Proxy
Server:
Proxy server is a server (a computer system or an
application) that acts as an intermediary for requests from clients seeking
resources from other servers. A client connects to the proxy server, requesting
some service, such as a file, connection, web page, or other resource available
from a different server. The proxy server evaluates the request according to
its filtering rules. For example, it may filter traffic by IP address or
protocol. If the request is validated by the filter, the proxy provides the
resource by connecting to the relevant server and requesting the service on
behalf of the client. A proxy server may optionally alter the client's request
or the server's response, and sometimes it may serve the request without
contacting the specified server. In this case, it ‘caches’ responses from the
remote server, and returns subsequent requests for the same content directly.The proxy concept was invented in the early days of distributed systems as a way to simplify and control their complexity. Today, most proxies are a web proxy, allowing access to content on the World Wide Web.
Squid:
Squid is a proxy
server and web cache daemon.
It has a wide variety of uses, from speeding up a web server by caching repeated
requests; to caching web, DNS and other computer network lookups for a
group of people sharing network resources; to aiding security by filtering
traffic. Although primarily used for HTTP and FTP, Squid includes limited support
for several other protocols including WCCP, TLS, SSL internet
Gopher and HTTPS.
Squid was originally designed to
run on Unix-like systems,
but also runs well on Windows-based
systems. Released under the GNU General
Public License, Squid is free
software.
Installing
Squid in Ubuntu:
First we need
to update Ubuntu package. Go to System > Administration >Update Manager.
After install
Apache and Squid.
# apt-get install apache2
# apt-get install squid
Key File Locations
|
File
|
Purpose
|
|
/etc/squid/squid.conf
|
Squid configuration file
|
|
/var/log/squid/access.log
|
Squid access log file
|
Stop the
Squid using below commend :
Sudo pkill -9 squid
Star the
Squid Service using below comment :
Sudo service squid start
Squid Configuration
The squid.conf file is huge, with
hundreds of options. In this howto we will only be changing a few settings.
Open the squid.conf file for editing
sudo gedit /etc/squid/squid.conf
Turn
on line numbers in gedit (Edit > Preferences)
Configure
Proxy in your web browser:
192.168.10.23
– Proxy Server IP
Squid Default
Port No: 3128
After in your
browser you can’t Access any URL. Because in default Squid Proxy Server deny
all Traffic.
Open the
Squid.conf file using Commend:
Assign Host
name for you Squid Proxy Server:
# TAG: visible_hostname (Below this line you
enter following line )
visible_hostname gokul
(gokul-Host name)
We need to
configure our Network Address. In Default squid proxy server assigned following
address
i.
10.0.0.0/8
ii.
172.16.0.0/16
iii. 192.168.0.0/24
In my network
I am using Class C. ip ranges are below
192.168.10.0/24
and 172.20.1.0/24
So we disable
default squid network ip. And I add my local network ip.
acl localnet src 192.168.10.0/24
acl localnet src 172.20.1.0/24
After that
configuration we need to allow http access so we allow our local network.
http_access allow localnet
http_access alow localhost
After save
this configuration and we need to
restart Squid Services. Using following command.
Sudo pkill -9 squid
Sudo service squid start
In your web
browser open any URL. it will work. we configured squid Successfully
Now we show
how to block particular URL using Squid. Example we block yahoo and google
link.
Go to the ACL
. below the ACL we enter following command
acl block_websites dstdomain .google.com .yahoo.com
http access deny block_websites
Save this
configuration. And restart squid Service
following this command.
Sudo pkill -9 squid
Sudo service squid start
In your web
browser try to Access google.com or yahoo.com.
You show the
Access Denied page.
SquidGuard:
Squid is a proxy server, HTTP
requests are sent to Squid instead of being sent directly to the internet.
SquidGuard is a web filter plugin
for Squid which is used to restrict access to domains/URLs based upon access
control lists. When SquidGuard receives a request it is examined and will
either allow the page to load or will redirect to a predetermined “block” page
or script. SquidGuard makes its decisions based upon the use of access control
lists and databases of domains, URLs, and expressions
SquidGuard
Installation:
Install SquidGuard
sudo apt-get install squidguard
Key File Locations
|
File
|
Purpose
|
|
/etc/squid/squid.conf
|
Squid configuration file
|
|
/var/log/squid/access.log
|
Squid access log file
|
|
/etc/squid/squidGuard.conf
|
SquidGuard configuration file
|
|
/var/lib/squidguard/db
|
SquidGuard database files
|
|
/var/log/squid/squidGuard.log
|
SquidGuard log file
|
Squid Configuration
The squid.conf file is huge, with
hundreds of options. In this howto we will only be changing a few settings. Open the squid.conf file for editing
using sudo and a text editor.
sudo gedit /etc/squid/squid.conf
Now
we need to tell squid where squidguard is. Find the TAG: url_rewrite_program heading. There is no default setting
here, so we need to add our own line.
url_rewrite_program /usr/bin/squidGuard –c /etc/squid/squidGuard.conf
SquidGuard Configuration
For the
purposes of this how to we will use a very simple configuration for SquidGuard,
with only one category of sites that we want to block. More complex and useful
configurations are explained on the official SquidGuard site.
First we will
create a list of domains we want to block
sudo mkdir /var/lib/squidguard/db/ads/
gksudo gedit /var/lib/squidguard/db/ads/domains
Insert the
following, then save the file.
Facebook.com
Orkut.com
Twitter.com
(For example we add this three URL.)
Now we edit our
squidGuard.conf file.
sudo gedit /etc/squid/squidGuard.conf
Delete
everything after the line: logdir /var/log/squid
Replace the
deleted text with the following:
dest ads {
domainlist ads/domains
}
acl {
default {
pass !ads all
redirect http://google.co.in
}
}
Save this
configuration. And restart squid Service
following this command.
Sudo pkill -9 squid
Sudo service squid start
Now try to
access facebook.com or orkut.com or orkut.com. Automatically that URl was
redirect google.co.in.
No comments:
Post a Comment