ssh tunnel squid proxy setup

SSH is a very secure encrypted connection. Much much easier to setup then a VPN.
its quite easy to setup, on the server side all we need is Open SSH and Squid
on the client side Windows we can use putty.exe and on linux ssh command.

On the Squid server should listen only on here is configuration I use:

acl manager proto cache_object
acl localhost src

acl to_localhost dst
acl localnet src # RFC1918 possible internal network
acl localnet src # RFC1918 possible internal network
acl localnet src # RFC1918 possible internal network

acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http

http_access allow manager localhost
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access deny all

#user: prxusr passbombom

coredump_dir /var/spool/squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320

restart squid and make sure its listening on

service squid restart
netstat -ntlp |grep 8080

Ok now the SSH Server side we just need to add these lines:
AllowTcpForwarding yes
#FOR KEEPALIVE (optional)
ClientAliveInterval 300
ClientAliveCountMax 2

On the Client Side Windows with putty.exe (
open putty.exe
->Saved Session: MyTunnel (click save)
->Host Name: user@ Port: ->Connection->SSH->Tunnels->
Source Port: 8080
Click ADD
Should look like 4L8080
->Sessions- Save – Open
then authenticate and check the squid log
tail -f /var/log/squid/access.log

Go to a firefox browser and configure the Proxy as: Port: 8080
[x] User theis proxy server for all protocols
[x] SOCKS v5
[x] Proxy DNS when using SOCKS v5

For a global windows proxy setup do as follows:

Open Settings.
Click Network & Internet.
Click Proxy.
In the Manual Proxy Setup section, set the Use a Proxy Server switch to On.
In the Address field, type the IP address:
In the Port field, type the port 8080
Click Save; then close the Settings window.
GO to the site and check your external IP.

I recommend setting up a free AWS ec2 tiny instance for the server
The cost is:
First 10 TB / month $0.155 per GB
So if you use a lot of data lets says 50GB a month you would pay: 7.75 USD
Go ahead and test your internet connection on

Leave a Reply

Your email address will not be published. Required fields are marked *