SQUID

1. Type virtual machines in the search.
2. Under Services, select Virtual machines.
3. In the Virtual machines page, select Add. The Create a virtual machine page opens.
4. In the Basics tab, under Project details, make sure the correct subscription is selected and then choose to Create new resource group. Type myResourceGroup for the name.*.
5. Under Instance details, type myVM for the Virtual machine name, choose East US for your Region, and choose Ubuntu 18.04 LTS for your Image. Leave the other defaults.
6. Under Administrator account, select SSH public key, type your user name, then paste in your public key. Remove any leading or trailing white space in your public key.
7. Under Inbound port rules > Public inbound ports, choose Allow selected ports and then select SSH (22) and HTTP (80) from the drop-down.
8. Leave the remaining defaults and then select the Review + create button at the bottom of the page.
9. On the Create a virtual machine page, you can see the details about the VM you are about to create. When you are ready, select Create.

It will take a few minutes for your VM to be deployed. When the deployment is finished, move on to the next section.

Connect to virtual machine

Create an SSH connection with the VM.

1. Select the Connect button on the overview page for your VM.
2. In the Connect to virtual machine page, keep the default options to connect by IP address over port 22. In Login using VM local account a connection command is shown. Select the button to copy the command. The following example shows what the SSH connection command looks like:

bashCopy

ssh azureuser@10.111.12.123

1. Using the same bash shell you used to create your SSH key pair (you can reopen the Cloud Shell by selecting >_ again or going to https://shell.azure.com/bash), paste the SSH connection command into the shell to create an SSH session.

Usage/Deployment Instructions

Step 1: Access Squid in Azure Marketplace and click on Get it now button.

Click on Continue and then click on Create.

Step 2: Now to create a virtual machine, enter or select appropriate values for zone, machine type, resource group and so on as per your choice.

Click on Review + create;

Step 3:  The below window confirms that VM was deployed.

Step 4: Open port 3128 in security group by going to resource group –

1. Select your network security group.
2. Select Inbound security rules from the left menu, then select Add.
3. You can limit the Source as needed or leave the default of Any.
4. You can limit the Destination as needed or leave the default of Any.
5. Choose a common Service from the drop-down menu, TCP. You can also select Custom if you want to provide a specific port to use like Port_4000.
6. Optionally, change the Priority or Name. The priority affects the order in which rules are applied: the lower the numerical value, the earlier the rule is applied.
7. Select Add to create the rule.
8. Limit the Source port range as 3128. 

Step5: Open putty and connect with your machine. Add IP address of the running virtual machine.

Step 6: Login with user name and password that you provided during machine creation.

Step 7: Configuring Squid as an HTTP Proxy on Ubuntu

Add Squid ACLs

If you wish to allow only one IP address to access the internet through your new proxy server, you will need to define new acl (access control list) in the configuration file.

sudo vim /etc/squid/squid.conf

The acl rule you should add is:

acl localnet src your_server_IP

Where 192.168.0.102 is the IP address you should change it according to your IP address. This acl should be added in the beginning of the ACL’s section as shown in the following screenshot.

You will need to restart Squid service to take the new changes into effect.

sudo systemctl restart squid

Open Ports in Squid Proxy

By default, only certain ports are allowed in the squid configuration, if you wish to add more just define them in the configuration file as shown.

acl Safe_ports port XX

Where XX is the port number that you wish to allow.

sudo systemctl restart squid

Step 8: Squid Proxy Client Authentication

To allow users to authenticate before using the proxy, you need to enable basic http authentication in the configuration file.

Now we will create a new user and setup its password.

sudo htpasswd /etc/squid/passwords username

Provide a username and password of your choice

sudo systemctl restart squid

Step 9: Block Websites on Squid Proxy

To block access to unwanted websites, first create a file called “blacklisted_sites.acl” that will store the blacklisted sites in it.

sudo touch /etc/squid/blacklisted_sites.acl

Now add the websites that you wish to block access, for example.

.badsite1.com

.badsite2.com

The proceeding dot informs squid to block all references to that sites including www.badsite1, subsite.badsite1.com etc.

Now open Squid’s configuration file.

sudo vim /etc/squid/squid.conf

Just after the above ACLs add the following two lines:

acl bad_urls dstdomain “/etc/squid/blacklisted_sites.acl”

http_access deny bad_urls

Now save the file and restart squid:

 sudo systemctl restart squid

Step 10: Connecting through Squid

curl -v -x http://your_squid_username:your_squid_password@your_server_ip:3128 http://www.google.com/

It is also possible to access https:// websites with your Squid proxy

curl -v -x http://your_squid_username:your_squid_password@your_server_ip:3128 https://www.google.com/

Enjoy your Appliation.