MiddleSquid is a redirector, url mangler and webpage interceptor for the Squid HTTP proxy.
Features
Assuming Squid is installed and running as user 'proxy'. These instructions were written for Arch Linux. Some adaptation to your favorite operating system may be necessary, at your discretion.
Dependencies:
sudo mkdir /home/proxy
sudo chown proxy:proxy /home/proxy
sudo usermod --home /home/proxy proxy
sudo su - proxy
gem install middle_squid
echo 'run lambda {|uri, extras| }' > middle_squid_config.rb
exit
Create the file /usr/local/bin/middle_squid_wrapper.sh:
#!/bin/sh
GEM_HOME=$(ruby -e 'puts Gem.user_dir')
exec $GEM_HOME/bin/middle_squid $*
Add these lines to your /etc/squid/squid.conf:
url_rewrite_program /usr/bin/sh /usr/local/bin/middle_squid_wrapper.sh start -C /home/proxy/middle_squid_config.rb
# required to fix HTTPS sites (if SslBump is enabled)
acl fix_ssl_rewrite method GET
acl fix_ssl_rewrite method POST
url_rewrite_access allow fix_ssl_rewrite
url_rewrite_access deny all
Finish with sudo squid -k reconfigure. Check /var/log/squid/cache.log for errors.
MiddleSquid is configured by the ruby script specified in the command line by the -C or --config-file argument.
The script must call the run method:
run lambda {|uri, extras|
# decide what to do with uri
}
The argument must be an object that responds to the call method and taking two arguments:
the URI to process and an array of extra data received from squid
(see url_rewrite_extras in
squid's documentation).
Write this in the file /home/proxy/middle_squid_config.rb we have created earlier:
run lambda {|uri, extras|
redirect_to 'http://duckduckgo.com' if uri.host.end_with? 'google.com'
}
Run sudo squid -k reconfigure again to restart all MiddleSquid processes.
You should now be redirected to http://duckduckgo.com each time you visit
Google under your Squid proxy.
While it may be fun to redirect yourself to an alternate search engine, MiddleSquid is more useful at blocking annoying advertisements and tracking services that are constantly watching your whereabouts.
MiddleSquid can scan any black list collection distributed in plain-text format and compatible with SquidGuard or Dansguardian, such as:
Replace the previous configuration in /home/proxy/middle_squid_config.rb
by this one:
database '/home/proxy/blacklist.db'
adv = blacklist 'adv'
tracker = blacklist 'tracker'
run lambda {|uri, extras|
if adv.include? uri
redirect_to 'http://your.webserver/block_pages/advertising.html'
end
if tracker.include? uri
redirect_to 'http://your.webserver/block_pages/tracker.html'
end
}
Next we have to download a blacklist and ask MiddleSquid to index its content in the database for fast access:
sudo su - proxy
# Download Shalla's Blacklists
wget "http://www.shallalist.de/Downloads/shallalist.tar.gz" -O shallalist.tar.gz
tar xzf shallalist.tar.gz
mv BL ShallaBlackList
# Construct the blacklist database
/usr/local/bin/middle_squid_wrapper.sh index ShallaBlackList -C /home/proxy/middle_squid_config.rb
exit
The index command above may take a while to complete. Once it's done, re-run squid -k reconfigure and
enjoy an internet without ads or tracking beacons.
MiddleSquid can also intercept the client's requests and modify the data sent to the browser. Let's translate a few click-bait headlines on BuzzFeed (check out Downworthy while you are at it):
CLICK_BAITS = {
'Literally' => 'Figuratively',
'Mind-Blowing' => 'Painfully Ordinary',
'Will Blow Your Mind' => 'Might Perhaps Mildly Entertain You For a Moment',
# ...
}.freeze
define_action :translate do |uri|
intercept {|req, res|
status, headers, body = download_like req, uri
content_type = headers['Content-Type'].to_s
if content_type.include? 'text/html'
CLICK_BAITS.each {|before, after|
body.gsub! before, after
}
end
[status, headers, body]
}
end
run lambda {|uri, extras|
if uri.host == 'www.buzzfeed.com'
translate uri
end
}
Don't use this feature unless you have the permission from all your users to do so. This indeed constitutes a man-in-the-middle attack and should be used with moderation.
MiddleSquid's documentation is hosted at http://rubydoc.info/gems/middle_squid/MiddleSquid.
index's output (everything is now sent to stderr)First public release.
git checkout -b my-new-feature)rake)git commit -am 'Add some feature')git push origin my-new-feature)FAQs
Unknown package
We found that middle_squid demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
A new site reviews software projects to reveal if they’re truly FOSS, making complex licensing and distribution models easy to understand.
Security News
Astral unveils pyx, a Python-native package registry in beta, designed to speed installs, enhance security, and integrate deeply with uv.
Security News
The Latio podcast explores how static and runtime reachability help teams prioritize exploitable vulnerabilities and streamline AppSec workflows.