- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - Linux
- >
- Re: proxy configuration
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-06-2000 05:20 PM
тАО12-06-2000 05:20 PM
Besides, i also need to clock some phono websides. So, any recommendation for this idea and HOW to implemet it. Is squid fullfil my requirements. ??
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-07-2000 12:58 AM
тАО12-07-2000 12:58 AM
SolutionFor real security you'll need a little bit more than a proxy server.
For a minimum security do the following:
Install two NIC Cards to your Linux maschine.
Switch off IP-Forwarding in your Kernel Configuration.
One connected to your internet Router with your offical IP Adress.
One to your internal Network. For the Interneal Network use RFC not-routed IP adresse (192,160.xxxx.xxx, 172.20.xxx.xxx, 10.xxx.xxx.xxx).
Install Squid for http, https and FTP to the internet.
In squid.conf set the access rules that only your internel network can access the proxy.
Don't start Inetd. Nomally you don't really use it. If you need to configure the Proxy Server remotely use the secure shell (ssh).
Don't install sendmail. If you need sendmail, be carefull. It musst be configured without relaying.
For more secutrity you can set access rules with "ipchains". But thats not easy.
For more access to the internet than www and ftp you can use IP Masquerading (aka NAT).
Hope this helps a little bit
so long
Ralf
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-07-2000 01:13 AM
тАО12-07-2000 01:13 AM
Re: proxy configuration
Sample
======
aclname = denied_hosts src 201.234.43.22
http_access allow all
http_access deny denied_hosts
How can I block the side with squid.conf
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-07-2000 02:16 AM
тАО12-07-2000 02:16 AM
Re: proxy configuration
You must deny first.
Sample
======
aclname = denied_hosts src 201.234.43.22
http_access deny denied_hosts
http_access allow all
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-07-2000 05:50 PM
тАО12-07-2000 05:50 PM
Re: proxy configuration
I do not want to block my clients PCs accessing to internet, BUT, i need to block / filter the website that they are acceessing to, example like porno websites. Is squid.conf can configure it ??
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-18-2000 03:27 AM
тАО12-18-2000 03:27 AM
Re: proxy configuration
ex:
aclname = denied_hosts src www.playboy.com , www.sex.com, 200.200.100.1
http_access deny denied_hosts
http_access allow all