Installing 3proxy supporting http(s) and socks5-proxy

Since Squid is a resource intensive and difficult to configure program,  your clients may want to install a proxy-server on their server. You can offer them an easy-to-use server that supports http and socks.
It is strongly prohibited to install an unauthorized server, because it can be used for fraudulent actions, such as spamming.
Follow the procedures below to install and configure the server.


Install from ports:
# cd /usr/ports/net/3proxy/
# make install clean

Create a configuration file using this example:
# cp /usr/local/etc/3proxy.cfg.sample /usr/local/etc/3proxy.cfg
Create a directory for log-files:
# mkdir /var/log/3proxy
Edit
# vi /usr/local/etc/3proxy.cfg
Following is the example of the 3proxy.cfg configuration file that you will get after editing:
# Specify valid name servers. You can locate them on your VPS in /etc/resolv.conf
#
nserver 82.146.40.4
nserver 82.146.40.6
# Leave default cache size for DNS requests:
#
nscache 65536
# Leave default timeout as well:
#
timeouts 1 5 30 60 180 1800 15 60
# If your server has several IP-addresses, you need to provide an external one
# Alternatively, you may ignore this line
external 192.168.1.1
# Provide the IP-address to be listened
# If you ignore this line, proxy will listen all the server’s IP-addresses
internal 192.168.0.1
# Create users proxyuser1 and proxyuser2 and specify a password
#
users proxyuser1:CL:password1
users proxyuser2:CL:password2
# Specify daemon as a start mode
#
daemon
# and the path to logs, and log format. Creation date will be added to a log name
#
log /var/log/3proxy/3proxy.log D
logformat "- +_L%t.%. %N.%p %E %U %C:%c %R:%r %O %I %h %T"
# Compress the logs using gzip
#
archiver gz /usr/bin/gzip %F
# store the logs for 30 days
#
rotate 30
# Configuring http(s) proxy
#
# enable strong authorization
#
auth strong
# and restrict access for ports via http(s)-proxy
#
allow * * * 80-88,8080-8088 HTTP
allow * * * 443,8443 HTTPS
# run http-proxy без without ntlm-authorization
#
proxy -n
# Configuring socks5-proxy
#
# enable strong authorization
#
auth strong
# Purge the access-list of http-proxy
#
flush
# set the maximum number of simultaneous connections to 32
#
maxconn 32
# run socks
#
socks

Only root will be able to gain access to this file (because the access passwords are kept in this file).
# chmod 600 /usr/local/etc/3proxy.cfg
Add automatic start for 3proxy:
echo 'threeproxy_enable="YES"' >> /etc/rc.conf
Start it:
# /usr/local/etc/rc.d/3proxy start
You have successfully configured your server. Http-proxy is now running on port 3128, socks-proxy is running on port 1080.

Troubleshooting

Problem 1

You may not be able to access your newly created domain due to domain caching.

Problem 2

Your proxy-server with default ports is likely to be found. The log files will continue occupying free space.
In such cases you may:
# Change the ports.  However, they can be found in the future.
# Disable logging.
# Go to Firewall to provide addresses that will be allowed to access.

  • Facebook
  • Digg
  • Google Gmail
  • MySpace
  • Yahoo Mail
  • WordPress
  • Reddit
  • Google Reader
  • Yahoo Bookmarks
  • Windows Live Spaces
  • Blogger Post
  • Ask.com MyStuff
  • Mixx
  • StumbleUpon
  • LinkedIn
  • Google Bookmarks
  • AOL Mail
  • Twitter
  • Share/Bookmark
Posted on November 29, 2010