Giters

vinn-chege / SquidProxyTailscaleSetup

This SquidProxySetup step-by-step guide provides comprehensive instructions and scripts for configuring Squid proxies on Ubuntu or Debian systems, utilizing various network interfaces including mobile routers.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

SquidProxyTailscaleSetup

The-SquidProxySetup

The SquidProxySetup

This tutorial provides a detailed guide on configuring Squid proxies through various network interfaces. The demonstration utilizes 4G router networks for binding them to the proxies. The 4G routers connect to the operating system using WiFi and USB WiFi dongles.

Prerequisites:

  • Ubuntu 22.04-24.04/ Debian operating system
  • Proficiency in Linux terminal/bash
  • Basic networking knowledge

Step 1: Install squid proxy

sudo apt update
sudo apt install squid

Step 2: Setup squid users

sudo apt install apache2-utils

For the first user in my case, profile1;

sudo htpasswd -c /etc/squid/passwords profile1

Creating other additional users;

sudo htpasswd /etc/squid/passwords profile2
sudo htpasswd /etc/squid/passwords profile3

Check the created user profiles using;

sudo cat /etc/squid/passwords

In case you want to delete a user profile use;

sudo htpasswd -D /etc/squid/passwords profile1 profile2...

Step 3: Configure squid proxy settings.

sudo nano /etc/squid/squid.conf

Copy the following squid settings and change accordingly:

#Authentication settings
auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/passwords
auth_param basic children 5
auth_param basic credentialsttl 720 hours
auth_param basic casesensitive on
auth_param basic realm Squid proxy-caching web server

#Listening ports
http_port 100.108.234.102:5001
http_port 100.108.234.102:5002
http_port 100.108.234.102:5003
http_port 100.108.234.102:5004

#For each port, create an acl with the localport type
acl portA localport 5001
acl portB localport 5002
acl portC localport 5003
acl portD localport 5004

#Link ports and IP addresses
tcp_outgoing_address 10.0.0.111 portA
tcp_outgoing_address 5.5.5.7 portB
tcp_outgoing_address 5.5.6.7 portC
tcp_outgoing_address 5.5.7.7 portD

#For each user, create an acl with the proxy_auth type
acl profile1 proxy_auth profile1
acl profile2 proxy_auth profile2
acl profile3 proxy_auth profile3
acl profile4 proxy_auth profile4

#Allow two acl bindings to access:
#user profile1 and port 5001
#user profile2 and port 5002
http_access allow profile1 portA
http_access allow profile2 portB
http_access allow profile3 portC
http_access allow profile4 portD

Save and exit

Restart the squid service

sudo systemctl restart squid.service

Now connect your networking devices and maintain the same settings in the squid config.

Step 4: Add the NICs to the ip_route table

sudo nano /etc/iproute2/rt_tables
1       ens18 
2       wlx90de806452cc 
3       wlx90de806503ec
4       wlx90de806506e4

Save and exit

Step 5: Create a bash for the routes to persist on reboots.

sudo nano /usr/local/bin/routes.sh
#!/bin/bash

#Set up network configuration for wlx90de806452cc

sudo ip route add 5.5.5.0/24 dev wlx90de806452cc table wlx90de806452cc 
sudo ip route add default via 5.5.5.1 dev wlx90de806452cc table wlx90de806452cc 
sudo ip rule add from 5.5.5.7/32 table wlx90de806452cc 
sudo ip rule add to 5.5.5.7/32 table wlx90de806452cc

#Set up network configuration for wlx90de806503ec

sudo ip route add 5.5.6.0/24 dev wlx90de806503ec table wlx90de806503ec 
sudo ip route add default via 5.5.6.1 dev wlx90de806503ec table wlx90de806503ec 
sudo ip rule add from 5.5.6.7/32 table wlx90de806503ec 
sudo ip rule add to 5.5.6.7/32 table wlx90de806503ec

#Set up network configuration for wlx90de806506e4 

sudo ip route add 5.5.7.0/24 dev wlx90de806506e4 table wlx90de806506e4 
sudo ip route add default via 5.5.7.1 dev wlx90de806506e4 table wlx90de806506e4 
sudo ip rule add from 5.5.7.7/32 table wlx90de806506e4 
sudo ip rule add to 5.5.7.7/32 table wlx90de806506e4

#Check for the exit status of the previous command

if [ $? -eq 0 ]; then     
echo “Routes service ran successfully.”
else     
echo “Routes service encountered an error.” 
fi

Set the correct permissions for the bash file

sudo chmod 777 /usr/local/bin/routes.sh

Step 6: Create systemd services to automate the routes

sudo nano /etc/systemd/system/routes.service
[Unit]
Description=Network Monitor Service
[Service]
Type=simple
ExecStart=/usr/local/bin/routes.sh
Restart=always
RestartSec=10
[Install]
WantedBy=multi-user.target
sudo nano /etc/systemd/system/routes.timer

Step 7: Create a timer for the systemd service

[Unit]
Description=Network Monitor Timer
[Timer]
OnBootSec=10
OnUnitActiveSec=1m
Unit=routes.service
[Install]
WantedBy=timers.target

Restart the systemd daemon and enable systemd services

sudo systemctl daemon-reload
sudo systemctl enable routes.service
sudo systemctl enable routes.timer

Step 8: Test for a successful connection for the proxies using;

curl -v -x http://user:password@ip:port https://www.google.com

If not working, try restarting the squid service and the Network Manager service

sudo systemctl restart squid.service
sudo systemctl restart NetworkManager.service

About

This SquidProxySetup step-by-step guide provides comprehensive instructions and scripts for configuring Squid proxies on Ubuntu or Debian systems, utilizing various network interfaces including mobile routers.