squid proxy centos 6.4
DESCRIPTION
Squid Proxy CentOS 6.4. Prepared by : Mr. Sopheap Position : IT Support Location : Deam Computer Date : 24/July/2013. Infrastructure . Squid Proxy Server = CentOS 6.4 IP = 192.168.1.123/24 ; Eth0 = WAN IP = 10.10.10.1/24 ; Eth1 = LAN Client Windows XP - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/1.jpg)
Squid Proxy CentOS 6.4
Prepared by : Mr. SopheapPosition : IT SupportLocation : Deam ComputerDate : 24/July/2013
![Page 2: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/2.jpg)
Infrastructure
![Page 3: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/3.jpg)
RequirementSquid Proxy Server = CentOS 6.4
IP = 192.168.1.123/24 ; Eth0 = WAN IP = 10.10.10.1/24 ; Eth1 = LAN
Client Windows XP IP = 10.10.10.2/24 – 10.10.10.254/24
![Page 4: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/4.jpg)
What Type of Proxy Server?Transparent ProxyThis type of proxy server identifies itself as a proxy server and also makes the original IP address available through the http headers. These are generally used for their ability to cache websites and do not effectively provide any anonymity to those who use them. However, the use of a transparent proxy will get you around simple IP bans. They are transparent in the terms that your IP address is exposed, not transparent in the terms that you do not know that you are using it (your system is not specifically configured to use it.)Anonymous ProxyThis type of proxy server identifies itself as a proxy server, but does not make the original IP address available. This type of proxy server is detectable, but provides reasonable anonymity for most users.Distorting ProxyThis type of proxy server identifies itself as a proxy server, but make an incorrect original IP address available through the http headers.High Anonymity ProxyThis type of proxy server does not identify itself as a proxy server and does not make available the original IP address.
![Page 5: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/5.jpg)
Anonymous Proxy & Transparent Proxy Now I will choose two type of proxy server for show
everyone Anonymous Proxy Transparent Proxy
![Page 6: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/6.jpg)
Anonymous ProxyHostname
![Page 7: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/7.jpg)
Hostname
Anonymous Proxy
![Page 8: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/8.jpg)
IP address WAN
Anonymous Proxy
![Page 9: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/9.jpg)
IP Address WAN
Anonymous Proxy
![Page 10: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/10.jpg)
IP Address LAN
Anonymous Proxy
![Page 11: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/11.jpg)
Stop Service Iptables
Anonymous Proxy
![Page 12: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/12.jpg)
Install Squid Proxy
Anonymous Proxy
![Page 13: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/13.jpg)
Enable Service Squid
Anonymous Proxy
![Page 14: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/14.jpg)
Copy default configure squid
Anonymous Proxy
![Page 15: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/15.jpg)
Edit file squid configuration
Anonymous Proxy
![Page 16: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/16.jpg)
Edit file squid configuration
Anonymous Proxy
![Page 17: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/17.jpg)
Edit file squid configuration
Anonymous Proxy
![Page 18: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/18.jpg)
Edit file squid configuration
Anonymous Proxy
![Page 19: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/19.jpg)
Save and Start service squid
Anonymous Proxy
![Page 20: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/20.jpg)
Enable IP address Squid Proxy on Client
Anonymous Proxy
![Page 21: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/21.jpg)
Client access internet
Anonymous Proxy
![Page 22: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/22.jpg)
Create blacklist website for block on client
Anonymous Proxy
![Page 23: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/23.jpg)
Create blacklist website for block on client
Anonymous Proxy
![Page 24: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/24.jpg)
Create rule in squid for block blacklist website on client
Anonymous Proxy
![Page 25: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/25.jpg)
Client access blacklist website
Anonymous Proxy
![Page 26: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/26.jpg)
Create rule unlimited access for specific ip address
Anonymous Proxy
![Page 27: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/27.jpg)
Create rule unlimited access for specific ip address
Anonymous Proxy
![Page 28: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/28.jpg)
Anonymous ProxyCreate rule unlimited access for specific ip address
![Page 29: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/29.jpg)
Client use unlimited ip address access blacklist website
Anonymous Proxy
![Page 30: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/30.jpg)
Create rule for block file torrent
Anonymous Proxy
![Page 31: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/31.jpg)
Client access website torrent
Anonymous Proxy
![Page 32: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/32.jpg)
Create rule for block image url
Anonymous Proxy
![Page 33: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/33.jpg)
Client access website that image url block
Anonymous Proxy
![Page 34: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/34.jpg)
Create rule for authentication with squid proxy
Anonymous Proxy
![Page 35: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/35.jpg)
Anonymous Proxy
Create rule for authentication with squid proxy
![Page 36: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/36.jpg)
Install service httpd
Anonymous Proxy
![Page 37: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/37.jpg)
Edit file /etc/hosts
Anonymous Proxy
![Page 38: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/38.jpg)
Restart service httpd
Anonymous Proxy
![Page 39: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/39.jpg)
Create user htpasswd
Anonymous Proxy
![Page 40: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/40.jpg)
Client access internet by authenticated with squid proxy
Anonymous Proxy
![Page 41: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/41.jpg)
After client type user name and password
Anonymous Proxy
![Page 42: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/42.jpg)
Create file for block extension
Anonymous Proxy
![Page 43: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/43.jpg)
Create rule for block video content; extension and video reply
Anonymous Proxy
![Page 44: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/44.jpg)
Client access website that have video content
Anonymous Proxy
![Page 45: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/45.jpg)
Client download file that have extension .exe
Anonymous Proxy
![Page 46: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/46.jpg)
Limited speed download for client and unlimited ip address
Anonymous Proxy
![Page 47: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/47.jpg)
Client use unlimited ip address download unlimited speed
Anonymous Proxy
![Page 48: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/48.jpg)
Client Lan ip address download speed
Anonymous Proxy
![Page 49: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/49.jpg)
Create file index.htm for redirect blacklist website
Anonymous Proxy
![Page 50: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/50.jpg)
Anonymous Proxy
Create file index.htm for redirect blacklist website• Note for this file we can create by our self or we can download file
html
![Page 51: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/51.jpg)
Type command redirect this file
Anonymous Proxy
![Page 52: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/52.jpg)
When access blacklist website it will redirect to 192.168.1.123/index.htm
Anonymous Proxy
![Page 53: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/53.jpg)
Create rule for authenticated specific time
Anonymous Proxy
![Page 54: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/54.jpg)
Client access internet during 3:20 PM so client do not authentication with squid proxy.
Anonymous Proxy
![Page 55: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/55.jpg)
Edit file squid on http_port 3128 intercept or http_port 3128 transparent
Transparent Proxy
![Page 56: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/56.jpg)
Enables port forwarding in /etc/sysctl.conf
Transparent Proxy
![Page 57: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/57.jpg)
Delete all rule in /etc/sysconfig/iptables
Transparent Proxy
![Page 58: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/58.jpg)
After delete all rule in /etc/sysconfig/Iptables we need to restart service Iptables and save service iptables
Transparent Proxy
![Page 59: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/59.jpg)
After we restart service iptables already we need to create file iptables for create new rule and restart service iptables like above.
Transparent Proxy
![Page 60: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/60.jpg)
Restart service iptables and new file be create (sh flush.sh)
Transparent Proxy
![Page 61: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/61.jpg)
Client access internet by do not put ip address and port of squid proxy
Transparent Proxy
![Page 62: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/62.jpg)
Transparent ProxyClient access internet by do not put ip address and port of squid proxy
![Page 63: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/63.jpg)
Client still cannot access website blacklist
Transparent Proxy
![Page 64: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/64.jpg)
We can monitor client access blacklist by type tail –f /var/log/squid/access.log
Transparent Proxy
![Page 65: Squid Proxy CentOS 6.4](https://reader035.vdocuments.us/reader035/viewer/2022062302/5681685e550346895dde9f48/html5/thumbnails/65.jpg)
Squid Proxy Preparation by Mr. Sopheap
The End