Page 1 of 2 12 LastLast
Results 1 to 10 of 18

Thread: Web Proxy server and DHCP Server on ubuntu 12.04

  1. #1
    Join Date
    Jun 2013
    Beans
    13

    Web Proxy server and DHCP Server on ubuntu 12.04

    Hi Guys,

    I would like to seek for your help regarding to my project. My boss ask me to upgrade our network to put somethin that can us. Then he tells me that I need to create a DHCP,Web proxy,cache server and also a firewall using the ubuntu.

    I know that the proxy and cache server is for squid3.

    Now how can i setup everything on our network?

    ISP -> Modem -> router1 -> servers? -> switch -> lans

    is it correct? im only new on this field so im totally no idea, Ive already read some ebooks but im still having problem on implementing and setting up everything.

    I hope you can give me some idea or Help me to finish this project.

  2. #2
    Join Date
    Jul 2007
    Location
    Auckland, NZ
    Beans
    3,625
    Distro
    Xubuntu 14.04 Trusty Tahr

    Re: Web Proxy server and DHCP Server on ubuntu 12.04

    Thread moved to Server Platforms.
    Please, people, remember to BACKUP before you install that new system. Same if you're upgrading.

  3. #3
    Join Date
    Jan 2009
    Beans
    26

    Re: Web Proxy server and DHCP Server on ubuntu 12.04

    Hello, I think you can do this.

    ISP -> Modem -> router1 -> Server (Proxy, DHCP, DNS) -> Switch -> LAN

    Put the server between router and switch, the server can contain 3 servers:

    -DNS (bind9).
    -DHCP (dhcp3).
    -Proxy (squid3).

    Try it!

  4. #4
    Join Date
    Sep 2006
    Beans
    7,199
    Distro
    Lubuntu Development Release

    Re: Web Proxy server and DHCP Server on ubuntu 12.04

    Bind is probably not necessary unless special tricks with DNS are needed.

    ISC dhcpd is easy enough to set up, but dnsmasq is even easier. dnsmasq can also do DNS caching if that was on the list, too.

    Squid3 is easy enough to set up, if you are able to point your web clients to it. If you are trying to set up transparent proxying, it is now called intercept mode and most of the documentation online is now out of date since it refers to the old way of doing it.

    About the firewall, you'll probably have to look at iptables directly. Graphical tools like GUFW are mostly set up to affect an individual host, not a network.

  5. #5
    Join Date
    Jun 2013
    Beans
    13

    Re: Web Proxy server and DHCP Server on ubuntu 12.04

    Quote Originally Posted by Lars Noodén View Post
    Bind is probably not necessary unless special tricks with DNS are needed.

    ISC dhcpd is easy enough to set up, but dnsmasq is even easier. dnsmasq can also do DNS caching if that was on the list, too.

    Squid3 is easy enough to set up, if you are able to point your web clients to it. If you are trying to set up transparent proxying, it is now called intercept mode and most of the documentation online is now out of date since it refers to the old way of doing it.

    About the firewall, you'll probably have to look at iptables directly. Graphical tools like GUFW are mostly set up to affect an individual host, not a network.



    thanks for the ideas

    I just want to ask again regarding on the squid3. I already setup the squid3 on my ubuntu server 12.04 and successfully run it, but Im having a hard time blocking the proxy sites that employees accessing. Do you have any suggestions how to block the proxy sites?

    thanks in advance

  6. #6
    Join Date
    Jun 2013
    Beans
    13

    Re: Web Proxy server and DHCP Server on ubuntu 12.04

    Do I need to setup as well a Dns server and dhcp server? so that the intercept mode of squid3 will work?

  7. #7
    Join Date
    Jun 2013
    Beans
    13

    Re: Web Proxy server and DHCP Server on ubuntu 12.04

    Quote Originally Posted by romeroc24 View Post
    Hello, I think you can do this.

    ISP -> Modem -> router1 -> Server (Proxy, DHCP, DNS) -> Switch -> LAN

    Put the server between router and switch, the server can contain 3 servers:

    -DNS (bind9).
    -DHCP (dhcp3).
    -Proxy (squid3).

    Try it!

    what if i will have different physical server on then? is that ok?
    and how can i block the proxy website using the squid? having a hard time on that

  8. #8
    Join Date
    Sep 2006
    Beans
    7,199
    Distro
    Lubuntu Development Release

    Re: Web Proxy server and DHCP Server on ubuntu 12.04

    If there are not too many to be blocked, I would probably just add them to iptables rules. Otherwise, there is also Dansguardian, which I have read about but never used. I presume it still works with squid3.

  9. #9
    Join Date
    Nov 2008
    Location
    Metro Boston
    Beans
    8,536
    Distro
    Kubuntu 14.04 Trusty Tahr

    Re: Web Proxy server and DHCP Server on ubuntu 12.04

    You cannot block the proxy sites in squid since your users are sending their traffic to a remote IP and port.

    You could do this with iptables, but you'll need to know the IP and port for every proxy in use. If you have a clue who is doing this, you can add an iptables logging rule to track his traffic, then write an iptables rule to deny access to the IP/port being used. I'd put the logging rules at the bottom of the ruleset so they pick up only those requests that don't already match some other rule. If the proxy user is on 192.168.1.1, you can add this to the bottom of the ruleset (but above any sort of default deny rule):

    Code:
    /sbin/iptables -A INPUT -p tcp -s 192.168.1.1 -j LOG
    The results will appear in /var/log/syslog. If you log other activity in iptables, you can use the "--log-prefix" option to assign a label just to packets matching this rule.
    Last edited by SeijiSensei; June 19th, 2013 at 04:03 PM.
    If you ask for help, please have the courtesy to check for responses and thank the people who helped you.

    Blog · Linode System Administration Guides · Android Apps for Ubuntu Users

  10. #10
    Join Date
    Jun 2013
    Beans
    13

    Re: Web Proxy server and DHCP Server on ubuntu 12.04

    I've tried this acl on the squid and acl fb dstdomain .proxysite.com, i guess it works for now since ive tried it and use the https:// to break through but still block.

    can i join the dns and dhcp server on the same physical server? including also the squid3? and i only have 2 lan card on it.

Page 1 of 2 12 LastLast

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •