Squid as Transparent Proxy on CentOs 6.4

In this tutorial I am going to configure squid acting as transparent proxy what does it means? It means we have no part of configurations on the client end, just to setup squid in transparent proxy mode so it will sits between client and internet. And redirect their port 80 requests to 3128 port which is default squid port.
Here the simple steps which you need to perform on squid server.

[box type=”shadow” align=”aligncenter” ]Lab Environment:

CetnOs 6.4 (as squid transparent proxy server), Hostname = pxy.lintut.com
eth0 : (Connected to Internet)
IP =, Gateway = and DNS =
eth1 : (Connected to LAN)
IP =, and DNS =
Xp Pro SP3 (Client PC for testing). Hostname = xp1.lintut.com
IP =, Gateway = Server’s IP) and DNS =[/box]

Step-1 Installing squid packages.

yum install squid -y

Step-2 Edit squid configuration file ‘/etc/squid/squid.conf’.

vi /etc/squid/squid.conf

Create one acl
acl lan src
Allow http access for ‘lan’

http_access allow lan

Add the word transparent or intercept after the port ‘3128’ just follow the below line.

http_port 3128 transparent

Step-3 Specify the hostname at the end of the file.

visible_hostname pxy.lintut.com

Save and Exit ‘:wq’

Step-4 Restart and ‘chkconfig’ the squid service so the service can be available on time of boot.

service squid start
chkconfig squid on

Step-5 IPtables rule for transparent squid proxy.

iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j DNAT --to
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128
iptables -I INPUT -s -p tcp --dport 3128 -j ACCEPT

Now we can test browsing on Client Machine.

One Comment

  1. Hi,

    I would like to ask, that the installing description will be on CentOS 6.7? And a mobile phone can access the system?

Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back to top button