> Install squid
# Apt-get install squid
> Turn the squid ago:
# / Etc / init.d / squid stop
> Edit squid:
# pico / etc / squid / squid.conf
search and add: (remove the # sign)
http_port 3128 transparent -> default proxy port
cache_mem 16 mb
cache_dir ufs / var / spool / squid 500 16 256
cache_mgr [You must be registered and logged in to see this link.]
visible_hostname proxy.tkj.com -> name your hostname visible
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
2 hours auth_param basic credentialsttl
auth_param basic caseSensitive off
> Then look for the words: acl CONNECT method CONNECT, and add
url_regex site acl-i "/ etc / situsterlarang.txt" -> u / unblock any website
http_access deny site
acl lan src 192.168.1.0/24
http_access allow lan
http_access allow all
> Then save.
> Configuration interface:
# Pico / etc / network / interfaces
iface lo inet loopback
iface eth0 inet static
address 192.168.123.13
netmask 255.255.255.0
gateway 192.168.123.1
iface eth2 inet static
address 192.168.1.1
netmask 255.255.255.0
broadcast 192.168.1.255
network 192.168.1.0
auto eth0 eth2
auto lo
> Then create a file to block the site:
# Mcedit / etc / situsterlarang.txt
myspace
yahoo
> And save.
> Create a swap:
# Squid-z
> Then activate ip_forwading and routing tables dg command:
# Echo 1> / proc/sys/net/ipv4/ip_forwad
# Iptables-t nat-A POSTROUTING-s 192.168.1.0/24-j MASQUERADE
> Then we REDIRECT port 80 to port 3128 dg command:
# Iptables-t nat-A PREROUTING-s 192.168.1.0/24-p tcp-dport 80-j REDIRECT-to-ports 3128
# Iptables-save
> Then restart squid;
# / Etc / init.d / squid restart
> Check that the site has been blocked / removed the port ...
NB:
To set / add setting time, type:
acl MTWHFA time period 01:00 to 12:00
clock time 12:30-24:00 acl MTWHFA
http_access deny time
http_access deny hours
Comments