Web Proxy server and DHCP Server on ubuntu 12.04
Hi Guys,
I would like to seek for your help regarding to my project. My boss ask me to upgrade our network to put somethin that can us. Then he tells me that I need to create a DHCP,Web proxy,cache server and also a firewall using the ubuntu.
I know that the proxy and cache server is for squid3.
Now how can i setup everything on our network?
ISP -> Modem -> router1 -> servers? -> switch -> lans
is it correct? im only new on this field so im totally no idea, Ive already read some ebooks but im still having problem on implementing and setting up everything.
I hope you can give me some idea or Help me to finish this project.
Re: Web Proxy server and DHCP Server on ubuntu 12.04
Thread moved to Server Platforms.
Re: Web Proxy server and DHCP Server on ubuntu 12.04
Hello, I think you can do this.
ISP -> Modem -> router1 -> Server (Proxy, DHCP, DNS) -> Switch -> LAN
Put the server between router and switch, the server can contain 3 servers:
-DNS (bind9).
-DHCP (dhcp3).
-Proxy (squid3).
Try it!
Re: Web Proxy server and DHCP Server on ubuntu 12.04
Bind is probably not necessary unless special tricks with DNS are needed.
ISC dhcpd is easy enough to set up, but dnsmasq is even easier. dnsmasq can also do DNS caching if that was on the list, too.
Squid3 is easy enough to set up, if you are able to point your web clients to it. If you are trying to set up transparent proxying, it is now called intercept mode and most of the documentation online is now out of date since it refers to the old way of doing it.
About the firewall, you'll probably have to look at iptables directly. Graphical tools like GUFW are mostly set up to affect an individual host, not a network.
Re: Web Proxy server and DHCP Server on ubuntu 12.04
Quote:
Originally Posted by
Lars Noodén
Bind is probably not necessary unless special tricks with DNS are needed.
ISC dhcpd is easy enough to set up, but dnsmasq is even easier. dnsmasq can also do DNS caching if that was on the list, too.
Squid3 is easy enough to set up, if you are able to point your web clients to it. If you are trying to set up transparent proxying, it is now called intercept mode and most of the documentation online is now out of date since it refers to the old way of doing it.
About the firewall, you'll probably have to look at iptables directly. Graphical tools like GUFW are mostly set up to affect an individual host, not a network.
thanks for the ideas :)
I just want to ask again regarding on the squid3. I already setup the squid3 on my ubuntu server 12.04 and successfully run it, but Im having a hard time blocking the proxy sites that employees accessing. Do you have any suggestions how to block the proxy sites?
thanks in advance
Re: Web Proxy server and DHCP Server on ubuntu 12.04
Do I need to setup as well a Dns server and dhcp server? so that the intercept mode of squid3 will work?
Re: Web Proxy server and DHCP Server on ubuntu 12.04
Quote:
Originally Posted by
romeroc24
Hello, I think you can do this.
ISP -> Modem -> router1 -> Server (Proxy, DHCP, DNS) -> Switch -> LAN
Put the server between router and switch, the server can contain 3 servers:
-DNS (bind9).
-DHCP (dhcp3).
-Proxy (squid3).
Try it!
what if i will have different physical server on then? is that ok?
and how can i block the proxy website using the squid? having a hard time on that
Re: Web Proxy server and DHCP Server on ubuntu 12.04
If there are not too many to be blocked, I would probably just add them to iptables rules. Otherwise, there is also Dansguardian, which I have read about but never used. I presume it still works with squid3.
Re: Web Proxy server and DHCP Server on ubuntu 12.04
You cannot block the proxy sites in squid since your users are sending their traffic to a remote IP and port.
You could do this with iptables, but you'll need to know the IP and port for every proxy in use. If you have a clue who is doing this, you can add an iptables logging rule to track his traffic, then write an iptables rule to deny access to the IP/port being used. I'd put the logging rules at the bottom of the ruleset so they pick up only those requests that don't already match some other rule. If the proxy user is on 192.168.1.1, you can add this to the bottom of the ruleset (but above any sort of default deny rule):
Code:
/sbin/iptables -A INPUT -p tcp -s 192.168.1.1 -j LOG
The results will appear in /var/log/syslog. If you log other activity in iptables, you can use the "--log-prefix" option to assign a label just to packets matching this rule.
Re: Web Proxy server and DHCP Server on ubuntu 12.04
I've tried this acl on the squid and acl fb dstdomain .proxysite.com, i guess it works for now since ive tried it and use the https:// to break through but still block.
can i join the dns and dhcp server on the same physical server? including also the squid3? and i only have 2 lan card on it.