Step 3: Build Squid 4

In order to get Squid 4 on Ubuntu 18 LTS we will use the original version from Debian Unstable Repository with several additions necessary for SSL Bump and HTTPS filtering. Run script 03_build_squid.sh from our GitHub repository to do the compilation.

#!/bin/bash

if [[ $EUID -eq 0 ]]; then
   echo "This script must NOT be run as root" 1>&2
   exit 1
fi

# drop squid build folder
rm -R build/squid

# we will be working in a subfolder make it
mkdir -p build/squid

# copy the patches to the working folder
cp rules.patch build/squid/rules.patch

# set squid version
source squid.ver

# decend into working directory
pushd build/squid

# get squid from debian experimental
wget http://http.debian.net/debian/pool/main/s/squid/squid_${SQUID_PKG}.dsc
wget http://http.debian.net/debian/pool/main/s/squid/squid_${SQUID_VER}.orig.tar.gz
wget http://http.debian.net/debian/pool/main/s/squid/squid_${SQUID_PKG}.debian.tar.xz

# unpack the source package
dpkg-source -x squid_${SQUID_PKG}.dsc

# modify configure options in debian/rules, add --enable-ssl --enable-ssl-crtd
patch squid-${SQUID_VER}/debian/rules < ../../rules.patch

# build the package
cd squid-${SQUID_VER} && dpkg-buildpackage -rfakeroot -b

# and revert
popd

Rules patch file adds specific compilation arguments to enable SSL bumping on Squid 4.

--- rules   2018-01-23 10:39:24.000000000 +0100
+++ rules.new   2018-02-07 22:07:59.285432839 +0100
@@ -30,6 +30,9 @@
        --enable-delay-pools \
        --enable-cache-digests \
        --enable-icap-client \
+       --enable-ssl \
+       --enable-ssl-crtd \
+       --with-openssl \
        --enable-follow-x-forwarded-for \
        --enable-auth-basic="DB,fake,getpwnam,LDAP,NCSA,NIS,PAM,POP3,RADIUS,SASL,SMB" \
        --enable-auth-digest="file,LDAP" \

squid.ver file is just to easier manage Squid versions in script.

#!/usr/bin/env bash

# set squid version
SQUID_VER="4.4"
SQUID_PKG="${SQUID_VER}-1"

After build is successful, run script 04_install_squid.sh from our GitHub repository to install Squid.

#!/bin/bash

if [[ $EUID -ne 0 ]]; then
   echo "This script must be run as root" 1>&2
   exit 1
fi

# set squid version
source squid.ver

# decend into working directory
pushd build/squid

# install squid packages
sudo apt-get install squid-langpack
dpkg --install squid-common_${SQUID_PKG}_all.deb
dpkg --install squid_${SQUID_PKG}_amd64.deb
dpkg --install squidclient_${SQUID_PKG}_amd64.deb

# and revert
popd

Press Next to continue to Step 4.