If you work in IT--or identify as an Internet power user--chances are that you'll find yourself wanting to set up an Internet proxy server sooner or later. You may also decide that you want to do it using free, open source software. If so, you've come to the right place. In this article we take a look at three options for setting up a proxy server using open source proxy server software. Specifically, we'll consider OpenSSH, OpenVPN and Squid. We'll discuss the pros and cons of each approach.
To be clear, this article is not about how to configure your computer to work with a proxy server. That is a different, separate topic. Instead, we'll focus on setting up an internet proxy server, which you could then use to route traffic to other computers.
What Is a Proxy Server?
Before we dive into the details, let's make clear what an internet proxy server does and why you'd want to use one.
In short, a proxy server works as an intermediary for traffic sent between other computers. Rather than allowing two computers to communicate directly, you can use a proxy server to accept traffic from one computer and forward it to the other computer, and vice versa.
Why would you want to do this, you ask? Well, for a few reasons. One is security: A proxy server is a helpful way of shielding your local network from the public internet, while still allowing a pathway into the local network from the outside via the proxy. Another is privacy: Proxy servers can help to mask the location and identity of a computer user from other people on the internet. Finally, proxy servers can speed content delivery in some cases.
Now that we know what a proxy server does and why you'd use one, let's take a look at three ways to set up an open source proxy server.
Proxy Server Method One: OpenSSH
If you know anything about SSH, you know that SSH's primary function is to allow you to connect to other computers remotely. Indeed, SSH wasn't designed first and foremost as a proxy server solution. Nonetheless, it's quite possible to set up an OpenSSH server and use it as a proxy between other computers.
The downside of this approach includes the need to install SSH client software on the computers that will use the OpenSSH server as a proxy. In addition, because OpenSSH does not compress traffic by default, performance under this approach may be lackluster, depending on your bandwidth limitations and how much data you are routing through the proxy.
Still, OpenSSH has the advantages of being quite easy to set up. Plus, when you set up OpenSSH as a proxy server solution, you also get an SSH server, in case you ever need one. It's like getting two solutions for the effort of one. And if you want to make security really strict, you can combine SSH with other protocols, like RDP, to achieve a higher degree of data privacy and access control.
Proxy Server Method Two: OpenVPN
Strictly speaking, a VPN is not actually a proxy server. It's a secure tunnel that encrypts traffic among a particular group of computers.
However, a VPN server still fulfills the core functions of a proxy server. It makes it possible to obscure the IP addresses of computers on the VPN, and prevent exposure of those computers to the public internet, if desired.
Like OpenSSH, OpenVPN requires client computers to have the appropriate agent software--specifically, a VPN installed. It's typically easier to achieve good compression with OpenVPN than it is with OpenSSH, so proxy performance when using OpenVPN is likely to be better.
[Click here for best practices on securing your VPN.]
Proxy Server Method Three: Squid
Although Squid was designed primarily to serve as a Web proxy with caching features to speed content delivery, it can also be set up as a standard transparent proxy server.
Squid is most commonly deployed on Linux systems, but a Windows port is available.
The downsides of Squid are that, out of the three open source proxy server strategies described in this article, Squid is the most complex to set up. In addition, although Squid supports a few protocols other than HTTP, it doesn't work well with protocols like RDP.
One of the nice things about the world of open source software is that there are usually multiple tools available for achieving the same goal. This is certainly true when it comes to setting up an open source proxy server. Whether you want to operate your proxy over OpenSSH, OpenVPN or Squid--or another open source tool that didn't make it into this article--you have lots of choices.