Installing 3proxy supporting http(s) and socks5-proxy

Since Squid is a resource intensive and difficult to configure program,  your clients may want to install a proxy-server on their server. You can offer them an easy-to-use server that supports http and socks.
It is strongly prohibited to install an unauthorized server, because it can be used for fraudulent actions, such as spamming.
Follow the procedures below to install and configure the server.

Install from ports:
# cd /usr/ports/net/3proxy/
# make install clean

Create a configuration file using this example:
# cp /usr/local/etc/3proxy.cfg.sample /usr/local/etc/3proxy.cfg
Create a directory for log-files:
# mkdir /var/log/3proxy
# vi /usr/local/etc/3proxy.cfg
Following is the example of the 3proxy.cfg configuration file that you will get after editing:
# Specify valid name servers. You can locate them on your VPS in /etc/resolv.conf
# Leave default cache size for DNS requests:
nscache 65536
# Leave default timeout as well:
timeouts 1 5 30 60 180 1800 15 60
# If your server has several IP-addresses, you need to provide an external one
# Alternatively, you may ignore this line
# Provide the IP-address to be listened
# If you ignore this line, proxy will listen all the server’s IP-addresses
# Create users proxyuser1 and proxyuser2 and specify a password
users proxyuser1:CL:password1
users proxyuser2:CL:password2
# Specify daemon as a start mode
# and the path to logs, and log format. Creation date will be added to a log name
log /var/log/3proxy/3proxy.log D
logformat "- +_L%t.%. %N.%p %E %U %C:%c %R:%r %O %I %h %T"
# Compress the logs using gzip
archiver gz /usr/bin/gzip %F
# store the logs for 30 days
rotate 30
# Configuring http(s) proxy
# enable strong authorization
auth strong
# and restrict access for ports via http(s)-proxy
allow * * * 80-88,8080-8088 HTTP
allow * * * 443,8443 HTTPS
# run http-proxy без without ntlm-authorization
proxy -n
# Configuring socks5-proxy
# enable strong authorization
auth strong
# Purge the access-list of http-proxy
# set the maximum number of simultaneous connections to 32
maxconn 32
# run socks

Only root will be able to gain access to this file (because the access passwords are kept in this file).
# chmod 600 /usr/local/etc/3proxy.cfg
Add automatic start for 3proxy:
echo 'threeproxy_enable="YES"' >> /etc/rc.conf
Start it:
# /usr/local/etc/rc.d/3proxy start
You have successfully configured your server. Http-proxy is now running on port 3128, socks-proxy is running on port 1080.


Problem 1

You may not be able to access your newly created domain due to domain caching.

Problem 2

Your proxy-server with default ports is likely to be found. The log files will continue occupying free space.
In such cases you may:
# Change the ports.  However, they can be found in the future.
# Disable logging.
# Go to Firewall to provide addresses that will be allowed to access.

  • Facebook
  • Digg
  • Google Gmail
  • MySpace
  • Yahoo Mail
  • WordPress
  • Reddit
  • Google Reader
  • Yahoo Bookmarks
  • Windows Live Spaces
  • Blogger Post
  • MyStuff
  • Mixx
  • StumbleUpon
  • LinkedIn
  • Google Bookmarks
  • AOL Mail
  • Twitter
  • Share/Bookmark
Posted on November 29, 2010