All posts tagged Proxy

Squid Proxy User Authentication


If you want users to authenticate in order to access the Internet. Using this method we can control when and how users will access the internet.

Squid Server Details:

For installing squid server please find the previous posts.

IP address: 192.168.1.5
Hostname: server.local

[root@server ~]# vi /etc/squid/squid.conf

Add below lines in end of file.

auth_param basic program /usr/lib64/squid/basic_ncsa_auth /etc/squid/passwords
auth_param basic realm proxy
acl authenticated proxy_auth REQUIRED
http_access allow authenticated

Save and exit(:wq!)

[root@server ~]# touch /etc/squid/passwords
[root@server ~]# htpasswd /etc/squid/passwords user_name

Now you will be asked to enter the password twice.

Restart the squid server to make these changes effective.

[root@server ~]# /ect/init.d/squid restart
or
[root@server ~]# /etc/init.d/squid reload

At client system, close and open web browser, a dialogue window open and asking to enter the proxy username and password.

Leave a comment
by sysadmin on February 19, 2015  •  Permalink
Posted in CentOS/Fedora/Redhat
Tagged , , , , ,

Posted by sysadmin on February 19, 2015

https://linuxgurublog.wordpress.com/2015/02/19/squid-proxy-user-authentication/

How to Block Websites and download files


It is important to System Administrator to keep the bandwidth on equal range. Sometimes user may download the movie/song/software, this will affects the other users bandwidth on same network.

In previous post, we have discussed about the installation and configuration of squid proxy server. Here we are going to see how to block unwanted websites and restrict user to download the files in your network.

Squid Server Details:

IP address: 192.168.1.5
Hostname: server.local

How to check whether the proxy server is running or not

[root@server ~]# /etc/init.d/squid status

If it is not running, execute the below command

[root@server ~]# /etc/init.d/squid start

Step 1: Blocking Websites

[root@server ~]# vi /etc/squid/squid.conf

Search for acl and add below two lines.

acl blocksites dstdomain "/etc/squid/blocksites.squid"
http_access deny blocksites

Save and exit(:wq!)

[root@server ~]# vi /etc/squid/blocksites.squid

Add websites to block on your environment.

For example :

www.gmail.com
www.yahoo.com
www.facebook.com
www.twitter.com

Save and exit(:wq!)

Step 2: Block downloading files

[root@server ~]# vi /etc/squid/squid.conf

Search for acl and add below two lines.

acl blockfiles urlpath_regex "/etc/squid/blockfiles.squid"
http_access deny blockfiles

Save and exit(:wq!)

[root@server ~]# vi /etc/squid/blockfiles.squid

Add the extension to be blocked on your environment.

\.[Ee][Xx][Ee]$
\.[Aa][Vv][Ii}$
\.[Mm][Pp][Gg]$
\.[Mm][Pp][Ee][Gg]$
\.[Mm][Pp]3$
\.[Zz][Ii][Pp]$
\.[Tt][Aa][Rr]$
\.[Ii][Ss][Oo]$

Save and exit(:wq!)

Note:
[Ee][Xx][Ee]$ :- “.exe or .EXE file extension”
[Aa][Vv][Ii}$ :- ".avi or .AVI file extension"

If you would like to deny access for specific words who browses to a URL. Below example will block the internet when user search for job category.

Search for acl and add below two lines.

acl blockurl url_regex -i job
http_access deny blockurl

Restart the squid server to make these changes effective.

[root@server ~]# /ect/init.d/squid restart
or
[root@server ~]# /etc/init.d/squid reload

Close and open client webbrowser to check these changes are working properly.

That’s it… Enjoy 🙂

Leave a comment
by sysadmin on February 18, 2015  •  Permalink
Posted in CentOS/Fedora/Redhat
Tagged , , , , ,

Posted by sysadmin on February 18, 2015

https://linuxgurublog.wordpress.com/2015/02/18/how-to-block-websites-and-download-files/

Web filter/Proxy server configuration on CentOS


– Squid is open source web filter/proxy server. Squid will initially act as an intermediary, simply passing the client’s request on to the server and saving a copy of the requested object.

Here we are going to see how to install and configure squid proxy server on your environment.

Squid Server Details:

IP address: 192.168.1.5
Hostname: server.local

Disable SELinux & Firewall from below commands.

[root@server ~]# echo 0 > /selinux/enforce
[root@server ~]# /etc/init.d/iptables stop
[root@server ~]# chkconfig --level 35 iptables off

Step 1: Installation of Squid

[root@server ~]# yum install -y squid

Step 2: Server side configuration

[root@server ~]# vi /etc/squid/squid.conf

Search for acl and add below two lines.

acl networks src 192.168.1.0/24 192.168.2.0/24 192.168.3.0/24
http_access allow networks

where,

networks —- ACL (Access Control List)
192.168.1.0/24 — Your network range

[root@server ~]# chkconfig --level 35 squid on
[root@server ~]# /etc/init.d/squid start

Squid default port is 3128

Check the squid port is open.

[root@server ~]# netstat -tulpn | grep 3128

Step 3: Client side configuration:

Open a web browser > Tools > Internet option > Network settings > and setup Squid server IP address and port # 3128

Close and open your web browser to check your proxy is working or not.

1 Comment
by sysadmin on February 18, 2015  •  Permalink
Posted in CentOS/Fedora/Redhat
Tagged , , ,

Posted by sysadmin on February 18, 2015

https://linuxgurublog.wordpress.com/2015/02/18/web-filterproxy-server-configuration-on-centos/