How To Configure SQUID Proxy

Center for Information System Training-BP 511 St.
371, Phum Tropeang Chhuk (Borey Sorla) Sangkat Tek Thla, Khan Russey Keo, Phnom Penh info@cistrain.org +855(0) 23 99 55 00
Prepare by LY BONA 7/19/2010
Page 1
Center for Information System Training-BP 511 St.371, Phum Tropeang Chhuk (Borey Sorla) Sangkat Tek Thla, Khan Russey Keo, Phnom Penh info@cistrain.org +855(0) 23 99 55 00
Contents
A. Structure plan project proxy .. a. Resource need for plan . b. Proxy objective used for ... c. Structure . B. .Squid proxy .. a. Block domain . b. Block extension .. c. Allow LAN . C. .Squid Guard . a. Blacklist .. b. Shula list .
D. Proxy authentication with AD Server .. E. MYSAR analysis report squid access F..Squid proxy transparent . a. IP tables filter . b. Apply proxy transparent ..
Page 2
A.
Structure plan project proxy
a. Resource needed for plan - DNS Server run window server 2003 that has install active directory for authentication user and password in system: -Configure Forwarder to DNS public -Create user and group - Proxy Server needed bellow: -Two interface adapters one connect to LAN client and one more connect to WAN Internet -Bring proxy machine joint to AD Server - LAN client connect to one interface of proxy server b. Proxy squid objective We used Squid proxy for: Used proxy system Filter website Share internet Cache store Internet bandwidth management Generate reports c. Structure plan
Page 3
B. Squid proxy
a. Block domain Requirement to install squid on package on DVD-Suse-Sles11 name squid after that type command: #rcsquid restart
After restart service of squid proxy we need edit file /etc/squid /squid.conf follow configure syntax bellow: http_port 2567 cache_mem 32 MB cache_dir ufs /var/cache/squid 1024 16 256 access_log /var/log/squid/access.log squid Step1
Page 4
Step2
Step3
Page 5
Step4
Write access control list and http access for apply block domain: Path access list:
Path http access:
Page 6
Page 7
b. Block extension Block extension mean that block file that download file from internet we need to allow some extension and some extension deny for security system network in local. We can block it by write syntax in squid like: Write access list:
Write http access:
Page 8
c. Allow LAN client LAN can used proxy but need to follow rule: Write access list:
Write http access:
Page 9
C.Squid Guard
a. Blacklist configure Configure black list that for filter bad websites that can increase bandwidth in network earn resource internet. First we need to install two packages: squidGuard-1.3.99-1.49.i586.rpm and libmysqlclient15 in DVD-Suse. Install by type command: #yast i libmysqlclient15 #rpm ivh squidGuard-1.3.99-1.49.i586.rpm
Put ownership to squid:
Page 10
Configure file vi /etc/squidguard.conf following syntax:
Used command for update file blacklist to file .db #squidGuard C all
Page 11
Edit file /etc/squid/squid.conf add one line like that:
Put ownership for squid on file .db
Restart service squid:
Page 12
Domain name in blacklist
Page 13
Result test:
Page 14
b. Configure Shula list block We block blacklist by Shula we can block follow categories of website like game, sex, chat, song, video Edit in file /etc/squidguard.conf
Update file to .db
Page 15
D.
Proxy authentication with AD
Configure authentication username and password when client access website by web browsers and follow syntax bellow: Step1
Step2
Page 16
Step3
Step4
Page 17
Step5
Step6
Page 18
Step7
Step8
Page 19
Step9
Page 20
Step10
View report on access log file
Page 21
E. Mysar analysis reports squid access log

We used mysar for analysis reports for view it on web base and easy to follow up report internet access of client: How to configure mysar like bellow: Step1
Page 22
Step2
Step3
Page 23
Step4
Page 24
Step5
Step6
Page 25
Step7
Step8
Page 26
Step9
Step10
Step11
Page 27
Step12
Step13
Page 28
Step14
Step15
Page 29
Step16
Step17
Page 30
Step18
Step19
Step20
Page 31

How To Configure SQUID Proxy

Încărcat de

Informații document

Descriere originală:

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

How To Configure SQUID Proxy

Încărcat de

Drepturi de autor:

Formate disponibile

Center for Information System Training-BP 511 St.

Prepare by LY BONA 7/19/2010

Prepare by LY BONA 7/19/2010

Structure plan project proxy

Prepare by LY BONA 7/19/2010

Prepare by LY BONA 7/19/2010

Prepare by LY BONA 7/19/2010

Path http access:

Prepare by LY BONA 7/19/2010

Prepare by LY BONA 7/19/2010

Write http access:

Prepare by LY BONA 7/19/2010

Write http access:

Prepare by LY BONA 7/19/2010

Put ownership to squid:

Prepare by LY BONA 7/19/2010

Configure file vi /etc/squidguard.conf following syntax:

Prepare by LY BONA 7/19/2010

Edit file /etc/squid/squid.conf add one line like that:

Put ownership for squid on file .db

Restart service squid:

Prepare by LY BONA 7/19/2010

Domain name in blacklist

Prepare by LY BONA 7/19/2010

Prepare by LY BONA 7/19/2010

Update file to .db

Prepare by LY BONA 7/19/2010

Proxy authentication with AD

Prepare by LY BONA 7/19/2010

Prepare by LY BONA 7/19/2010

Prepare by LY BONA 7/19/2010

Prepare by LY BONA 7/19/2010

Prepare by LY BONA 7/19/2010

View report on access log file

Prepare by LY BONA 7/19/2010

E. Mysar analysis reports squid access log

Prepare by LY BONA 7/19/2010

Prepare by LY BONA 7/19/2010

Prepare by LY BONA 7/19/2010

Prepare by LY BONA 7/19/2010

Prepare by LY BONA 7/19/2010

Prepare by LY BONA 7/19/2010

Prepare by LY BONA 7/19/2010

Prepare by LY BONA 7/19/2010

Prepare by LY BONA 7/19/2010

Prepare by LY BONA 7/19/2010

S-ar putea să vă placă și