My Journal



How To Install Squid on CentOS / RHEL 5

Install Squid on CentOS / RHEL 5

$ yum install squid


Install ( x ) Package(s)

Total download size: ( x ) M

Is this ok [y/N]: Answer y then hit Enter Key

Installing: squid ######################### [1/1]

Installed: squid.i386 2.5.STABLE14

Squid Basic Configuration

Squid configuration file located at /etc/squid/squid.conf. Open file using a text editor:

$ locate squid.conf
$ pico /etc/squid/squid.conf


line 53 and 54
looks like this

#http_port 3128

change to

http_port 3128

//* or change 3128 to any unused port refer here to check commonly used port http://www.mysql-apache-php.com/ports.htm *//

line 1876

#acl our_networks src
#http_access allow our_networks

change to
acl our_networks src
http_access allow our_networks

Line 1880
#http_access allow localhost
#http_access deny all


http_access allow localhost
http_access allow [ your ip range here without the brackets ]
http_access deny all

$ chkconfig squid on

$ /etc/init.d/squid start


init_cache_dir /var/spool/squid… Starting squid: . [ OK ]

Verify port 3128 is open:

$ netstat -tulpn | grep 3128


tcp 0 0* LISTEN 20653/(squid)

Open TCP port 3128

Finally make sure iptables is allowing to access squid proxy server. Just open /etc/sysconfig/iptables file:

$ pico /etc/sysconfig/iptables(config)

Append configuration:

-A RH-Firewall-1-INPUT -m state –state NEW,ESTABLISHED,RELATED -m tcp -p tcp –dport 3128 -j ACCEPT

Restart iptables based firewall:

$ /etc/init.d/iptables restart


Flushing firewall rules: [ OK ]

Setting chains to policy ACCEPT: filter [ OK ]

Unloading iptables modules: [ OK ]

Applying iptables firewall rules: [ OK ]

Loading additional iptables modules: ip_conntrack_netbios_n [ OK ]

note if you have CSF firewall:

$ pico /etc/csf/csf.conf

# Allow incoming TCP ports
TCP_IN = “20,21,22,25,53,80,110,143,443,465,953,993,995,2077,2078,2082,2083,2087,[your squid proxy port here without the bracket]
# Allow outgoing TCP ports
TCP_OUT = “20,21,22,25,37,43,53,80,110,113,443,587,873,953,2087,2089,2703,[your squid proxy port here without the bracket]
# Allow incoming UDP ports
UDP_IN = “20,21,53,953”
# Allow outgoing UDP ports
# To allow outgoing traceroute add 33434:33523 to this list
UDP_OUT = “20,21,53,113,123,873,953,6277”

//Now restart the firewall!
$ csf -r

Note: if you install on Centos 5.3 you will have to open your port and save settings

/sbin/iptables -I RH-Firewall-1-INPUT 1 -p tcp --dport [PORT] -j ACCEPT

/etc/init.d/iptables save

    • M. Aliyu
      Sep 29, 2009 at 1:10 PM / Reply


      I will appreciate if i can be helped on step-by-step procedures on how to setup Squid on RHEL 5.3. I want it as a transparent proxy in such a way that i do not need to go and setup clients PC that are over 40.

      Looking forward to hearing from you with any writeup or guide/manual.

      Thanks in anticipation.

    • xMoDx
      Oct 21, 2009 at 3:23 AM / Reply

      Hello M. Aliyu

      the instructions above are complete steps how to setup squid on Centos and RHEL if you have some problems you can contact me i will be glad to help you with your task,

    • Info Gaptek
      Nov 25, 2009 at 1:38 AM / Reply

      When I start squid it say :
      init_cache_dir /var/spool/squid… Starting squid: [FAILED]
      How do I fix it?

    • xMoDx
      Jan 5, 2010 at 1:38 AM / Reply

      that means there is an error on your squid config file kindly check on squid logs and paste the error

    • Elle
      Mar 4, 2010 at 6:23 AM / Reply

      I’m trying to configure Squid on CentOS I followed your instructions step by step until I reached the command to restart iptables based firewall:
      # /etc/init.d/iptables restart
      This is the output from the command:
      Applying iptables firewall rules: iptables-restore: line 1 failed [FAILED]

      How do I fix this? Any help would be appreciated.

    • Scott
      Apr 19, 2010 at 4:29 AM / Reply

      Same issue here !

      Applying iptables firewall rules: iptables-restore: line 30 failed [FAILED]

    • How to Secure Squid Proxy | netstat -an | grep -i listen
      Dec 7, 2011 at 2:53 AM / Reply

      […] investigating Wall Street – SalonCongress Looking at DEA's Money Laundering Program – KRGVHow To Install Squid on CentOS / RHEL 5mandala veganSome Tips How To Monitor UsersUsing vnstat for simple traffic accountingHow to Get Free […]

Leave A Comment