May 2020
M T W T F S S
« Mar    
 123
45678910
11121314151617
18192021222324
25262728293031

Categories

WordPress Quotes

History is a relentless master. It has no present, only the past rushing into the future. To try to hold fast is to be swept aside.
John F. Kennedy
May 2020
M T W T F S S
« Mar    
 123
45678910
11121314151617
18192021222324
25262728293031

Short Cuts

2012 SERVER (64)
2016 windows (9)
AIX (13)
Amazon (40)
Ansibile (19)
Apache (135)
Asterisk (2)
cassandra (2)
Centos (211)
Centos RHEL 7 (270)
centos8 (3)
chef (3)
cloud (2)
cluster (3)
Coherence (1)
DB2 (5)
DISK (25)
DNS (9)
Docker (30)
Eassy (11)
ELKS (1)
EXCHANGE (3)
Fedora (6)
ftp (5)
GIT (3)
GOD (2)
Grub (1)
Hacking (10)
Hadoop (6)
health (2)
horoscope (23)
Hyper-V (10)
IIS (15)
IPTABLES (15)
JAVA (7)
JBOSS (32)
jenkins (1)
Kubernetes (7)
Ldap (5)
Linux (188)
Linux Commands (166)
Load balancer (5)
mariadb (14)
Mongodb (4)
MQ Server (24)
MYSQL (84)
Nagios (5)
NaturalOil (13)
Nginx (35)
Ngix (1)
openldap (1)
Openstack (6)
Oracle (35)
Perl (3)
Postfix (19)
Postgresql (1)
PowerShell (2)
Python (3)
qmail (36)
Redis (12)
RHCE (28)
SCALEIO (1)
Security on Centos (29)
SFTP (1)
Shell (64)
Solaris (58)
Sql Server 2012 (4)
squid (3)
SSH (10)
SSL (14)
Storage (1)
swap (3)
TIPS on Linux (28)
tomcat (62)
Ubuntu (1)
Uncategorized (30)
Veritas (2)
vfabric (1)
VMware (28)
Weblogic (38)
Websphere (71)
Windows (19)
Windows Software (2)
wordpress (1)
ZIMBRA (17)

WP Cumulus Flash tag cloud by Roy Tanck requires Flash Player 9 or better.

Who's Online

0 visitors online now
0 guests, 0 bots, 0 members

Hit Counter provided by dental implants orange county

Configure Squid with Dansguardian

Scenario-: 1. Configure squid Server 2. Configure Dan guardian 3. Configure Iptables 4. Configure Proxy server as a router.
Our purpose of proxy server is to sharing internet connection for web browsing performance & configures Dan guardian for content and site blocking.
A. Allow Internal to all user with restricted web site and content. B. Allow limited user can access all site C. Publish local server as a web server in different-different port. D. All user can send receive mail from the Outlook but they can’t access restricted site. E. Allow vnc, Sql server and Remote Desktop Connection access form to internet to External Network. F. Allow company’s website access to all users

Process-:
External LAN Card- eth0 (10.10.10.1) Internal LAN Card- eth1(192.168.10.1)
1. Configure and install Squid Server-:
# yum install squid*
Cp /etc/squid/squid.conf /etc/squid/squid.conf.bkp
Vim /etc/squid/squid.conf
visible hostname vsnl.com http_port 3128
# Restrict Web access by IP address
Acl special_client src “/etc/squid/special_client_ip_txt” # allow all site access users ‘s ip list Acl our_networks src 192.168.10.0/24 # allow network Acl bed url_regex “ /etc/squid/squid/squid-block.acl” # list of block site ‘s name http_access allow bed special_client # allow access all site to special client list http_access deny bed our_networks # allow limited access http_access allow our_networks # allow access to network
vim /etc/squid/special_client_ip_txt 192.168.10.126 192.168.10.200 192.168.10.251 vim /etc/squid/squid_block_acl orkut.com yahoo.com gmial.com
Service squid start # Service squid stop # Service squid restart
Install and Configure Dansguardain -: Yum install dans*
Cp /etc/dansguardain/dansguardian.conf /etc/dansguardain/dansguardian.conf.bkp
Vim /etc/dansguardian/dansguardain.conf
Filter ip = 192.168.10.1 Filter port = 8080 Proxy ip = 127.0.0.1 Proxy port = 3128
Vim /etc/dansguardian/list/bandsitelist Gmail.com # list of block site Yahoo.com Facebook.com Orkut.com Vim /etc/dansguardain/list/bannedregexpurllist
# Hard core phase ( for content blocking)
Orkut|youtube|sport|gmail|facebook|orkut|sex|video|virus|audio
Vim /etc/dansguardian/lists/exceptionsitelist # following site will not be filter by dansguardain. Allow for all users.
www.online-linux.blogspot.com www.xyz.com
vim/etc/dansguardian/exceptioniplist
# list of ip allow all fitler site.
192.168.10.126 192.168.10.200 192.168.10.251
Configure Iptables-: # masquerade local lan(eth1) # redirect all request 80 to 8080 from eth1(local lan) # publish local website # allow 80 and 8080 port
$ iptables –t nat –A POSTROUTING –I eth1 –j MASQUERADE $ iptables -t nat -A PREROUTING -i eth1 -p tcp –dport 80 -j REDIRECT –to-port 8080 $ iptables -t nat -A PREROUTING -i eth1 -p tcp –dport 3128 -j REDIRECT –to-port 8080 $ iptables -t nat -A PREROUTING -p tcp -d 10.10.10.1 –dport 8090 -j DNAT –to-destination 192.168.10.10:8090 $ iptables –I INPUT –s 192.168.10.0/24 –p tcp –-dport 80 –J ACCEPT $ iptables –I INPUT –s 192.168.10.0/24 –p tcp –dport 8080 –J ACCEPT

Client Site-
Lan setting- 192.168.100.1:8080

Leave a Reply

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

  

  

  

Blue Captcha Image
Refresh

*

Protected by WP Anti Spam