Public Repository

Last pushed: 4 months ago
Short Description
Another containerized squid proxy server. Allows numerous modes (including https reply/intercept)
Full Description

docker run -p 3128:3128 -ti docker.io/salrashid123/squidproxy /bin/bash

  • TRANSPARENT
$ /apps/squid/sbin/squid -NsY -f /apps/squid.conf.transparent
$ cat /apps/squid/var/logs/access.log
1497880363.186    198 172.17.0.1 TCP_MISS/200 190196 GET http://www.bbc.com/ - HIER_DIRECT/151.101.52.81 text/html
1497880363.439   1392 172.17.0.1 TCP_MISS/200 3403 CONNECT www.bbc.com:443 - HIER_DIRECT/151.101.52.81

  • HTTPS INTERCEPT

$ /apps/squid/sbin/squid -NsY -f /apps/squid.conf.https_proxy

$ curl -v -k -x localhost:3128 -L https://www.yahoo.com

you should see the proxy interecept and recreate yahoo's public certificat:

* Server certificate:
*      subject: C=US; ST=California; L=Sunnyvale; O=Yahoo Inc.; OU=Information Technology; CN=www.yahoo.com
*      start date: 2015-10-31 00:00:00 GMT
*      expire date: 2017-10-30 23:59:59 GMT
*      issuer: C=US; ST=Illinois; L=Chicago; O=Google Inc.; CN=*.test.google.com
*      SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.

  • CACHE
$ /apps/squid/sbin/squid -z -f /apps/squid.conf.cache
$ /apps/squid/sbin/squid -NsY -f /apps/squid.conf.cache
$ curl -k -x localhost:3128 -L http://www.bbc.com
$ curl -k -x localhost:3128 -L http://www.bbc.com
$ cat /apps/squid/var/logs/access.log
1489070394.303    748 172.17.0.1 TCP_MISS/200 207886 GET http://www.bbc.com/ - HIER_DIRECT/151.101.52.81 text/html
1489070395.767      1 172.17.0.1 TCP_MEM_HIT/200 207721 GET http://www.bbc.com/ - HIER_NONE/- text/html

  • Basic Auth

    (user: user1; password:user1)

    $ /apps/squid/sbin/squid -NsY -f /apps/squid.conf.basicauth
    
$ curl -x localhost:3128 --proxy-user user1:user1 -L http://www.yahoo.com

Dokcerfile

FROM debian
RUN apt-get -y update
RUN apt-get install -y curl supervisor git openssl  build-essential libssl-dev wget
RUN mkdir -p /var/log/supervisor
COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf
WORKDIR /apps/
RUN wget -O - http://www.squid-cache.org/Versions/v3/3.4/squid-3.4.14.tar.gz | tar zxfv -
RUN cd /apps/squid-3.4.14/ && ./configure --prefix=/apps/squid --enable-icap-client --enable-ssl --with-openssl --enable-ssl-crtd --enable-auth --enable-basic-auth-helpers="NCS
A" && make && make install
ADD . /apps/

RUN chown -R nobody /apps/
RUN mkdir -p  /apps/squid/var/lib/
RUN /apps/squid/libexec/ssl_crtd -c -s /apps/squid/var/lib/ssl_db -M 4MB
RUN chown -R nobody /apps/

EXPOSE 3128
#CMD ["/usr/bin/supervisord"]
Docker Pull Command
Owner
salrashid123

Comments (0)