Squid -
Squid is a proxy caching server. If you are Linux sysadmin, you can use squid to control internet access at your work environment.
Packages- squid
Port No- 3128(TCP),2679 (UDP)
Daemon- squid
Script- /etc/init.d/squid
Conf file- /etc/squid/squid.conf
Requierd- 2 Lan card (eth0,eth1)
Configure Server Side-
1-> Install Package
# yum install squid* -y
oaded plugins: refresh-packagekit, rhnplugin
Running Transaction
Installing : 7:squid-3.1.4-1.el6.x86_64 1/1
Installed:
squid.x86_64 7:3.1.4-1.el6
# netstat -ntlp (Show port)
# service squid restart
Complete!
2-> Now configur conf file-->>
# vim /etc/squid/squid.conf
# uncomment
# Squid normally listens to port 3128
http_port 3128
#To block a particular Network:
acl my_net src 192.168.0.0/24 192.168.1.0/24
http_access allow my_net
#To block a particular ip:
acl bad_ip src 192.168.0.21
acl bad_ip src 192.168.0.22
http_access deny bad_ip
#To block a particular URL:
acl bad_site dst www.yahoo.com
http_access deny bad_site
#To block only one domain:
acl block_orkut dstdomain .orkut.com
http_access deny block_orkut
#To block a list of sites from / specified in a file:
acl block_list url_regex "/etc/squid/block_list.txt"
http_access deny block_list
#Blocking web access by time:
#acl aclname time [day-abbrevs] [h1:m1-h2:m2]
#h1:m1 must be less than h2:m2
#Day-abbrevs:
#S - Sunday,M - Monday,T – Tuesday,W - Wednesday,H - Thursday,F - Friday,A - Saturday
acl mynetwork src 192.168.0.0/255.255.255.0
acl Break time MTWHFA 02:32-03:00
http_access deny mynetwork Break
#To block the URLs contains the word "word":
acl block_word_url url_regex sex
http_access deny block_word_url
#To prevent downloading files:
acl block_exe url_regex .*\.exe$
http_access deny block_exe
#To block access to some TLDs:
acl block_tld dstdom_regex \.uk$
http_access deny block_tld
3-> Now create block file and service restart
# cat >/etc/squid/block_list.txt
www.hotmail.com
www.ibm.com
www.hp.com
4-> Restart Service-
# /etc/init.d/squid restart
Stopping squid: [FAILED]
Starting squid: . [ OK ]
# chkconfig squid on
Configure Client Side-
Open Firefox-->Menu--> Edit-Preference-->pic-1
-->Then Click Advanced--> Network--> Setting--> Pic-2
-->Type Proxy (SQUID)Server ip [192.168.0.254] --> SQUID Port No. [3128]-->
Check use this proxy server for all protocols--> Thne click OK...
Now Open Browser and Check--
I hope You Like It..
So Enjoy...
Squid is a proxy caching server. If you are Linux sysadmin, you can use squid to control internet access at your work environment.
Packages- squid
Port No- 3128(TCP),2679 (UDP)
Daemon- squid
Script- /etc/init.d/squid
Conf file- /etc/squid/squid.conf
Requierd- 2 Lan card (eth0,eth1)
Configure Server Side-
1-> Install Package
# yum install squid* -y
oaded plugins: refresh-packagekit, rhnplugin
Running Transaction
Installing : 7:squid-3.1.4-1.el6.x86_64 1/1
Installed:
squid.x86_64 7:3.1.4-1.el6
# netstat -ntlp (Show port)
# service squid restart
Complete!
2-> Now configur conf file-->>
# vim /etc/squid/squid.conf
# uncomment
# Squid normally listens to port 3128
http_port 3128
#To block a particular Network:
acl my_net src 192.168.0.0/24 192.168.1.0/24
http_access allow my_net
#To block a particular ip:
acl bad_ip src 192.168.0.21
acl bad_ip src 192.168.0.22
http_access deny bad_ip
#To block a particular URL:
acl bad_site dst www.yahoo.com
http_access deny bad_site
#To block only one domain:
acl block_orkut dstdomain .orkut.com
http_access deny block_orkut
#To block a list of sites from / specified in a file:
acl block_list url_regex "/etc/squid/block_list.txt"
http_access deny block_list
#Blocking web access by time:
#acl aclname time [day-abbrevs] [h1:m1-h2:m2]
#h1:m1 must be less than h2:m2
#Day-abbrevs:
#S - Sunday,M - Monday,T – Tuesday,W - Wednesday,H - Thursday,F - Friday,A - Saturday
acl mynetwork src 192.168.0.0/255.255.255.0
acl Break time MTWHFA 02:32-03:00
http_access deny mynetwork Break
#To block the URLs contains the word "word":
acl block_word_url url_regex sex
http_access deny block_word_url
#To prevent downloading files:
acl block_exe url_regex .*\.exe$
http_access deny block_exe
#To block access to some TLDs:
acl block_tld dstdom_regex \.uk$
http_access deny block_tld
3-> Now create block file and service restart
# cat >/etc/squid/block_list.txt
www.hotmail.com
www.ibm.com
www.hp.com
4-> Restart Service-
# /etc/init.d/squid restart
Stopping squid: [FAILED]
Starting squid: . [ OK ]
# chkconfig squid on
Configure Client Side-
Open Firefox-->Menu--> Edit-Preference-->pic-1
-->Then Click Advanced--> Network--> Setting--> Pic-2
-->Type Proxy (SQUID)Server ip [192.168.0.254] --> SQUID Port No. [3128]-->
Check use this proxy server for all protocols--> Thne click OK...
Now Open Browser and Check--
I hope You Like It..
So Enjoy...
0 comments: