Server Configuration
- Step #1 : Squid configuration so that it will act as a transparent proxy
- Step #2 : Iptables configuration
- a) Configure system as router
- b) Forward all http requests to 3128 (DNAT
# yum install squid*
First, Squid server installed (use up2date squid) and configured by adding following directives to file:# vi /etc/squid/squid.conf
Modify or add following squid directives:
http_port 3128list of networks from where browsing should be allowed.uncommnet this 2 line & define spacified network.acl our_networks src 192.168.0.0/24 http_access allow our_networks
If you want to block perticular website then you can set follwoing below process.but this line should be add in first of above 2 line, then it will be affected For a example we are ging to block orkut.com.
acl blocksite dstdomain .orkut.com
http_access deny blocksite
save & exit file.
Iptables configuration
Next, I had added following rules to forward all http requests (coming to port 80) to the Squid server port 3128 :iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j DNAT --to 192.168.0.0:3128
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128iptables -I INPUT -s 192.168.0.0/24 -p tcp --dport 3128 -j ACCEPTiptables -I INPUT -s 192.168.0.0/24 -p tcp --dport 80 -j ACCEPTiptables -I INPUT -s 192.168.0.0/24 -p udp --dport 3128 -j ACCEPTiptables -I INPUT -s 192.168.0.0/24 -p udp --dport 80 -j ACCEPT# /etc/init.d/iptables save# /etc/init.d/iptables restartStart or Restart the squid:
# /etc/init.d/squid restart
# chkconfig squid on
1 comment:
thanx for step my step config.
Post a Comment