Search the Community
Showing results for tags 'squid'.
Found 1 result
I've been wanting to filter my own network traffic by running it through a proxy. So I did some reseach of how to set it up and configure it. My first plan was to use squid and dansguardian but I found an easier way to do it. Here's how I did it for those who come across this post. I used squid and openDNS: 1. Install Squid: yum install squid 2. Configure Squid: add hostname, user/group, port, and DNS option *Edit configuration file with you favorite editor: vi /etc/squid/squid.conf a. Add: visible_hostname Proxy-name b. Add: cache_effective_user squid c. Add: cache_effective_group squid d. Add: shutdown_lifetime 20 seconds e. Add: port 3128 to: http_port 3128 f. Add DNS option: dns_nameservers 22.214.171.124 126.96.36.199 #OpenDNS Nameservers g. uncommented: cache_dir ufs /var/spool/squid 100 16 256 h. save your file: :wq 3. Restart Squid: service squid restart 4. Edit your firewall: I used system-config-firewall-tui a. Add tcp port 3128 and run through the options, no others needed and when done iptables will be restarted. 4. for the client side you need to setup the proxy for firefox or whatever browser you want. I use firefox. a. Extra-->Options-->Advanced-->Network-->Settings: manual proxy configuration: set your ip/port: 192.168.1.100:3128 b. Klik Ok and try browsing(Test). c. Done. On my home situation I don't need to lock out the clients from being able to edit the browser options. But you can change the rights if you need it for your situation: Ubuntu: 1. chown root /usr/bin/gnome-network-properties 2. chmod ug-x /usr/bin/gnome-network-properties Window: You probably only need to let your users login with normal users accounts. You can also force all the pc's on your network to go through your proxy via iptables, but I didn't find it necesarry. Another way of filtering your webcontent is by using dansguardian, but I find this way just as effective and easier to do setup. With Dansguardian you can add your own blacklists/whitelists of sites. The only disadvantages I found is that you have alot of configuring to do, cause when you set it up and add a blacklist. You have to whitelist everything that's blacklisted in your blacklist folder. Example I wasn't able to access a topic on this forum because I had the word porn in the topic. I'm real happy with OpenDNS and when you get redirected from a blocked porn site you can also click on send messages to system administrator using your openDNS account email adress which you can set in the OpenDNS panel and the most important thing is that it's free