Page 2 of 2 FirstFirst 12
Results 11 to 18 of 18

Thread: Web Proxy server and DHCP Server on ubuntu 12.04

  1. #11
    Join Date
    Nov 2008
    Location
    Metro Boston
    Beans
    9,497
    Distro
    Kubuntu 14.04 Trusty Tahr

    Re: Web Proxy server and DHCP Server on ubuntu 12.04

    Quote Originally Posted by neil1188 View Post
    I've tried this acl on the squid and acl fb dstdomain .proxysite.com, i guess it works for now since ive tried it and use the https:// to break through but still block.

    can i join the dns and dhcp server on the same physical server? including also the squid3? and i only have 2 lan card on it.
    Yes. Just make sure you specify the LAN-facing interface in /etc/default/dhcp3-server.
    If you ask for help, please have the courtesy to check for responses and thank the people who helped you.

    Blog · Linode System Administration Guides · Android Apps for Ubuntu Users

  2. #12
    Join Date
    Jun 2013
    Beans
    13

    Re: Web Proxy server and DHCP Server on ubuntu 12.04

    I have my dns and dhcp server installed and configured but when i connect my other computer it doesnt get an ip from dhcp server. the computer is connected directly on the server for testing.

    what should be the problem?

  3. #13
    Join Date
    Jun 2013
    Beans
    13

    Re: Web Proxy server and DHCP Server on ubuntu 12.04

    guys ive already configure all of the servers that i've wanted ;

    DNS
    DHCP
    Squid

    the only problem is how can i use the squid on dhcp server?.
    I made a script and make it executable.

    #!/bin/sh # Squid server IP SQUID_SERVER="10.0.0.1" # Interface connected to Internet INTERNET="eth0" # Address connected to LAN LOCAL="10.0.0.0/24" # Squid port SQUID_PORT="3128" # Clean old firewall iptables -F iptables -X iptables -t nat -F iptables -t nat -X iptables -t mangle -F iptables -t mangle -X # Enable Forwarding echo 1 > /proc/sys/net/ipv4/ip_forward # Setting default filter policy iptables -P INPUT DROP iptables -P OUTPUT ACCEPT # Unlimited access to loop back iptables -A INPUT -i lo -j ACCEPT iptables -A OUTPUT -o lo -j ACCEPT # Allow UDP, DNS and Passive FTP iptables -A INPUT -i $INTERNET -m state --state ESTABLISHED,RELATED -j ACCEPT # set this system as a router for Rest of LAN iptables -t nat -A POSTROUTING -o $INTERNET -j MASQUERADE iptables -A FORWARD -s $LOCAL -j ACCEPT # unlimited access to LAN iptables -A INPUT -s $LOCAL -j ACCEPT iptables -A OUTPUT -s $LOCAL -j ACCEPT # DNAT port 80 request comming from LAN systems to squid 3128 ($SQUID_PORT) aka transparent proxy iptables -t nat -A PREROUTING -s $LOCAL -p tcp --dport 80 -j DNAT --to $SQUID_SERVER:$SQUID_PORT # if it is same system iptables -t nat -A PREROUTING -i $INTERNET -p tcp --dport 80 -j REDIRECT --to-port $SQUID_PORT #open everything iptables -A INPUT -i $INTERNET -j ACCEPT iptables -A OUTPUT -o $INTERNET -j ACCEPT # DROP everything and Log it iptables -A INPUT -j LOG iptables -A INPUT -j DROP



    They say that this will finish the deal. But still failed
    I can still access the facebook

    thanks in advance guys

  4. #14
    Join Date
    Dec 2007
    Beans
    474

    Re: Web Proxy server and DHCP Server on ubuntu 12.04

    You can block facebook using regular expressions in squid. Basically, squid checks the request to see if facebook appears, and if it does, it blocks the request. Read here http://wiki.squid-cache.org/SquidFaq/SquidAcl in the section "How do I implement an ACL ban list?" and "How can I block access to porn sites?"

    As for the script, I'm having a hard time reading it. Anyway, I would suggest creating a ruleset for iptables and saving it somewhere. First set up the rules, then create a save file, the reload the save file every time the server starts:
    Code:
    #save your iptables config
    iptables-save > /path/to/iptables/save/file
    
    #to reload iptables save file
    iptables-restore < /path/to/iptables/save/file
    To autoload iptables during booting, create an executable script in /etc/network/if-pre-up.d/ as shown below:
    Code:
    #!/bin/bash
    iptables -F
    iptables-restore < /path/to/iptables/save/file
    exit 0

  5. #15
    Join Date
    Jun 2013
    Beans
    13

    Re: Web Proxy server and DHCP Server on ubuntu 12.04

    thanks all !!! I'ts already working specially to sensei for sticking on me and have a lots of patience thanks all

  6. #16
    Join Date
    Jun 2013
    Beans
    13

    Re: Web Proxy server and DHCP Server on ubuntu 12.04

    oh oh.. the https is open again

  7. #17
    Join Date
    Dec 2007
    Beans
    474

    Re: Web Proxy server and DHCP Server on ubuntu 12.04

    Did you try to block port 443 with iptables?

  8. #18
    Join Date
    Nov 2008
    Location
    Metro Boston
    Beans
    9,497
    Distro
    Kubuntu 14.04 Trusty Tahr

    Re: Web Proxy server and DHCP Server on ubuntu 12.04

    I don't see any rule in that mess of text that refers to HTTPS traffic. Blocking that is a whole other ball game since trying to do it with squid will generate complaints about "man-in-the-middle" attacks. You have to either disable HTTPS entirely by blocking requests to port 443, or blocking requests to selected remote sites.
    If you ask for help, please have the courtesy to check for responses and thank the people who helped you.

    Blog · Linode System Administration Guides · Android Apps for Ubuntu Users

Page 2 of 2 FirstFirst 12

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •