Sometimes, you work in an environment where all web queries run through a proxy server and the proxy requires authentication . .
Then sometimes, you use apps that need to access the web . . and they don’t have a method of inputting Username and Password for Web connections.
The easy way to fix this is with a Squid Proxy (effectively, run a proxy server locally . . that authenticates to your web proxy)
All you need to do is use the following configuration settings:
# Listen only local interface rc:
# Parent proxy (192.168.1.253:8080) and Authentication settings
cache_peer 192.168.1.253 parent 8080 0 no-query default login=User:Passwd
# No direct access
never_direct allow all
Of course, you may not have a Linux box available for you to run a Squid proxy . . Squid can compile and run on Windows as a system service using the Cygwin emulation environment
Alternatively and more easily, get a compiled version of Squid for Windows like : www.reaper-x.com/2006/07/18/complete-guide-on-installing-and-configuring-squid-proxy-server-for-windows/
Here’s a quick how to:
- Download the latest package from the above link
- Extract it (I extracted to c:squid for my example)
- Rename *.conf.default to *.conf for all files in c:squidetc
- Open the file squid.conf (Notepad / VI or whatever you favour)
- Amend the file as above – Save and exit . . .or use the file below if you’re battling and just replace the username / password, IP addresses and DNS servers
If you are battling, you could use the following file and simply edit the row starting with dns_nameservers
and the row starting with cache_peer
6. Now from a dos box, just run the following commands:
(this will start the Squid and ignore the DNS check it normally does at startup)
7. At this point your squid server is running. You should be able to point the proxy server for any app at 127.0.0.1:3128 and the authentication will be handled by the squid proxy. As a test I user the “Android SDK and AVD manager” which only allows specifying of Proxy, but not of credentials . . and all downloads ran properly.
# [START - Copy from after this] # HTTP Port (in this tutorial squid will run on localhost at port 3128) http_port 127.0.0.1:3128 # ICP Port and HTCP Port (we’ll disable this since we are not going to use it) icp_port 0 htcp_port 0 # Cache Peer (we’ll forward all request into parent proxy) cache_peer 192.168.1.1 parent 8080 0 no-query default login=username:password #amend these . .the IP is the Proxy, and Username and Password need replacing. # Cache directory (in this example i was using 30 MB space to store squid cache) # cache_dir awin32 c:/squid/var/cache 3000 16 256 # access_log access_log c:/squid/var/logs/access.log squid # cache_log cache_log c:/squid/var/logs/cache.log # cache_store_log cache_store_log none # mime_table mime_table c:/squid/etc/mime.conf # pid_filename pid_filename c:/squid/var/logs/squid.pid # unlinkd_program unlinkd_program c:/squid/libexec/unlinkd.exe # refresh_pattern (you can configure this as you like it, to get more hits from a website) # note: if you change this parameter "refresh_pattern . 1 100% 20160 reload-into-ims ignore-reload” into something else for # example like "refresh_pattern . 10 100% 20160 reload-into-ims ignore-reload” # there’ll be some error on some page (Gamefaqs.com for an example) because the page didnt reload correctly after login into Gamefaqs refresh_pattern ^http://.*.gif$ 1440 50% 20160 reload-into-ims refresh_pattern ^http://.*.asis$ 1440 50% 20160 refresh_pattern -i .png$ 10080 150% 40320 reload-into-ims refresh_pattern -i .jpg$ 10080 150% 40320 reload-into-ims refresh_pattern -i .bmp$ 10080 150% 40320 reload-into-ims refresh_pattern -i .gif$ 10080 300% 40320 reload-into-ims refresh_pattern -i .ico$ 10080 300% 40320 reload-into-ims refresh_pattern -i .swf$ 10080 300% 40320 reload-into-ims refresh_pattern -i .flv$ 10080 300% 40320 reload-into-ims refresh_pattern -i .rar$ 10080 150% 40320 refresh_pattern -i .ram$ 10080 150% 40320 refresh_pattern -i .txt$ 1440 100% 20160 reload-into-ims override-lastmod refresh_pattern -i .css$ 1440 60% 20160 refresh_pattern ^http:// 1 100% 20160 reload-into-ims ignore-reload refresh_pattern ^ftp:// 240 50% 20160 refresh_pattern ^gopher:// 240 40% 20160 refresh_pattern /cgi-bin/ 0 0% 30 refresh_pattern . 0 100% 20160 reload-into-ims # Deny requests to unknown ports # http_access deny !Safe_ports # Deny CONNECT to other than SSL ports # http_access deny CONNECT !SSL_ports # Block access to Malware & ads farm site # Insert your own rule here by using # acl blablabla url_regex -i "path to file” # or # acl blablabla url_regex "path to file” acl all src 0.0.0.0/0.0.0.0 http_access allow all # http_access deny all cache_mgr Reaper-X httpd_suppress_version_string on visible_hostname Reaper via off forwarded_for off log_icp_queries off client_db off never_direct allow all #Some anonymizing header_access From deny all #there’s some website which use referer check #so its better to disable this #header_access Referer deny all header_access WWW-Authenticate deny all header_access Link deny all header_access Warning deny all header_access Via deny all header_access User-Agent deny all header_access Proxy-Connection deny all header_access X-Forwarded-For deny all dns_nameservers 192.168.1.2
#[END – Copy to before here]