Pages

Thursday, January 3, 2013

How to configure Proxy Server on RHEL 6.3 or Scientific Linux 6.3 or CentOS 6.3

[root@server1 ~] vim /etc/sysctl.con
net.ipv4.ip_forward = 1

[root@server1 ~]iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE

your client will be internet via Proxy

############################################## Transparent Proxy ###################################################
# vim /etc/squid/squid.conf
visible_hostname murad
http_port 3128 transparent
############## Inser Acl Section ########################

# Allow My Networks
acl mynetworks src 192.168.0.0/24

# from where browsing should be allowed
http_access allow mynetworks

[root@server1 ~]# iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 3128 -j ACCEPT
[root@server1 ~]# iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-ports 3128
[root@server1 ~]# iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j REDIRECT --to-ports 3128

[root@server1 ~]# service squid restart
Stopping squid: ................                           [  OK  ]
Starting squid: .                                          [  OK  ]

############################ Block Website ################################
# vim /etc/squid/badsite.conf

www.facebook.com
www.google.com
www.yahoo.com

# Allow My Networks
acl mynetworks src 192.168.0.0/24

##Add acl Badsites##
acl badsite dstdomain "/etc/squid/badsite.conf"
# Deny IP Address Range
acl denyip src 192.168.0.14
# Allow IP Address Range
acl allowip src 192.168.0.1-10
# Download Limit
acl Group1 src 192.168.0.1-192.168.0.10/24
reply_body_max_size 64 KB Group1
#
# Recommended minimum Access Permission configuration:
#
# Only allow cachemgr access from localhost
http_access allow manager
http_access deny manager
# Deny IP Address Range
http_access deny denyip
# Allow IP Address Range
http_access allow allowip
##Deny access to badsites##
http_access deny badsite

Read More
Posted by
Labels: , ,

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)