1. Install Fedora 12
2. Setting IP
- login root : su
- pass
- vi /etc/sysconfig/network-scripts/ifcfg-eth0
IPADDR=xxx.xxx.xxx.xxx
NETMARK=255.255.255.0
GATEWAY=xxx.xxx.xxx.xxx
DNS1=xxx.xxx.xxx.xxx
DNS2=xxx.xxx.xxx.xxx
ONBOOT=yes
BOOTPROTO=none
3. Install webmin
- vi /etc/yum.repos.d/webmin.repo
[Webmin]
name=Webmin Distribution Neutral
baseurl=http://download.webmin.com/download/yum
enabled=1
- rpm --import http://www.webmin.com/jcameron-key.asc
- yum install webmin
Webmin at the URL http://localhost:10000/
4. Open port
- vi /etc/sysconfig/iptables
-A INPUT -m state --state NEW -m tcp -p tcp --dport 10000 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3128 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 1353 -j ACCEPT
- service iptables restart
5. Config Squid
- Server -> Squid Proxy Server
- Memory Usage -> Memory usage limit : 512 MBs
- Cache Options -> Listed.. /var/spool/squid TYPE UFS Size (MB) 2048 1st level dirs 256 2nd level dirs 128
- Access Control -> localnet client Address xxx.xxx.xxx.xxx-xxx.xxx.xxx.xxx/32
- service squid restart
6. squid kernel NET: xxx messages suppressed
- cat /proc/sys/net/ipv4/tcp_max_syn_backlog
- echo "8192" > /proc/sys/net/ipv4/tcp_max_syn_backlog
7. - half_closed_clients off
8. - memory_pools on
- memory_pools_limit 32Mb
9. Cam truy cap 1 so trang web nhat dinh
- vi /etc/squid/webdeny
- vi /etc/squid/squid.conf
- acl webdeny dstdomain "/etc/squid/webdeny"
- http_access deny webdeny
10. Cam truy cap web theo dia chi IP clinet
- vi /etc/squid/squid.conf
- acl hostdeny src xxx.xxx.xxx.xxx/32
- http_access deny hostdeny
11. Cam download 1 so file nhat dinh
- acl denyfiletypes url_regex -i .mp3$ .mpg$ .mpeg$ .mp2$ .avi$ .wmv$ .wma$ .exe$
- http_access deny denyfiletypes
12. Cam xem online Video/Audio
- acl BlockExt url_regex -i \.mp3$ \.asx$ \.wma$ \.wmv$ \.avi$ \.mpeg$ \.mpg$ \.qt$ \.ram$ \.rm$ \.iso$ \.wav$ \.exe$
- acl webRadioReq1 req_mime_type -i ^video/x-ms-asf$
- acl webRadioReq2 req_mime_type -i ^application/vnd.ms.wms-hdr.asfv1$
- acl webRadioReq3 req_mime_type -i ^application/x-mms-framed$
- acl webRadioReq3 req_mime_type -i ^audio/x-pn-realaudio4
- acl webRadioRep1 rep_mime_type -i ^video/x-ms-asf$
- acl webRadioRep2 rep_mime_type -i ^application/vnd.ms.wms-hdr.asfv1$
- acl webRadioRep3 rep_mime_type -i ^application/x-mms-framed$
- acl webRadioRep3 req_mime_type -i ^audio/x-pn-realaudio$
- acl WMP browser Windows-Media-Player/*
- http_access deny BlockExt !UtentiGold
- http_access deny WMP all
- http_access deny webRadioReq1 all
- http_access deny webRadioReq2 all
- http_access deny webRadioReq3 all
- http_access deny webRadioReq4 all
- http_reply_access deny webRadioRep1 all
- http_reply_access deny webRadioRep2 all
- http_reply_access deny webRadioRep3 all
- http_reply_access deny webRadioRep4 all
13. Cho phep mot range IP chi truy cap vao nhung trang web co dinh
- acl allow_domains dstdomain url_regex "/etc/squid/local/access-local.txt"
- acl ip-local src "/etc/squid/ip-local.txt"
- http_access deny ip-local !allow_domains
- http_access allow ip-local
沒有留言:
張貼留言