Friday, January 15, 2010

Squid Made Simple

1. Modify Squid.conf
Open [root@localhost root]# vi /etc/squid/squid.conf
Edit the following entries:
http_access deny all to http_access allow all
After run:
[root@localhost root]# squid -z
Start squid service by:
[root@localhost root]# service squid restart

2. Create a file with any name .... for our example say iptables.sh
# List all hosts allowed --- separate them by single space
HOSTS="x.x.x.x y.y.y.y"

for host in $HOSTS
do
iptables -I FORWARD -s $host -j ACCEPT


iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -s $host -j REDIRECT --to-port 3128
iptables -A INPUT -i eth1 -j ACCEPT
iptables -A OUTPUT -o eth1 -j ACCEPT

iptables -A INPUT -i $host -j ACCEPT
iptables -A OUTPUT -o $host -j ACCEPT

done

save this file and execute
chmod +x iptables.sh
[root@localhost root]# ./iptables.sh
[root@localhost root]# iptables-save
[root@localhost root]# iptables-save > /etc/sysconfig/iptables

3.
[root@localhost root]# vi /etc/sysctl.conf
net.ipv4.ip_forward = 1
4.
[root@localhost root]# service iptables restart
Now configure users Browser for internet.

No comments:

Post a Comment