I tired to setup an Apache forward proxy using mod_proxy, but had issues with SSL requests not working correctly. I have used a squid proxy on my home network for local caching via my firewall machine for years. Squid has always been reliable.
The process to install squid is quite simple in Ubuntu lucid:
- Open a terminal or SSH into your lucid Ubuntu Server.
- Install squid proxy using apt-get at the command line.
- Edit the configuration file. The configuration file for squid is huge. It's a very configurable proxy. I decided to make a backup, just in case I messed something up in the configuration.
- Use nano (my favorite command line editor) to edit the configuration file. Understanding what I needed for a simple http proxy, I needed to make only make one edit and two additions to the default configuration file that Ubuntu provided.
- Edited the default port from 3128 to 8001 (my preference).
- Added two lines to configure the ACL rules to allow connections from two specific networks.
- Added two lines to allow http access by those two networks.
- Start up squid service.
sudo apt-get install squid
sudo cp /etc/squid/squid.conf etc/squid/squid.conf.original
sudo nano /etc/squid/squid.conf
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl outside src 22.214.171.124/16 # RFC1918 outside network
http_access allow localnet
http_access allow outside
sudo service squid start
Went and changed one of my browsers to use the proxy on port 8001 and everything worked great. SSL worked perfectly transparent as I expected. Not sure why Apache didn't work, but I like the separation of the two applications.
Squid seems infinitely configurable and very full featured. Perhaps when I get more time I'll play with it more. The log files are stored in /var/log/squid/.