Configuring proxy settings on Linux can enhance security, privacy, and control over network traffic. Whether you need to route your traffic through an HTTP or SOCKS5 proxy, or you’re managing a forward or reverse proxy, Linux offers flexible options for setup. In this guide, we’ll cover the differences between HTTP and SOCKS5 proxies, explore the use cases for forward and reverse proxies, and walk you through the steps to configure both types of proxies on your Linux system—either through the terminal or by using Squid. 

What is a proxy in Linux?

A proxy in Linux acts as an intermediary between your device and the internet, routing your network traffic through a separate server. This setup can be used for various purposes, such as enhancing privacy, controlling access, or bypassing restrictions. In Linux, proxies are commonly configured for both HTTP and SOCKS5 protocols, depending on your needs. By setting up a proxy server in Linux, you can manage how traffic is handled across networks.

Forward vs. Reverse proxy in Linux

In Linux, proxies can be configured as either forward or reverse proxies, depending on the use case. A forward proxy in Linux routes client requests to the internet, masking the client’s IP address and allowing you to bypass restrictions, apply caching, or increase security. For instance, setting up a forward proxy in Linux can help anonymize your browsing or regulate internet access in a network, making it a common choice for personal and organizational use.

A reverse proxy in Linux, on the other hand, manages traffic from external users to internal servers. It acts as a gateway that forwards client requests to the appropriate backend servers, commonly used for load balancing, improving performance, and enhancing security in server environments. Linux-based reverse proxies are often deployed in web server setups to efficiently distribute traffic.

In this article, we’ll focus on configuring a forward proxy in Linux, as it's the most relevant for managing outbound traffic from clients.

HTTP vs. SOCKS5 proxy in Linux

In Linux, you can configure either an HTTP or SOCKS5 proxy based on your specific network needs.

• An HTTP proxy in Linux is primarily used to handle HTTP/HTTPS traffic. It's commonly set up when you need to filter, cache, or control web traffic across a network. For instance, using an HTTP proxy on Linux is useful for browsing restricted websites, improving load times through caching, or anonymizing web traffic.

• A SOCKS5 proxy in Linux, however, is more versatile. It operates at a lower level, capable of routing any kind of traffic, not just web traffic. Whether you're using FTP, P2P applications, or even gaming, SOCKS5 proxies in Linux provide a flexible option for bypassing geo-restrictions or securely tunneling network data across different applications.

Here’s a comparison of the two:

Prerequisites

Before configuring proxy settings on Linux, you need to ensure your system is properly set up. Here’s what you need to get started:

• Linux Setup: Make sure you have a functioning Linux distribution like Ubuntu, Fedora, or CentOS installed on your system. Most modern Linux distros come with essential tools like curl and network utilities that are useful when configuring proxy settings.

• Install Essential Packages: To set up a proxy, you'll need some basic tools. Use the package manager for your distro to install them if they aren't already available. For example:some text
  • On Ubuntu/Debian, run:

sudo apt update && sudo apt install curl

• On Fedora/CentOS, run:

sudo dnf install curl

• Register on Webshare: To start using free proxies, you can register for an account on Webshare. After registration, you’ll get access to free proxy servers that can be used in your Linux proxy configuration.

HTTP proxy setup methods on LinuxThere are several ways to set up an HTTP proxy in Linux. We’ll explore two common methods: configuring the proxy using the terminal and using Squid, a popular proxy management tool.Using TerminalThe terminal method is simple and works well for temporary proxy settings. It allows you to export the proxy settings to your environment variables.

• Set HTTP Proxy using export: To configure an HTTP proxy temporarily, you can use the export command. This method directs traffic through the proxy for the current terminal session only.

export http_proxy=http://username:password@proxyserver:port/
export https_proxy=http://username:password@proxyserver:port/

Replace username, password, proxyserver, and port with your actual proxy credentials and details. If the proxy doesn’t require authentication, omit the username:password@ part.

• Make the HTTP Proxy Persistent: If you want to make the proxy settings persistent across all terminal sessions, add the export commands to your shell configuration file. For Bash, edit .bashrc or .bash_profile:

nano ~/.bashrc

Add the following lines at the end of the file:

export http_proxy=http://username:password@proxyserver:port/
export https_proxy=http://username:password@proxyserver:port/

Save the file and apply the changes:

source ~/.bashrc

• Test the HTTP Proxy Settings: To ensure the proxy is working, use curl to test your connection:

curl -I https://www.example.com

Using Squid

Squid is a powerful, full-featured HTTP proxy server commonly used in Linux environments for caching and web traffic filtering. Below are the steps to install and configure Squid for HTTP proxying.

Install Squid: First, install Squid on your Linux system:some text

• On Ubuntu/Debian:

sudo apt update
sudo apt install squid

• On Fedora:

sudo dnf install squid

• Configure Squid for HTTP Proxy: After installation, the default Squid configuration file is located at /etc/squid/squid.conf. You’ll need to modify this file to set up the proxy.

Open the configuration file for editing:

sudo nano /etc/squid/squid.conf

Look for the line that says http_port 3128. This is the default port for Squid, but you can change it if needed by specifying a different port number.

Next, allow access to the proxy by adding an access control list (ACL). For example, to allow access from all local network clients, add the following lines:

acl localnet src 192.168.0.0/16  # Define your local network range
http_access allow localnet

• Enable Authentication (Optional): If you want to secure your proxy with authentication, add the following lines to the squid.conf file:

auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/squid_passwd
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
acl auth_users proxy_auth REQUIRED
http_access allow auth_users

You’ll need to create the squid_passwd file and add your users with hashed passwords. Use the htpasswd tool to create a password file:

sudo htpasswd -c /etc/squid/squid_passwd your_username

Use -c only for the first user to create the file; for subsequent users, omit -c.

• Restart Squid: After editing the configuration, restart Squid to apply the changes:

sudo systemctl restart squid

• Test the Proxy: Once Squid is running, you can test the HTTP proxy by configuring your web browser or applications to use the proxy server (e.g., http://your_server_ip:3128).

• Monitor Squid Logs: Squid logs can provide insight into traffic and help troubleshoot issues. You can view Squid logs in the /var/log/squid/ directory:

tail -f /var/log/squid/access.log

SOCKS5 proxy setup methods on Linux

In addition to HTTP proxies, you can configure SOCKS5 proxies on Linux, which provide more flexibility for handling various types of traffic. Below are two common methods: setting up a SOCKS5 proxy via the terminal and using Squid.

Using Terminal

One of the simplest ways to set up a SOCKS5 proxy on Linux is by using terminal commands. A common tool for this is ssh, which can create a secure SOCKS5 tunnel.

• Set Up a SOCKS5 Proxy Using SSH: If you have SSH access to a remote server, you can quickly create a SOCKS5 proxy using this command:

ssh -D 1080 -q -C -N username@remote_host

-D 1080: This opens a dynamic port forwarding (SOCKS5 proxy) on port 1080.

-q: Runs SSH in quiet mode.

-C: Enables compression to improve performance.

-N: Tells SSH to not execute any remote commands, just create the tunnel.

Replace username and remote_host with your SSH credentials and remote server’s IP or hostname. This command will create a SOCKS5 proxy on your local machine (localhost) on port 1080.

• Configure Applications to Use the SOCKS5 Proxy: Once the proxy is running, you’ll need to configure your browser or other applications to use it. For example, in Firefox:some text
  • Go to Settings > Network Settings > Manual Proxy Configuration.
  • Set the SOCKS Host to localhost and the port to 1080.

• Set Proxy via Environment Variables: If you want to direct command-line tools (such as curl or wget) through the SOCKS5 proxy, set the environment variables:

export ALL_PROXY=socks5://localhost:1080

This will apply the SOCKS5 proxy to all outgoing traffic for terminal-based applications that respect the ALL_PROXY variable.

• Testing the SOCKS5 Proxy: You can test the SOCKS5 proxy using a tool like curl to see if traffic is routed through the proxy:

curl --socks5 localhost:1080 https://www.example.com

If the proxy is correctly set up, the request will go through the SOCKS5 proxy.

Using Squid

Squid is a robust proxy server that can be configured to support SOCKS5. While it is natively an HTTP proxy server, additional configuration or external modules can be used to enable SOCKS5 proxying. Below are the general steps for configuring Squid for SOCKS5 proxying.

• Install Squid: First, ensure Squid is installed on your Linux system as mentioned in the above section.
• Install dante-server for SOCKS5 Support (Optional): To provide native SOCKS5 support on Squid, you can use Dante, a SOCKS proxy server. Install it alongside Squid:some text
• On Ubuntu/Debian:

sudo apt install dante-server

• On Fedora/CentOS:

sudo dnf install dante-server

• Configure Squid to Use SOCKS5 (via Dante): After installation, configure dante-server to handle SOCKS5 connections. Edit the configuration file for Dante, typically located at /etc/danted.conf.

Here’s the example configuration:

logoutput: stderr
internal: eth0 port = 1080
external: eth0
method: username
user.privileged: proxyuser
client pass {
    from: 0.0.0.0/0 to: 0.0.0.0/0
}
pass {
    from: 0.0.0.0/0 to: 0.0.0.0/0
    protocol: tcp udp
}

Set the internal interface and port for SOCKS5 (port = 1080). Use eth0 as the external and internal interfaces (replace it with your actual network interface if necessary).

• Start the Dante SOCKS5 Proxy Server: Once the configuration is in place, start the dante-server:

sudo systemctl start danted
sudo systemctl enable danted

• Configure Squid to Route Traffic: If you're using Squid alongside Dante, configure Squid to route traffic through the SOCKS5 proxy. Edit the /etc/squid/squid.conf file and modify the cache peer settings to use SOCKS5:

cache_peer localhost parent 1080 0 no-query default

• Restart Squid and Dante: After all configurations are set, restart both services:

sudo systemctl restart squid
sudo systemctl restart danted

• Testing the SOCKS5 Proxy: As with HTTP, you can test the SOCKS5 proxy using your browser or terminal commands to ensure it’s functioning properly.

Wrapping up: proxy settings in Linux

Configuring proxy settings on Linux provides a flexible and powerful way to enhance your network's security and manage internet traffic. Whether using HTTP or SOCKS5 proxies, these methods ensure better control over your connections, making Linux an ideal platform for proxy management.