Installing Squid on CentOS 7

The following assumptions are made: You are able to edit text files in the terminal and yum is your package manager.
These instructions are for standing up a simple, unsecure Squid instance. Secure appropriately for your context.
Installation

  1. yum install squid

    1. Installs to /etc/squid

Configuration

  1. Optional, remove comments from squid.conf, grep -Eiv '(#|$)' /etc/squid/squid.conf > /etc/squid/squid.conf.new

  2. Set http_port from 3128 to 80 accel allow-direct. This will allow Squid to proxy all HTTP traffic.

  3. Add the following rules. They will allow Squid to process and reply to any http traffic it receives:

    1. http_access allow all

    2. http_reply_access allow all

For all the ways Squid can be configured, take advantage of Squid’s Wiki and their website’s documentation (particularly their list of Squid configs).
Starting

  1. Enable Squid with systemctl: systemctl enable squid

  2. Start Squid: systemctl start squid

  3. Validate Squid is running by checking the processes ps -ax | grep "squid"

Changes to the squid.conf are implemented by restarting Squid ( systemctl restart squid )
Firefox 47.x can be configured to point all traffic to a proxy server under Preferences > Advanced > Network > Connection. Can be useful for testing Squid.

Optional Configurations

Caching

  1. Uncomment cache_dir ufs /var/spool/squid 100 16 256

  2. Comment out all the refresh_pattern configs except refresh_pattern .

Validate Squid is properly proxying requests by tailing the access logs on the Squid server tail -f /var/logs/squid/access.log
If testing using Firefox 47.x by disabling the local browser web cache by changing the amount of space allocated to the local web cache to 0mb at Preferences > Advanced > Network > Cached Web Content
Load Balancer

  1. Add the following configs to squid.conf, inserting the appropriate IP or Public DNS as necessary:

    1. http_port 80 accel act-as-origin [insert primary destination server IP or Public DNS]

    2. cache_peer [insert primary destination server IP or Public DNS] 80 0 no-query originserver round-robin

    3. cache_peer [insert secondary destination server IP or Public DNS] parent 80 0 no-query originserver round-robin

  2. Test by navigating to Squid. You should see content from one of the two destination servers.

Spread the word