Saturday, December 3, 2011

How to configure 3proxy as http proxy

In some situation, you will need a very light weight http proxy to redirect traffic. For example in my company, there are multi LAN, my LAN is with 1Mbps, and another is with 25Mbps, so I set a 3proxy on one computer in LAN Then I get 25Mbps when I access through my proxy.

To set up 3proxy as http proxy following instruction below:

1. download 3proxy from
2. then extract it to a folder
3. create a configuration file, what us need to change is highlight with  red

nserver   #dns server
nserver   #dns server
# nscache is good to save speed, traffic and bandwidth
nscache 65536

# nobody will be able to access by the name.
# will resolve to for
# clients

timeouts 1 5 30 60 180 1800 15 60
# Here we can change timeout values

users dara:CL:dara              # username dara password dara, use for authentication
users 3APA3A:CL:3apa3a "test:CR:$1$qwer$CHFTUFGqkjue9HyhcMHEe1"
# note that "" required, overvise $... is treated as include file name.
# $1$qwer$CHFTUFGqkjue9HyhcMHEe1 is 'test' in MD5 crypt format.
#users $/usr/local/etc/3proxy/passwd
# this example shows you how to include passwd file. For included files
# <CR> and <LF> are treated as field separators.

# now we will not depend on any console (daemonize). daemon must be given
# before any significant command on *nix.

# service is required under NT if you want 3proxy to start as service

#log /usr/local/etc/3proxy/logs/3proxy.log D
#log c:\3proxy\logs\3proxy.log D
# log allows to specify log file location and rotation, D means logfile
# is created daily

#logformat "L%d-%m-%Y %H:%M:%S %z %N.%p %E %U %C:%c %R:%r %O %I %h %T"
#logformat "Linsert into log (l_date, l_user, l_service, l_in, l_out, l_descr) values ('%d-%m-%Y %H:%M:%S', '%U', '%N', %I, %O, '%T')"
#Compatible with Squid access.log:
#"- +_G%t.%. %D %C TCP_MISS/200 %I %1-1T %2-2T %U DIRECT/%R application/unknown"
#or, more compatible format without %D
#"- +_G%t.%.      1 %C TCP_MISS/200 %I %1-1T %2-2T %U DIRECT/%R application/unknown"
#Compatible with ISA 2000 proxy WEBEXTD.LOG (fields are TAB-delimited):
#"-    + L%C    %U    Unknown    Y    %Y-%m-%d    %H:%M:%S    w3proxy    3PROXY    -    %n    %R    %r    %D    %O    %I    http    TCP    %1-1T    %2-2T    -    -    %E    -    -    -"
#Compatible with ISA 2004 proxy WEB.w3c
#"-    + L%C    %U    Unknown    %Y-%m-%d    %H:%M:%S    3PROXY    -    %n    %R    %r    %D    %O    %I    http    %1-1T    %2-2T    -    %E    -    -    Internal    External    0x0    Allowed"
#Compatible with ISA 2000/2004 firewall FWSEXTD.log (fields are TAB-delimited):
#"-    + L%C    %U    unnknown:0:0.0    N    %Y-%m-%d    %H:%M:%S    fwsrv    3PROXY    -    %n    %R    %r    %D    %O    %I    %r    TCP    Connect    -    -    -    %E    -    -    -    -    -"
#Compatible with HTTPD standard log (Apache and others)
#"-""+_L%C - %U [%d/%o/%Y:%H:%M:%S %z] ""%T"" %E %I"
#or more compatible without error code
#"-""+_L%C - %U [%d/%o/%Y:%H:%M:%S %z] ""%T"" 200 %I"

# in log file we want to have underscores instead of spaces
logformat "- +_L%t.%.  %N.%p %E %U %C:%c %R:%r %O %I %h %T"

archiver rar rar a -df -inul %A %F

rotate 30
# We will keep last 30 log files

auth iponly

# external is address 3proxy uses for outgoing connections. means any
# interface. Using is not good because it allows to connect to

internal          #IP address of computer running 3proxy

auth none
# no authentication is requires


#external $./external.ip
#internal $./internal.ip
# this is just an alternative form fo giving external and internal address
# allows you to read this addresses from files

auth strong
# We want to protect internal interface
deny * *,
# and llow HTTP and HTTPS traffic.
allow * * * 80-88,8080-8088 HTTP
allow * * * 443,8443 HTTPS
proxy -n -p455         #set it to listen on port 455, if we keep default it will listen on port 3128

auth none
# pop3p will be used without any authentication. It's bad choice
# because it's possible to use pop3p to access any port

tcppm 25 25

auth strong
allow 3APA3A,test
maxconn 20
# for socks we will use password authentication and different access control -
# we flush previously configured ACL list and create new one to allow users
# test and 3APA3A to connect from any location

auth strong
allow 3APA3A
maxconn 3

4. it is time to run it, open cmd then change directory to 3proxy bin directory
 C:\Users\Downloads\tes\bin>3proxy.exe ..\cfg\3proxy.cfg.sample

 (execute 3proxy with its configuration that we just edited.)

the 3proxy configuration file sample is contained in its package


  1. Thank you, this is very helpful and worked perfectly.

  2. At the point when a client on the Internet asks for information from a web serverprotected by an invert proxy, the switch proxy blocks the demand andensures that the information contained in the demand is satisfactory. mexico web proxy

  3. This comment has been removed by the author.

  4. When trying to look for a fast server for your VPN, you need to know the country in which the server is located.

  5. It was a very good post indeed. I thoroughly enjoyed reading it in my lunch time. Will surely come and visit this blog more often. Thanks for sharing. click here

  6. I hope you will share such type of impressive contents again with us so that we can utilize it and get more advantage. click here

  7. This is a great high resolution screen which you have shared for the users. Making a website is not an easy task but managing a good website is really a hard work. As far as this website is concerned, I am very happy.

  8. This article gives the light in which we can watch the truth. This is exceptionally decent one and gives indepth data. A debt of gratitude is in order for this decent article.  getmoreprivacy

  9. A fascinating dialog is value remark. I feel that it is best to compose more on this matter, it may not be an unthinkable theme however generally people are insufficient to chat on such subjects. To the following. Salud.

  10. You can put your mouse over the symbol to get the status and tap on it to get more subtle elements.