Setup Proxy Server

-
The attachment is the zip file for windows (I have tested it on windows 7. below steps is wriiten based on the test)
The steps:
1. unzip the file to c:\
2. change the file name in folder c:\squid\etc
mime.conf.default --> mime.conf
squid.conf.default --> squid.conf
cachemgr.conf.default --> cachemgr.conf
3. modify the c:\squid\etc\squid.conf
a. Change the network to your local network
Example
Before:
acl localnet src 10.0.0.0/8    # RFC1918 possible internal network
acl localnet src 172.16.0.0/12    # RFC1918 possible internal network
acl localnet src 192.168.0.0/16    # RFC1918 possible internal network
Change to:

acl localnet src 12.11.0.0/24   # RFC1918 possible internal network
#acl localnet src 172.16.0.0/12    # RFC1918 possible internal network
#acl localnet src 192.168.0.0/16    # RFC1918 possible internal network
b. Change the DNS ip address
Example
Before:
#    Example: dns_nameservers 10.0.0.1 192.172.0.4
Change to:
dns_nameservers 8.8.8.8
(When start service, the error 1067 come out, one possible reason is the dns setting got problem. You may the file c:\squid\var\logs\cache.log to find detail error information)
If there is no dns server to set, seting:
dns_testnames 0.0.0.0
c. Change http_port to the proxy ip address
Example: http_port 10.100.10.23:3128
4. open the command windows
5. go to the folder c:\squid\sbin
6. input command: squid.exe -i
The output should be:












7. input command: squid.exe -z
The output should be


8. go to the control panel/administrative tools/services start the service squid
9. check the status of service squid in taskmanager
10. open command windows, and input command: telnet 127.0.0.1 3128 to check the status of the port
11. in the client server, open command windows, and input command: telnet <proxy server ip> 3128 to check the status of the port
12. change the proxy setting in IE in the client server to check the result
13. If update the configuration file, need to reload configuration file. input command: squid.exe -k reconfigure
Additional
1. uninstall the software: squid.exe -r
2. If there is a upstream proxy you may add below sentence under http_port setting in the squid.conf file
never_direct allow all
cache_peer <parent IP address> parent <parent port> 7 no-query no-digest
Example:
never_direct allow all
cache_peer 10.100.10.250 parent 8080 7 no-query no-digest
3. block the client http visit
acl <tag> src <client ip>
http_access deny <tag>
Example
acl badclientip1 src 10.100.10.22
http_access deny badclientip1
4. block the website
acl <tag> url_regex -i <string of website>
http_access deny <tag>
Example
acl badurl url_regex -i google.com
http_access deny badurl

Comments

Post a Comment

Popular posts from this blog

Nginx Proxy & Load Balance & LNMP

-
Nginx Proxy Service E-commerce website Server 1: provide image request response (  apache / nginx ) Server 2: provide dynamic request response ( php-fpm / apache-php ) Server 3: provide static request response ( apache / nginx ) Server 4: provide data request response ( mysql ) It need one additional nginx server 1. Install nginx 2. proxy to specific server Example location / {      proxy_pass http://192.168.199.187:80/; } location /bbs/ {      proxy_pass http://192.168.199.187:80/bbs/; } location ~* \.(jpg|png|gif)$  {      proxy_pass http://172.16.100.7; } Enhance the log information and specific the hostname location / {      proxy_pass  http://192.168.199.187:80/;      proxy_set_header <parameter name>  $host;  (client requst the hostname )      proxy_set_header <parameter name> $remote_addr; ...
Read more

Snort+barnyard2+Snorby CentOS 6.5_64 Installation

-
#download packages: daq-2.0.2.tar.gz ImageMagicK-6.8.9-8.tar.gz oinkmaster-2.0.tar.gz ruby-1.9.3-p547.tar.gz snort-2.9.6.2.tar.gz snortrules-snapshot-2962.tar.gz MySQL-server-5.5.40-1.rhel5.x86_64.rpm MySQL-client-5.6.21-1.rhel5.x86_64.rpm MySQL-devel-5.6.21-1.rhel5.x86_64.rpm MySQL-shared-5.6.21-1.rhel5.x86_64.rpm epel-release-6-8.noarch.rpm barnyard2-2.1.13.tar.gz #install yum package rpm -ivh epel-release-6-8.noarch.rpm yum install gcc-c++ patch readline readline-devel zlib zlib-devel flex git yum install libyaml-devel libffi-devel openssl-devel make  yum install bzip2 autoconf automake libtool bison iconv-devel libxml2-devel libxslt  yum install gcc g++ build-essential libssl-devel libreadline5-devel zlib1g-devel linux-headers-generic libsqlite3-devel libxslt-devel curl-devel sqlite-devel yum --enablerepo=epel install jasper jasper-libs jasper-devel #Mysql install yum remove mysql mysql-libs rpm -ivh MySQL-server-5.5.40-1.rh...
Read more

ORACLE Error

-
Image
oracle official error explanation  http://docs.oracle.com/cd/E11882_01/server.112/e17766/toc.htm 从服务器下载ALERT日志文件,传输方式需要选择"ASCII" ORA-01078: failure in processing system parameters 发生场景:新建数据库第一次启动时 SQL> startup ORA-01078: failure in processing system parameters LRM-00109: could not open parameter file ‘/home/oracle/oracle/product/10.2.0/db_1/dbs/initorcl.ora’ 原因:oracle_sid没有配置正确 解决方案: 1. 修改oracle用户.bash_profile文件中ORACLE_SID后的内容; 2. 重新已oracle用户登录; ORA-01157: cannot identify/lock data file string - see DBWR trace file  Cause: The background process was either unable to find one of the data files or failed to lock it because the file was already in use. The database will prohibit access to this file but other files will be unaffected. However the first instance to open the database will need to access all online data files. Accompanying error from the operating system describes why the file could not be identified. Action: Have operating system make file ...
Read more