How do I configure Squid to forward all requests to another proxy?

Solution Unverified - Updated -

Environment

  • Red Hat Enterprise Linux
  • squid

Issue

  • I want to configure Squid to forward all requests to another proxy and access the ssl website.

Resolution

  • Edit /etc/squid/squid.conf, add the parameter below:
cache_peer <Parent_proxy_IP> parent <port> 0 no-query default
acl all src 0.0.0.0/0.0.0.0
http_access allow all
never_direct allow all
  • The above parameters will let squid daemon know about a parent cache and squid can not connect directly to origin servers.

Root Cause

  • By default squid always contacts the origin server to satisfy https requests and it must be configured not to do this if you wish https requests sent to another proxy

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.

1 Comments

According to the Squid docs the all ACL has existed as a default since Squid version 3.0 (13 Dec 2007). In version 4.15 (at least), that line produces the following errors.

ERROR: '0.0.0.0/0.0.0.0' needs to be replaced by the term 'all'.
SECURITY NOTICE: Overriding config setting. Using 'all' instead.
WARNING: (B) '::/0' is a subnetwork of (A) '::/0'
WARNING: because of this '::/0' is ignored to keep splay tree searching predictable
WARNING: You should probably remove '::/0' from the ACL named 'all'