Proxy

Disponível somente no TrabalhosFeitos
  • Páginas : 5 (1184 palavras )
  • Download(s) : 0
  • Publicado : 20 de abril de 2011
Ler documento completo
Amostra do texto
configuração serevidor
passo a passo:
vim /etc/apt/sources.list
deb http://ftp.de.debian.org/debian sid main

terminal root
cd /etc/network
vim interfaces

conteudo> interfaces

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inetloopback

# The primary network interface
allow-hotplug eth0
iface eth0 inet dhcp

# The secundary netwoek interface
auto eth1
iface eth1 inet static
address 10.4.0.1
netmask 255.255.255.0
broadcast 10.4.0.255
#gateway

apt-get install dhcp3-server
cd /etc
cd default
vim dhcp3-server

conteudo> dhcp3-server
# Defaults for dhcp initscript
# sourced by /etc/init.d/dhcp
#installed at /etc/default/dhcp3-server by the maintainer scripts

#
# This is a POSIX shell fragment
#

# On what interfaces should the DHCP server (dhcpd) serve DHCP requests?
# Separate multiple interfaces with spaces, e.g. "eth0 eth1".
INTERFACES="eth1"
~

cd /etc/dhcp3-server
vim dhcpd.conf

conteudo> dhcpd.conf

authoritative;
# A slightly different configuration for aninternal subnet.
subnet 10.4.0.0 netmask 255.255.255.0 {
range 10.4.0.100 10.4.0.200;
option domain-name-servers 10.4.0.1,200.165.132.155,200.149.55.140;
# option domain-name "internal.example.org";
option routers 10.4.0.1;
option broadcast-address 10.4.0.255;
default-lease-time 600;
max-lease-time 7200;
}

/etc/init.d/dhcp3-server restart

apt-get install bind9

touch/etc/init.d/iptables.conf

chmod 755 /etc/init.d/iptables.conf
vim /etc/init.d/iptables.conf

conteudo> /etc/init.d/iptables.conf
#!/bin/bash
#
#/etc/init.d/iptables.conf
#
#comando limpa e atualiza os modulos
#
iptables -F
iptables -t nat -F
iptables -t mangle -F
modprobe iptable_nat
#
#proxy-eth1 porta da intra net
#
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT--to-port 3128
#
#compartilhar a internet eth0 porta da inter net
iptables -t nat -A POSTROUTING -i eth0 -j MASQUERADE echo 1 > /proc/sys/net/ipv4/ip_forward
#fim
~
cd /etc/rc2.d
ln -s /etc/init.d/iptables.conf /etc/rc2.d/S99iptables.conf
/etc/init.d/iptables.conf
vim /etc/resolv.conf

conteudo > /etc/resolv.conf
# generated by NetworkManager, do not edit!

search localdomainnameserver 10.4.0.1
nameserver 200.150.13.246
nameserver 200.150.4.5
nameserver 192.168.2.1

apt-get install samba
apt-get install squid
apt-get install php4
apt-get install apache
apt-get install ssh
apt-get install sarg

/etc/init.d/squid stop
mv /etc/squid/squid.conf squid.conf.bkp
mkdir /var/cache/squid
chmod 777 /var/cache/squid/ -R
vim /etc/squid/squid.conf

conteudo/etc/squid/squid.conf

# configuracao dos parametros
auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/passwd
auth_param basic children 5
auth_param basic credentialsttl 1 hour
auth_param basic realm Login/senha com setor de informatica
auth_param basic casesensitive off

# regras
http_port 3128
visible_hostname gateway.geovani.com.br
cache_dir ufs /var/cache/squid 3000 16256
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
error_directory /usr/share/squid/errors/Portuguese

acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80 21 81 70 210 888
acl CONNECT method CONNECT

acl autenticados proxy_auth REQUIRED

aclpermitidos src 10.4.0.0/255.255.255.0

acl all src 10.4.0.0/255.255.255.0

#http_access allow permitidos
#acl acesso_total proxy_auth REQUIRED
#acl acesso_restrito proxy_auth REQUIRED

#acl permitidos src 10.4.0.0/255.255.255.0
#acl all src 10.4.0.0/255.255.255.0

#http_access allow autenticados permitidos
#acl acesso_total src "/etc/squid/acesso_total"
#acl acesso_restrito src...
tracking img