Setup squid proxy server mikrotik

July 8, 2021 . 2 MIN READ

Setup Squid Proxy Server Ubuntu 14.04 LTS + Mikrotik Router OS

Setup Squid Proxy Server + Mikrotik

Download Ubuntu Server 14.04 LTS 32bit/64Bit
http://www.ubuntu.com/download/server

Connect to internet and download the squid application
sudo apt-get install squid3

Backup copy of the original squid configuration file.
sudo cp -p /etc/squid3/squid.conf /etc/squid3/squid.conf.ori

use vi to edit squid.conf
sudo vi /etc/squid3/squid.conf

To block websites

acl block_websites dstdomain .msn.com .yaho.com
http_access deny block_websites

View the log
sudo tail -f /var/log/squid3/access.log

After you’ve finished editing the configuration file, you can start Squid for the first time. First, you must create the swap directories. Do this by running Squid with the -z option:

sudo /etc/init.d/squid3 stop
sudo mkdir /squid_cache
sudo chown -R proxy:proxy /squid_cache

sudo squid3 -z

sudo /etc/init.d/squid3 start

Once that completes, you can start Squid and try it out. Probably the best thing to do is run it from your terminal and watch the debugging output. Use this command:

sudo squid3 -NCd1

If everything is working fine, then your console displays: “Ready to serve requests”.
Squid service command
sudo service squid3 stop,status,start,restart
sudo pkill -9 squid
Mikrotik firewall rule

/ip firewall nat add action=dst-nat chain=dstnat disabled=no dst-port=80 in-interface=ether2-local-master protocol=tcp to-addresses=192.168.3.100 to-ports=3128

HTTPS Part 1

https_port 3128 transparent key=/etc/squid3/ssl/squid3.key cert=/etc/squid3/ssl/squid3.crt

sudo mkdir /etc/squid3/ssl
cd /etc/squid3/ssl/
sudo openssl genrsa -des3 -out squid3.key 1024
sudo openssl req -new -key squid3.key -out squid3.csr
sudo cp -p squid3.key squid3.key.org
sudo openssl rsa -in squid3.key.org -out squid3.key
sudo openssl x509 -req -days 365 -in squid3.csr -signkey squid3.key -out squid3.crt

HTTPS Part 2

openssl req -new -newkey rsa:1024 -days 365 -nodes -x509 -keyout myCA.pem  -out myCA.pem
openssl x509 -in myCA.pem -outform DER -out myCA.der

To use the Malware Block List on a Squid proxy to block user access to URLs that contain Malware you need to perform the following simple steps:

Download the block list:

wget -O – http://malware.hiperlinks.com.br/cgi/submit?action=list_squid > malware_block_list.txt

Create an ACL in the main (squid.conf) pointing to a file which will have the list URLs:

acl malware_block_list url_regex -i “/etc/squid/malware_block_list.txt”

Enable the ACL created previously:

http_access deny malware_block_list
deny_info http://malware.hiperlinks.com.br/denied.shtml malware_block_list

Force Squid reconfiguration:

squid -k reconfigure
Thats It have a nice day

http://koitip.blogspot.com/2014/09/setup-squid-proxy-server-mikrotik.html
https://aacable.wordpress.com/tag/howto-add-squid-proxy-server-with-mikrotik/
http://pandusetyoaji.web.id/2014/12/konfigurasi-proxy-server-squid-lusca-mikrotik-menggunakan-ubuntu-14-04/

Leave a Reply

Your email address will not be published. Required fields are marked *

Anwar

Anwar

RECENT POSTS

TAGS

You Might Be Interested In

Tags

Navigation

Newsletter