• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 362
  • Last Modified:


how to disable proxy in squid 2.6 STABLE10
1 Solution
/etc/init.d/squid stop
chkconfig squid off
The whole point of squid is to proxy http traffic.  There is no actual way within squid to stop proxying requests.  Alextoft's solution will do exactly what you need unless you have iptables rules redirecting traffic in which case you will need to delete these rules and put in a masqurade rule.
Gabriel OrozcoSolution ArchitectCommented:
if you are using transparent caching, then you can just add a rule to your iptables to not forward that source ip to squid:
iptables -I PREROUTING -t nat -s IP.THAT.WILLBE.DIRECT -p tcp --dport 80 -j ACCEPT

if what you do not want is caching but proxy, or whatever else:
Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

askar73Author Commented:
I Just want to use squid as a transparent proxy which will authenticate every source ip through my firewall and no one should use proxy setting to by pass the route.In squid 2.4 there is an option called httpd_accel_with_proxy to disable proxy but in squid 2.6 there is no option called httpd_accel_with_proxy.Is there any other way to disable proxy in squid 2.6?!
Gabriel OrozcoSolution ArchitectCommented:
I remember disabling direct access to squid with
iptables -A PREROUTING -t nat -s localnetwork/24 -p tcp --dport 3128 -j DROP

being before the redirect rule to squid... you could give it a try
Gabriel OrozcoSolution ArchitectCommented:
Hi askar73

I figured out what you were asking. please check this

the other way I disabled direct connections to the proxy was

#Assuming eth0 is the local interfase:
# disable direct connection to port 3128
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 3128 -j DROP
# now redirecting anything going to port 80 to 3128. it works!
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128

that way direct connections do not work, while transparent redirects do. is that what you asked?
Forced accept.

EE Admin
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Certified Penetration Testing

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now