##SETUP THESE VARIABLES## PROXY=<the ip address of your proxy machine> SOURCE=<your internal network addresses> FWINT=<the ip address of your firewall's internal interface> #### $IPT -t nat -A PREROUTING -s $PROXY -p tcp -m tcp --dport 80 -j ACCEPT $IPT -t nat -A PREROUTING -s $SOURCE -p tcp --dport 80 -j DNAT --to-dest $PROXY:3128 $IPT -A FORWARD -s $SOURCE -d $PROXY -p tcp -m tcp --dport 3128 -j ACCEPT $IPT -t nat -A POSTROUTING -s $SOURCE -d $PROXY -j SNAT --to-source $FWINT |
http_port 3128 httpd_accel_host virtual httpd_accel_port 80 httpd_accel_with_proxy on httpd_accel_uses_host_header on http_access allow all |
/<wherever_squid_source_is>/helpers/basic_auth/NCSA make make install |
htpasswd /etc/squid/passwd <username> |
auth_param basic program
/usr/local/squid/libexec/ncsa_auth /etc/squid/passwd auth_param basic children 5 auth_param basic realm Web Proxy auth_param basic credentialsttl 2 hours acl valid-people proxy_auth REQUIRED http_access allow valid-people http_access deny all |