Squid Install script "Elite Proxy" on CentOS with multiple IPs

Squid Install script "Elite Proxy" on CentOS with multiple IPs

LeoKLeoK Member
edited May 2014 in General

Based on a original script by MikHo

    #!/bin/bash


    # This script is distributed under a Creative Commons ShareAlike 3.0 licence.
    # http://creativecommons.org/licenses/by-sa/3.0/

    yum update

    clear

    yum install squid -y

    rm -rf /etc/squid/squid.conf

    touch /etc/squid/squid.conf

    # now get list of ips and add to /etc/squid/squid.conf
    # now get list of ips and add to /etc/squid/squid.conf
    COUNTER=0
    for i in `ifconfig | grep inet | grep -v 127.0.0.1 | grep -v inet6 | sed 's/:/ /g' | awk '{print $3}'`
    do
    COUNTER=$(($COUNTER+1))
            echo -e "acl ip$COUNTER myip $i\ntcp_outgoing_address $i ip $COUNTER" >> /etc/squid/squid.conf

    done


    # Now add more shit to the /etc/squid/squid.conf

    echo -e "
    http_port 3128
    acl manager proto cache_object
    acl localhost src 127.0.0.1/32 ::1
    acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
    acl localnet src 10.0.0.0/8    # RFC1918 possible internal network
    acl localnet src 172.16.0.0/12    # RFC1918 possible internal network
    acl localnet src 192.168.0.0/16    # RFC1918 possible internal network
    acl localnet src fc00::/7       # RFC 4193 local private network range
    acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged) machines

    acl SSL_ports port 443
    acl Safe_ports port 80        # http
    acl Safe_ports port 425       # smtp
    acl Safe_ports port 21        # ftp
    acl Safe_ports port 443       # https
    acl Safe_ports port 70        # gopher
    acl Safe_ports port 210       # wais
    acl Safe_ports port 1025-65535    # unregistered ports
    acl Safe_ports port 280        # http-mgmt
    acl Safe_ports port 488        # gss-http
    acl Safe_ports port 591        # filemaker
    acl Safe_ports port 777        # multiling http
    acl CONNECT method CONNECT

    http_access allow manager localhost
    http_access deny manager
    http_access deny !Safe_ports
    http_access deny CONNECT !SSL_ports
    http_access allow localnet
    http_access allow localhost
    hierarchy_stoplist cgi-bin ?
    coredump_dir /var/spool/squid
    refresh_pattern ^ftp:        1440    20%    10080
    refresh_pattern ^gopher:    1440    0%    1440
    refresh_pattern -i (/cgi-bin/|?) 0    0%    0
    refresh_pattern .        0    20%    4320
    auth_param basic program /usr/lib64/squid/ncsa_auth /etc/squid/squid_access
    auth_param basic childred 5
    auth_param basic realm Squid proxy-caching web server
    auth_param basic credentialsttl 2 hours
    acl ncsaauth proxy_auth REQUIRED
    http_access allow ncsaauth
    forwarded_for off
    request_header_access Allow allow all
    request_header_access Authorization allow all
    request_header_access WWW-Authenticate allow all
    request_header_access Proxy-Authorization allow all
    request_header_access Proxy-Authenticate allow all
    request_header_access Cache-Control allow all
    request_header_access Content-Encoding allow all
    request_header_access Content-Length allow all
    request_header_access Content-Type allow all
    request_header_access Date allow all
    request_header_access Expires allow all
    request_header_access Host allow all
    request_header_access If-Modified-Since allow all
    request_header_access Last-Modified allow all
    request_header_access Location allow all
    request_header_access Pragma allow all
    request_header_access Accept allow all
    request_header_access Accept-Charset allow all
    request_header_access Accept-Encoding allow all
    request_header_access Accept-Language allow all
    request_header_access Content-Language allow all
    request_header_access Mime-Version allow all
    request_header_access Retry-After allow all
    request_header_access Title allow all
    request_header_access Connection allow all
    request_header_access Proxy-Connection allow all
    request_header_access User-Agent allow all
    request_header_access Cookie allow all
    request_header_access All deny all" >> /etc/squid/squid.conf

    # Edit "user" and "password"
    htpasswd -b -c /etc/squid/squid_access **user** **password** 

    service squid restart

    clear

    chkconfig squid on

   echo "DONE"
Sign In or Register to comment.