Saturday, April 23, 2011

Debian Proxy Install/Configure A-Z


Debian Proxy Install/Configure A-Z

$mii-tool
$Ifconfig eth0 up
$Ifconfig eth1 up
/Etc/host.conf
$Vim /etc/hosts
multi on

/Etc/hostname
$vim /etc/hostname
Echotex

/etc/resolv.conf
$Vim /etc/resolv.conf

nameserver 200.70.201.3
nameserver 200.70.201.5

/etc/network/interfaces
$Vim /etc/network/interfaces

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
      address 200.201.252.111
      netmask 255.255.255.224
      network 200.201.252.128
      gateway 200.201.252.129

auto eth1
iface eth1 inet static
      address 192.168.0.1
      netmask 255.255.255.0
      network 192.168.0.0


/etc/init.d/networking restart
$Apt-get update
$apt-get upgrade
$apt-get install gcc g++ patch make ssh telnet openssh-server links lynx
$apt-get install ethtool
$ethtool eth1
Apt-get install iptool iftop

/etc/apt/source.list
deb http://security.debian.org/ lenny/updates main
deb-src  http://security.debian.org/ lenny/updates main
deb http://http.us.debian.org/debian lenny main non-free contrib

/etc/dhcp3/dhcpd.conf
$apt-get install dhcp3-server
$vim /etc/dhcpd3/dhcpd.conf


# A slightly different configuration for an internal subnet.
subnet 192.168.0.0 netmask 255.255.255.0 {
  range 192.168.0.10 192.168.0.200;
  option domain-name-servers 200.70.201.3, 200.70.201.5;
  option domain-name "linuxadminatoz.blogspot.com";
  option routers 192.168.0.1;
  option broadcast-address 192.168.0.255;
  default-lease-time 600;
  max-lease-time 7200;
}


/etc/Squid/Squid.conf
$apt-get install squid

#Recommended minimum configuration:
acl all src all
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8

#acl echo src 192.168.0.0/24
acl blkdomain dstdomain "/etc/squid/deny_for_all"
acl limitmac arp "/etc/squid/limit_mac"
acl limitsite dstdomain "/etc/squid/limit_site"
acl superuser arp "/etc/squid/allallow"

‘’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS

# Example rule allowing access from your local networks.
# Adapt localnet in the ACL section to list your (internal) IP networks
# from where browsing should be allowed
#http_access allow localnet

http_access allow localhost
http_access deny blkdomain
http_access allow limitmac limitsite
http_access allow superuser
# http_access allow echo

# And finally deny all other access to this proxy
http_access deny all

---------------------------------------------------------------------------------------------------
# ADMINISTRATIVE PARAMETERS

#  TAG: cache_mgr
#     Email-address of local cache manager who will receive
#     mail if the cache dies. The default is "webmaster".
#
#Default:
# cache_mgr mahfuz_echo@gmail.com


‘’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’
/etc/arno-iptables-firewall/firewall.conf (Details..
$apt-get install arno-iptables-firewall
$dpkg-reconfigure arno-iptables-firewall

###############################################################################
# (Transparent) proxy settings (EXPERT SETTINGS!)                             #
###############################################################################
HTTP_PROXY_PORT="3128"
HTTPS_PROXY_PORT=""
FTP_PROXY_PORT=""
SMTP_PROXY_PORT="25"
POP3_PROXY_PORT=""
‘’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’’
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)