Skip to content

Install Squid 3.5 from Source on Ubuntu 16.04

The following assumes a fresh install of Ubuntu 16.04.01 LTS.

First I’m going to modify the sources.list file of apt to allow downloading of sources in order to build dependencies for squid automatically.

sed -i 's/# deb-src/deb-src/g' /etc/apt/sources.list

Now I’m going to fully update the OS:

apt-get update
apt-get -y dist-upgrade

Next I would normally install the Hyper-V tools because my SQUID is going to be on a Hyper-V VM, but if you’re not using Hyper-V you can skip this:

apt-get -y install --install-recommends linux-virtual-lts-xenial linux-tools-virtual-lts-xenial linux-cloud-tools-virtual-lts-xenial

Now build the squid dependencies:

apt-get build-dep squid

At the time of this writing the latest stable version is 3.5.24 so download it:


extract it:

tar -xzf squid-3.5.24.tar.gz
cd squid-3.5.24

Now we need to configure it and build it…in my case I wanted to add support for WCCP, which is why I needed to build from source…below is the default configuration options for squid if you just used apt-get install squid, modify it if you need/want:

./configure '--build=x86_64-linux-gnu' '--prefix=/usr' '--includedir=${prefix}/include' '--mandir=${prefix}/share/man' '--infodir=${prefix}/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--libexecdir=${prefix}/lib/squid3' '--srcdir=.' '--disable-maintainer-mode' '--disable-dependency-tracking' '--disable-silent-rules' 'BUILDCXXFLAGS=-g -O2 -fPIE -fstack-protector-strong -Wformat -Werror=format-security -Wl,-Bsymbolic-functions -fPIE -pie -Wl,-z,relro -Wl,-z,now' '--datadir=/usr/share/squid' '--sysconfdir=/etc/squid' '--libexecdir=/usr/lib/squid' '--mandir=/usr/share/man' '--enable-inline' '--disable-arch-native' '--enable-async-io=8' '--enable-storeio=ufs,aufs,diskd,rock' '--enable-removal-policies=lru,heap' '--enable-delay-pools' '--enable-cache-digests' '--enable-icap-client' '--enable-follow-x-forwarded-for' '--enable-auth-basic=DB,fake,getpwnam,LDAP,NCSA,NIS,PAM,POP3,RADIUS,SASL,SMB' '--enable-auth-digest=file,LDAP' '--enable-auth-negotiate=kerberos,wrapper' '--enable-auth-ntlm=fake,smb_lm' '--enable-external-acl-helpers=file_userip,kerberos_ldap_group,LDAP_group,session,SQL_session,unix_group,wbinfo_group' '--enable-url-rewrite-helpers=fake' '--enable-eui' '--enable-esi' '--enable-icmp' '--enable-zph-qos' '--enable-ecap' '--disable-translation' '--with-swapdir=/var/spool/squid' '--with-logdir=/var/log/squid' '--with-pidfile=/var/run/' '--with-filedescriptors=65536' '--with-large-files' '--with-default-user=proxy' '--enable-build-info=Ubuntu linux' '--enable-linux-netfilter' 'build_alias=x86_64-linux-gnu' 'CFLAGS=-g -O2 -fPIE -fstack-protector-strong -Wformat -Werror=format-security -Wall' 'LDFLAGS=-Wl,-Bsymbolic-functions -fPIE -pie -Wl,-z,relro -Wl,-z,now' 'CPPFLAGS=-Wdate-time -D_FORTIFY_SOURCE=2' 'CXXFLAGS=-g -O2 -fPIE -fstack-protector-strong -Wformat -Werror=format-security'

In my case I was perfectly happy with the Ubuntu defaults so I just added ‘–enable-wccpv2’ to that list of configuration options in order to support WCCP.

Now you can make and install it:

make install

You can also optionally install the pinger:

make install-pinger

Now that Squid is installed you need to set some permissions:

chown -R proxy:proxy /etc/squid /var/log/squid

Those are the minimum permissions to set, however, if you plan on using caching also include your cache folder location.

Now in order to get Squid to start at boot do this:

cp ./tools/systemd/squid.service /etc/systemd/system/
systemctl enable squid

I suggest restarting the system at this point and verify everything comes up nicely.

Published inTech


Leave a Reply

Your email address will not be published. Required fields are marked *