Best control over internet access in NAT / Cafe or for home usage on multiple computers..
Here are some steps :
yum -y install squid
Open config file :
vi /etc/squid/squid.conf
Most of setting are done as default + lot of commented advance config
Your squid.conf abstractly looks like :
================================================================
http_port 3128
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
#logging details
access_log /var/log/squid/access.log squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
acl our_networks src 10.10.10.0/24 172.16.12.0/24
http_access allow our_networks
http_access allow localhost
http_access deny all
http_reply_access allow all
icp_access allow all
coredump_dir /var/spool/squid
================================================================
We can add/remove network series by adding ==>
acl our_networks src 10.10.10.0/24 172.16.12.0/24
http_access allow our_networks
Single IP access can be manipulated acl list
Most important thing is : complete logging. (Not available in case of NAT)
We can monitor it to produce Artificial intenllegence
Now start squid ::::::::
service squid start
Set Proxy server IP & port to browser settings .. its working
No comments:
Post a Comment
Comments welcome :