[root@server1 ~] vim /etc/sysctl.con
net.ipv4.ip_forward = 1
[root@server1 ~]iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
your client will be internet via Proxy
############################################## Transparent Proxy ###################################################
# vim /etc/squid/squid.conf
visible_hostname murad
http_port 3128 transparent
############## Inser Acl Section ########################
# Allow My Networks
acl mynetworks src 192.168.0.0/24
# from where browsing should be allowed
http_access allow mynetworks
[root@server1 ~]# iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 3128 -j ACCEPT
[root@server1 ~]# iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-ports 3128
[root@server1 ~]# iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j REDIRECT --to-ports 3128
[root@server1 ~]# service squid restart
Stopping squid: ................ [ OK ]
Starting squid: . [ OK ]
############################ Block Website ################################
# vim /etc/squid/badsite.conf
www.facebook.com
www.google.com
www.yahoo.com
# Allow My Networks
acl mynetworks src 192.168.0.0/24
##Add acl Badsites##
acl badsite dstdomain "/etc/squid/badsite.conf"
# Deny IP Address Range
acl denyip src 192.168.0.14
# Allow IP Address Range
acl allowip src 192.168.0.1-10
# Download Limit
acl Group1 src 192.168.0.1-192.168.0.10/24
reply_body_max_size 64 KB Group1
#
# Recommended minimum Access Permission configuration:
#
# Only allow cachemgr access from localhost
http_access allow manager
http_access deny manager
# Deny IP Address Range
http_access deny denyip
# Allow IP Address Range
http_access allow allowip
##Deny access to badsites##
http_access deny badsite
Read More
net.ipv4.ip_forward = 1
[root@server1 ~]iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
your client will be internet via Proxy
############################################## Transparent Proxy ###################################################
# vim /etc/squid/squid.conf
visible_hostname murad
http_port 3128 transparent
############## Inser Acl Section ########################
# Allow My Networks
acl mynetworks src 192.168.0.0/24
# from where browsing should be allowed
http_access allow mynetworks
[root@server1 ~]# iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 3128 -j ACCEPT
[root@server1 ~]# iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-ports 3128
[root@server1 ~]# iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j REDIRECT --to-ports 3128
[root@server1 ~]# service squid restart
Stopping squid: ................ [ OK ]
Starting squid: . [ OK ]
############################ Block Website ################################
# vim /etc/squid/badsite.conf
www.facebook.com
www.google.com
www.yahoo.com
# Allow My Networks
acl mynetworks src 192.168.0.0/24
##Add acl Badsites##
acl badsite dstdomain "/etc/squid/badsite.conf"
# Deny IP Address Range
acl denyip src 192.168.0.14
# Allow IP Address Range
acl allowip src 192.168.0.1-10
# Download Limit
acl Group1 src 192.168.0.1-192.168.0.10/24
reply_body_max_size 64 KB Group1
#
# Recommended minimum Access Permission configuration:
#
# Only allow cachemgr access from localhost
http_access allow manager
http_access deny manager
# Deny IP Address Range
http_access deny denyip
# Allow IP Address Range
http_access allow allowip
##Deny access to badsites##
http_access deny badsite
Read More
0 comments:
Post a Comment
Attention: Please don't use spammy comments here. else ur comment will be remove automatically. Thank you.