How to Setup Squid as Transparent Proxy on CentOs 6.4

In this tutorial I am going to configure Squid as Transparent Proxy Server on CentOS 6.4 what does it means?

It means we have no part of configurations on the client browser, just to setup Squid in Transparent Proxy Mode so it will sits between client and internet.


Any request made on Port 80 will be redirected to Port 3128 which is Default Squid port.

Don’t Miss: How to Configure Squid 3.x as Transparent Proxy on CentOS 7 / RHEL 7

Here are the simple steps which you need to perform on squid server, in this Lab I’m using CentOs 6.4 as a base Operating System.

Lab Environment:

CentOS 6.4 Hostname = (As Squid Proxy Server)
eth0 : (Connected to Internet)
IP Address:
Subnet Mask:

eth1 : (Connected to LAN)
IP Address:
Subnet Mask:

Xp Pro SP3 (Client PC for testing)
IP Settings
IP Address:
Subnet Mask:
Gateway: (Squid Server IP)

TIP : Setting up DNS server for this Tutorial you can follow this BIND Caching-only Configurations on CentOs 6.4

Step-1: Squid Installation on CentOS 6.4

  • Installing squid packages.
  • Open Terminal and run the follwoing command.
yum install squid -y

Step-2: Edit Configuration file as per the Network Settings

  • Edit squid configuration file “/etc/squid/squid.conf”.

vi /etc/squid/squid.conf
  • Create one ACL(Access Control List) Named “lan”
acl lan src
  • Allow http access for “lan”
http_access allow lan
  • Add the word transparent or intercept after the port “3128” just follow the below line.

http_port 3128 transparent

Step-3: Specify the hostname at the end of the file.

  • you can check the hostname by typing “hostname” command in the terminal
  • Now Save and Exit “:wq”

Step-4: Restart and “chkconfig” the squid service

  • By using chkconfig command you can ensure service availability on the next boot.
Service squid start
Chkconfig squid on

Step-5:Add IPtables rule for transparent squid proxy.

iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j DNAT --to
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128
iptables -I INPUT -s -p tcp --dport 3128 -j ACCEPT

Now you can test browsing on Client Machine.

Watch Video Guide :

If you have any questions realated to this post you can drop a comment below.

Do you like this Tutorial ? Share it with others on Facebook, Twitter, and Google Plus!

If you like this Post, please give us your valuable feedback by pressing Vote Up / Vote Down Button. Thanks.


Similar Posts