15.5. Configuring the Squid Service to Listen on a Specific Port or IP Address

By default, the Squid proxy service listens on the 3128 port on all network interfaces. This section describes how to change the port and configuring Squid to listen on a specific IP address.

Prerequisites

  • Squid is installed.

Procedure

  1. Edit the /etc/squid/squid.conf file:
    • To set the port on which the Squid service listens, set the port number in the http_port parameter. For example, to set the port to 8080, set:
      http_port 8080
    • To configure on which IP address the Squid service listens, set the IP address and port number in the http_port parameter. For example, to configure that Squid listens only on the 192.0.2.1 IP address on port 3128, set:
      http_port 192.0.2.1:3128
    Add multiple http_port parameters to the configuration file to configure that Squid listens on multiple ports and IP addresses:
    http_port 192.0.2.1:3128
    http_port 192.0.2.1:8080
  2. If you configured that Squid uses a different port as the default (3128):
    1. Open the port in the firewall:
      # firewall-cmd --permanent --add-port=port_number/tcp
      # firewall-cmd --reload
    2. If you run SELinux in enforcing mode, assign the port to the squid_port_t port type definition:
      # semanage port -a -t squid_port_t -p tcp port_number
      If the semanage utility is not available on your system, install the policycoreutils-python-utils package.
  3. Restart the squid service:
    # systemctl restart squid