48f --- /dev/null +++ b/README.md @@ -0,0 +1,3 @@ +# ubuntu-squid3 + +Auto install Squid 3 proxy on Ubuntu 16.04 or better. \ No newline at end of file diff --git a/squid.conf b/squid.conf new file mode 100644 index 0000000..1b2d597 --- /dev/null +++ b/squid.conf @@ -0,0 +1,67 @@ +http_port 3128 +cache deny all +hierarchy_stoplist cgi-bin ? + +access_log none +cache_store_log none +cache_log /dev/null + +refresh_pattern ^ftp: 1440 20% 10080 +refresh_pattern ^gopher: 1440 0% 1440 +refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 +refresh_pattern . 0 20% 4320 + +acl localhost src 127.0.0.1/32 ::1 +acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1 + +acl SSL_ports port 1-65535 +acl Safe_ports port 1-65535 +acl CONNECT method CONNECT +acl siteblacklist dstdomain "/etc/squid/blacklist.acl" +http_access allow manager localhost +http_access deny manager + +http_access deny !Safe_ports + +http_access deny CONNECT !SSL_ports +http_access deny siteblacklist +auth_param basic program /usr/lib/squid3/basic_ncsa_auth /etc/squid/passwd + +auth_param basic children 5 +auth_param basic realm Squid proxy-caching web server +auth_param basic credentialsttl 2 hours +acl password proxy_auth REQUIRED +http_access allow localhost +http_access allow password +http_access deny all + +forwarded_for off +request_header_access Allow allow all +request_header_access Authorization allow all +request_header_access WWW-Authenticate allow all +request_header_access Proxy-Authorization allow all +request_header_access Proxy-Authenticate allow all +request_header_access Cache-Control allow all +request_header_access Content-Encoding allow all +request_header_access Content-Length allow all +request_header_access Content-Type allow all +request_header_access Date allow all +request_header_access Expires allow all +request_header_access Host allow all +request_header_access If-Modified-Since allow all +request_header_access Last-Modified allow all +request_header_access Location allow all +request_header_access Pragma allow all +request_header_access Accept allow all +request_header_access Accept-Charset allow all +request_header_access Accept-Encoding allow all +request_header_access Accept-Language allow all +request_header_access Content-Language allow all +request_header_access Mime-Version allow all +request_header_access Retry-After allow all +request_header_access Title allow all +request_header_access Connection allow all +request_header_access Proxy-Connection allow all +request_header_access User-Agent allow all +request_header_access Cookie allow all +request_header_access All deny all \ No newline at end of file diff --git a/squid3-install.sh b/squid3-install.sh new file mode 100644 index 0000000..b0306d7 --- /dev/null +++ b/squid3-install.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +# Squid Installer +# Author: https://blog.hostonnet.com + +/usr/bin/apt update +/usr/bin/apt -y install apache2-utils squid3 + +/usr/bin/htpasswd -b -c /etc/squid/passwd netfreehost g5jWpt@qycHEjx + +/bin/rm -f /etc/squid/squid.conf +/usr/bin/touch /etc/squid/blacklist.acl +/usr/bin/wget --no-check-certificate -O /etc/squid/squid.conf https://raw.githubusercontent.com/hostonnet/ubuntu-squid3/master/squid.conf + +/sbin/iptables -I INPUT -p tcp --dport 3128 -j ACCEPT +/sbin/iptables-save + +service squid restart +update-rc.d squid defaults