How to configure Squid proxy to work with multiple users
October 13, 2021
For example, the task is to organize the work of Squid with several users, each of which received an IP address (the same for all) and a port number (individual for each user) as proxy settings. Also, users have an individual username and password. The server has several external IP (in this case, IPv6) addresses, you need to make sure that each of the users goes to an individual IP address.
Let's say at the input we have 127.0.0.1:1000:test1:pass1, and at the output 2a02:f680:1:1100::3d60.
And at the input 127.0.0.1:1001:test2:pass2 and at the output 2a02:f680:1:1100::3d61.
Solution:
We start by filling in user credentials (see also “How to configure HTTP Digest Authentication in Squid”):
sudo htpasswd -c /etc/squid/passwd test1 sudo htpasswd /etc/squid/passwd test2
In the following config file, you need to replace:
- usernames to names of your choice
- indicate the desired ports
- indicate the desired IPv6 or IPv4 addresses both for listening and as outgoing addresses
- duplicate similar entries for each username (port, IP address)
Content of my /etc/squid/squid.conf file:
# Authentication settings auth_param basic program /usr/lib64/squid/basic_ncsa_auth /etc/squid/passwd auth_param basic children 5 auth_param basic credentialsttl 2 hours auth_param basic casesensitive on auth_param basic realm Squid proxy for HackWare.ru Listening ports http_port 185.117.153.79:1000 http_port 185.117.153.79:1001 # For each port, create an acl with the localport type acl portA localport 1000 acl portB localport 1001 # Link ports and IP addresses tcp_outgoing_address 2a02:f680:1:1100::3d60 portA tcp_outgoing_address 2a02:f680:1:1100::3d61 portB # For each user, create an acl with the proxy_auth type acl test1_user proxy_auth test1 acl test2_user proxy_auth test2 # Allow two acl bindings to access: # user test1 and port 1000 # user test2 and port 1001 http_access allow test1_user portA http_access allow test2_user portB
Continue reading:
- Configuring Squid Proxy with Multiple IP Addresses
- How to configure Squid to use IPv4
- How Squid ACL works
- How to configure HTTP Digest Authentication in Squid
- Error “Authentication helper program /usr/lib64/squid/basic_ncsa_auth: (2) No such file or directory” (SOLVED)
Related articles:
- How to configure Squid to use IPv4 (100%)
- Configuring Squid Proxy with Multiple IP Addresses (100%)
- Error “Authentication helper program /usr/lib64/squid/basic_ncsa_auth: (2) No such file or directory” (SOLVED) (89.5%)
- How Squid ACL works (89.5%)
- How to configure HTTP Digest Authentication in Squid (89.5%)
- Error “remote: Support for password authentication was removed on August 13, 2021. Please use a personal access token instead” (SOLVED) (RANDOM - 50%)
