33149
Goto Top

FLI4L - SQUID - Proxy - SQUID ADDONS - User Authentifizierung

Hi Leute,

ich versuche ein kleines Netzwerk mit Proxy und Squid einzurichten und bei jedem Zugriff auf dass Internet soll der User sich mit Usernamen und Passwort Authentifizieren müssen. Ich scheitere kläglich.

Der FLI4L Router besteht aus:
133MHZ Pentium
8 GB Platte
2 identischen Netzwerkkarten

Infrastruktur:

Momentan:
Rechner --> Fli4L-Router --> WirelessRouter --> Modem
192.168.0.13(PC) 192.168.0.10(eth0) + 192.168.0.20(eth1) 192.168.0.1(Router)

Als zusätzliche Vereinacherung soll der Fli4L als reiner Ethernet Router fungieren.

Alle in demselben Netz mit derselben Netzmaske (255.255.255.0)

Die Netzwerkkarten agieren beide mit dem IP Protokoll, da der FLI4L nicht als PPPOE Router eingerichtet ist (und auch nicht soll!)

Kann mir jemand sagen wie ich base.txt, squid.txt, squid_addons.txt, proxy.txt einrichten muss bzw helfen bei der Einrichtung? Dafür wäre ich sehr dankbar!

Meine momentanen Einstellungen (OHNE den Versuch der Authentifizierung):
base.txt
#------------------------------------------------------------------------------
# General settings:
#------------------------------------------------------------------------------
HOSTNAME='fli4l'               # name of fli4l router  
PASSWORD='fli4l'               # password for root login (console, sshd, imond)  
BOOT_TYPE='hd'                 # boot device: fd, fdx2, dualfd, hd, cd, ls120,  
                               # integrated, attached, netboot, pxeboot
                               # (cd, cdemul, hd and ls120 need an
                               # installed opt hd)
MOUNT_BOOT='rw'                # mount boot device (floppy): ro, rw, no  
TIME_INFO='MEZ-1MESZ,M3.5.0,M10.5.0'  
                               # description of local time zone,
                               # don't touch without reading documentation 
KERNEL_VERSION='2.4.32'        # kernel version  
KERNEL_BOOT_OPTION=''          # append option to kernel command line  
COMP_TYPE_KERNEL='gzip'        # compression-type for kernel: gzip, bzip2  
COMP_TYPE_ROOTFS='gzip'        # compression-type for rootfs: gzip, bzip2  
IP_CONNTRACK_MAX=''            # override maximum limit of connection  
                               # tracking entries
POWEROFF_ON_HALT='no'          # power off after shutting down the machine  
REAL_MODE_POWEROFF='no'        # switch to real mode before invoking  
                               # apm power off

#------------------------------------------------------------------------------
# Localisation
#------------------------------------------------------------------------------
LOCALE='de'                    # defines the default language for several  
                               # components, such as menu and httpd

#------------------------------------------------------------------------------
# Mount extra floppy drive to /floppy:
#------------------------------------------------------------------------------
OPT_MOUNTFLOPPY='no'           # mount extra floppy drive: first, second, no  

#------------------------------------------------------------------------------
# Console settings (serial console, blank time):
#------------------------------------------------------------------------------
CONSOLE_BLANK_TIME=''          # time in minutes (1-60) to blank  
                               # console; '0' = never, '' = system default 
SER_CONSOLE='no'               # use serial interface instead of or as  
                               # additional output device and main input device
    SER_CONSOLE_IF='0'         # serial interface to use, 0 for ttyS0 (COM1)  
    SER_CONSOLE_RATE='9600'    # baudrate for serial console  
    SER_BEEP='no'              # enable beep after boot and shutdown  

#------------------------------------------------------------------------------
# Debug Settings:
#------------------------------------------------------------------------------
DEBUG_STARTUP='no'             # write an execution trace of the boot  
DEBUG_LOG=''                   # sequence to file DEBUG_LOG or console if  
                               # DEBUG_LOG is empty

#------------------------------------------------------------------------------
# Show service menu after login:
#------------------------------------------------------------------------------
OPT_MENU='yes'                 # service menu for users  
    MENU_LANGUAGE=''           # language for the service menu; defaults to  
                               # 'LOCALE' if left empty 
#------------------------------------------------------------------------------
# Keyboard layout
#------------------------------------------------------------------------------
KEYBOARD_LOCALE='auto'         # auto: use most common keyboard layout for  
                               # the language specified in 'LOCALE' 
OPT_MAKEKBL='no'               # set to 'yes' to make a new local keyboard  
                               # layout map on the fli4l-router

Die Ethernetkarten lass ich weg um Zeichen zu sparen!


#------------------------------------------------------------------------------
NET_DRV_N='1'                  			# number of ethernet drivers to load, usually 1  
NET_DRV_1='8139too'           			# 1st driver: name (e.g. NE2000 PCI clone)  
NET_DRV_1_OPTION=''            			# 1st driver: additional option  
NET_DRV_2='8139too'                 # 2nd driver: name (e.g. NE2000 ISA clone)  
NET_DRV_2_OPTION='io=0x240,0x300'   # 2nd driver: additional option  

#------------------------------------------------------------------------------
# Ether networks used with IP protocol:
#------------------------------------------------------------------------------
IP_NET_N='2'                   				# number of IP ethernet networks, usually 1  


IP_NET_1='192.168.0.10/24'      				# IP address of your n'th ethernet card and netmask in CIDR (no. of set bits)  
IP_NET_1_DEV='eth0'           					# required: device name like ethX  
#DLINK zu Router - Squid Abfrage


IP_NET_2='192.168.0.20/24'      				# IP address of your n'th ethernet card and netmask in CIDR (no. of set bits)  
IP_NET_2_DEV='eth1'         						# required: device name like ethX  
#Andere zu Rechner

#------------------------------------------------------------------------------
# Additional routes, optional
#------------------------------------------------------------------------------
IP_ROUTE_N='2'                              # number of additional routes  
IP_ROUTE_1='192.168.0.10/24 192.168.0.20'  
IP_ROUTE_2='0.0.0.0/0 192.168.0.1'   			# network/netmaskbits gateway  

#        IP_ROUTE_1='192.168.0.13/24 192.168.0.10' 
 #       IP_ROUTE_2='0.0.0.0/0 192.168.0.1' 


#------------------------------------------------------------------------------
# Packetfilter configuration; there are two styles, old and new -
# you have to choose one of them.
# 
# Please choose the new packet filter configuration, the old one is
# deprecated and only provided for compatibility reasons. During boot
# up the configuration will be translated to the new configuration,
# printed to the screen and written to bootmsg.txt to allow for an
# easy migration to the new config style.
#
# Old style packet filter config - set ORIG_FW_CONFIG='yes' to use  
# this version
#------------------------------------------------------------------------------
ORIG_FW_CONFIG='no'  

#------------------------------------------------------------------------------
# New style packet filter config - set NEW_FW_CONFIG='yes' to use this  
# version
#------------------------------------------------------------------------------
NEW_FW_CONFIG='yes'                  # new style packet filter config: yes/no  

#
# Zugriff auf den Router
#

INPUT_POLICY='REJECT'  
INPUT_ACCEPT_DEF='yes'  
INPUT_LOG='no'  
INPUT_LIST_N='1'  
INPUT_LIST_1='IP_NET_1 ACCEPT'   # alle hosts im lokalen netz dürfen auf den router zugreifen  
				 
#
# Zugriff auf das ``Internet''  
#

FORWARD_POLICY='REJECT'  
FORWARD_ACCEPT_DEF='yes'  
FORWARD_LOG='no'  
FORWARD_LIST_N='3'  
FORWARD_LIST_1='tmpl:samba DROP' # samba pakete, die das netz verlassen wollen, werden verworfen  
FORWARD_LIST_2='IP_NET_1 ACCEPT' # alle anderen pakete dürfen das lokale netz verlassen  
FORWARD_LIST_3='IP_NET_2 ACCEPT' # alle anderen pakete dürfen das lokale netz verlassen  

#
# Maskieren des lokalen Netzes
#
POSTROUTING_LIST_N='2'  
POSTROUTING_LIST_1='IP_NET_1 MASQUERADE'  # masquerade traffic leaving the subnet  
POSTROUTING_LIST_2='IP_NET_2 MASQUERADE'  # masquerade traffic leaving the subnet  

#------------------------------------------------------------------------------
# Simple DMZ setup for dial-up based routers -- see documentation
#------------------------------------------------------------------------------
OPT_DMZ='no'  

#------------------------------------------------------------------------------
# Optional package: PORTFW
#------------------------------------------------------------------------------
PORTFW_N='0'                          # how many portforwardings to set up  
PORTFW_1_TARGET='8080'                # example 1: forward ext. port 8080  
PORTFW_1_NEW_TARGET='192.168.6.15:80' # ...to int. host 192.168.6.15 port 80  
PORTFW_1_PROTOCOL='tcp'               # ...using tcp  
PORTFW_2_TARGET='3000-3010'           # example 2: forward portrange 3000-3010  
PORTFW_2_NEW_TARGET='192.168.6.15'    # ...to int. host 192.168.6.15  
PORTFW_2_PROTOCOL='tcp'               # ...using tcp  

#------------------------------------------------------------------------------
# Masq modules
#------------------------------------------------------------------------------
MASQ_MODULE_N='1'                     # load n masq modules (default: only ftp)  
MASQ_MODULE_1='ftp'                   # ftp  
MASQ_MODULE_1_OPTION=''               # options, see documentation  
MASQ_MODULE_2='irc'                   # irc  
MASQ_MODULE_2_OPTION=''               # options, see documentation  

#------------------------------------------------------------------------------
# Domain configuration:
#------------------------------------------------------------------------------
DOMAIN_NAME='lan.fli4l'               # your domain name  
DNS_FORWARDERS='194.8.57.8'           # DNS servers of your provider,  
                                      # e.g. ns.n-ix.net

OPT_DNS='yes'                         # start dns server: yes or no  
    DNS_LISTENIP_N='0'                # if 0 then listen on all interfaces  
    DNS_LISTENIP_1='IP_NET_1_IPADDR'  # first IP to listen on  
    DNS_VERBOSE='no'                  # log queries into syslog  
    DNS_MX_SERVER=''                  # fqdn of the mx for your DOMAIN  
    DNS_FORBIDDEN_N='0'               # number of forbidden domains  
    DNS_FORBIDDEN_1='foo.bar'         # 1st forbidden domain  
    DNS_FORBIDDEN_2='bar.foo'         # 2nd forbidden domain  
    DNS_REDIRECT_N='0'                # number of redirected domains  
    DNS_REDIRECT_1='foo.bar.foo'      # 1st redirected domain  
    DNS_REDIRECT_1_IP='192.168.6.100' # IP of redirected domain  
    DNS_BOGUS_PRIV='yes'              # fake reverse lookups for RFC1918  
                                      # private address ranges
    DNS_FILTERWIN2K='yes'             # filters useless windows-originated DNS  
                                      # requests and blocks all SRV requests

    # Special DNS configuration
    #--------------------------
    DNS_SPECIAL_N='0'                           # number of special   
                                                # dns servers, normally 0
    #DNS_SPECIAL_1='firma.de 192.168.1.12'      # 1st special dns server  
                                                # for firma.de
    #DNS_SPECIAL_2='lan.firma.de 192.168.2.12'  # 2nd special dns server  
                                                # for lan.firma.de

HOSTS_N='4'                           # number of hosts in your domain  
                                      # 1st host:
HOST_1_NAME='HOSTNAME'                # name or aliasname e.g. "HOSTNAME"  
HOST_1_IP='IP_NET_1_IPADDR'           # IP or aliasname e.g. "IP_NET_1_IPADDR"  
#HOST_1_ALIAS_N='0'                   # number of optional alias names  
#HOST_1_ALIAS_1='router.lan.fli4l'    # 1st optional alias name  
#HOST_1_ALIAS_2='gateway.lan.fli4l'  
                                      # 2nd host:
HOST_2_NAME='client2'                 # name  
HOST_2_IP='192.168.6.2'               # IP  
#HOST_2_DHCPTYP='hostname'            # set static dhcp-lease via [hostname]   
                                      # or [mac]
#HOST_2_MAC='de:ad:af:fe:07:19'       # optional mac address used by dhcpd  
                                      # 3rd host:
HOST_3_NAME='client3'                 # name  
HOST_3_IP='192.168.6.3'               # IP  
#HOST_3_MAC='de:ad:be:ef:07:19'  
                                      # 4th host:
HOST_4_NAME='client4'                 # name  
HOST_4_IP='192.168.6.4'               # IP  
#HOST_4_MAC='de:ad:be:ef:08:15'  

#------------------------------------------------------------------------------
# DNSMASQ-DHCP server
#------------------------------------------------------------------------------
OPT_DNSDHCP='no'                      # activate DHCP server: yes or no  

    DNSDHCP_LS_TIME_DYN='3600'        # default time for dynamic leases: 1 hour  
    DNSDHCP_MAX_LS_TIME_DYN='7200'    # max time  for dynamic leases: 2 hours  
    DNSDHCP_LS_TIME_FIX='86400'       # default time for fix leases: 1 day  
    DNSDHCP_MAX_LS_TIME_FIX='604800'  # max time for fix leases: 1 week  
    DNSDHCP_LEASES_DIR='/boot'        # don't touch this until you  
                                      # have read the manual!

    DNSDHCP_WINSSERVER_1=''           # IP-address of 1st external wins-server  
                                      # (don't use if OPT_NMBD='yes'!)  
    DNSDHCP_WINSSERVER_2=''           # IP-address of 2nd external wins-server  
                                      # (don't use if OPT_NMBD='yes'!)  

    # Parameters for local Networks
    # -----------------------------
    DNSDHCP_RANGE_1_START='192.168.6.100'     # start-IP of n'th ethernet,  
                                              # see IP_NET_N
    DNSDHCP_RANGE_1_END='192.168.6.150'       # end-IP of n'th ethernet,  
                                              # see IP_NET_N
    DNSDHCP_RANGE_1_DNS_SERVER=''             # if empty the IP of interface  
                                              # IP_NET_N is used;
                                              # if set to 'none' no  
                                              # dns-server is transmitted
    DNSDHCP_RANGE_1_NTP_SERVER=''             # if empty and OPT_CHRONY='yes'  
                                              # the IP of interface IP_NET_N
                                              # is used; if set to 'none' no  
                                              # ntp-server is transmitted
    DNSDHCP_RANGE_1_GATEWAY=''                # if empty the IP of interface  
                                              # IP_NET_N is used;
                                              # if set to 'none' no  
                                              # gateway is transmitted

    # Parameters for extra Networks (via relay)
    # -----------------------------------------
    DNSDHCP_EXTRA_RANGE_N='0'                    # number of extra ranges  
    DNSDHCP_EXTRA_RANGE_1_START='192.168.8.2'    # start-IP of n'th extra range  
    DNSDHCP_EXTRA_RANGE_1_END='192.168.8.50'     # end-IP of n'th extra range  
    DNSDHCP_EXTRA_RANGE_1_NETMASK='255.255.255.0'  # netmask for extra range  
    DNSDHCP_EXTRA_RANGE_1_DNS_SERVER='192.168.8.1' # DNS Server for extra range  
    DNSDHCP_EXTRA_RANGE_1_NTP_SERVER=''          # NTP Server for extra range  
    DNSDHCP_EXTRA_RANGE_1_GATEWAY='192.168.8.1'  # default gateway for  
                                                 # extra range

    DNSDHCP_EXTRA_RANGE_1_DEVICE='eth0'    # device used to reach extra network  
                                                   

    # Deny hosts from dhcp-Access
    # ---------------------------
    DNSDHCP_DENY_MAC_N='0'                    # number of denied MAC addresses  
    DNSDHCP_DENY_MAC_1='00:01:02:03:04:05'    # MAC address is denied from DHCP  


#------------------------------------------------------------------------------
# imond configuration:
#------------------------------------------------------------------------------
START_IMOND='no'                    # start imond: yes or no  
    IMOND_USE_ORIG='yes'            # use the original version of imond instead  
                                    # of the development version: yes or no
    IMOND_PORT='5000'               # port (tcp), don't open it to the outside  
    IMOND_PASS=''                   # imond-password, may be empty  
    IMOND_ADMIN_PASS=''             # imond-admin-password, may be empty  
    IMOND_LED=''                    # tty for led: com1 - com4 or empty  
    IMOND_BEEP='no'                 # beep if connection going up/down  
    IMOND_LOG='no'                  # log /var/log/imond.log: yes or no  
    IMOND_LOGDIR='/var/log'         # log-directory, e.g. /var/log  
    IMOND_ENABLE='yes'              # accept "enable/disable" commands  
    IMOND_DIAL='yes'                # accept "dial/hangup" commands  
    IMOND_ROUTE='yes'               # accept "route" command  
    IMOND_REBOOT='yes'              # accept "reboot" command  

#------------------------------------------------------------------------------
# Generic circuit configuration:
#------------------------------------------------------------------------------
IP_DYN_ADDR='yes'                   # use dyn. IP addresses (most providers do)  
DIALMODE='auto'                     # standard dialmode: auto, manual, or off  

#------------------------------------------------------------------------------
# optional package: syslogd
#------------------------------------------------------------------------------
OPT_SYSLOGD='no'                       # start syslogd: yes or no  
    SYSLOGD_DEST_N='1'                 # number of destinations  
    SYSLOGD_DEST_1='*.* /dev/console'  # n'th prio & destination of syslog msgs  
    SYSLOGD_DEST_2='*.* @192.168.6.2'  # example: loghost 192.168.6.2  
    SYSLOGD_DEST_3='kern.info /var/log/dial.log'  # example: log infos to file  

#------------------------------------------------------------------------------
# Optional package: klogd
#------------------------------------------------------------------------------
OPT_KLOGD='no'                      # start klogd: yes or no  

#------------------------------------------------------------------------------
# Optional package: y2k correction
#------------------------------------------------------------------------------
OPT_Y2K='no'                        # y2k correction: yes or no  
    Y2K_DAYS='0'                    # correct hardware y2k-bug: add x days  

#------------------------------------------------------------------------------
# Optional package: PNP
#------------------------------------------------------------------------------
OPT_PNP='no'                        # install isapnp tools: yes or no  

************************************************************************

proxy.txt
#------------------------------------------------------------------------------
# Optional package: PRIVOXY (Privacy Enhancing Proxy)
#------------------------------------------------------------------------------
OPT_PRIVOXY='yes'                  # privoxy: yes or no  

PRIVOXY_LISTEN_N='1'              # number off interfaces to listen on  
PRIVOXY_LISTEN_1='IP_NET_1_IPADDR:8118'  
#PRIVOXY_LISTEN_1='IP_NET_1_IPADDR:3128'  
#PRIVOXY_LISTEN_1='IP_NET_1_IPADDR:3128'  
                                  # use an ip adress or a symblic name like
                                  # IP_NET_1_IPADDR followed by a port number
PRIVOXY_ALLOW_N='2'  
PRIVOXY_ALLOW_1='IP_NET_1'        # open firewall for the hosts and networks listed in the allow list  
PRIVOXY_ALLOW_2='IP_NET_2'        # open firewall for the hosts and networks listed in the allow list  

#PRIVOXY_FORWARD=''  # optional forward-host:forward-port  
PRIVOXY_FORWARD='localhost:3128'  # optional forward-host:forward-port  
PRIVOXY_TOGGLE='yes'              # may user switch privoxy off?  
PRIVOXY_EDIT_CONFIG='yes'         # may users edit the config online?  

PRIVOXY_LOGDIR=''                 # do you want a log file?  
PRIVOXY_LOGLEVEL='1 4096 8192'    # what to log? (see manual)  
PRIVOXY_USETOR='no'               # forward all request to the tor anon proxy  

OPT_TOR='no'                      # install tor sock4/5 anon proxy  
TOR_LISTEN_N='2'                  # number off interfaces to listen on  
TOR_LISTEN_1='IP_NET_1_IPADDR:9050'  
TOR_LISTEN_2='IP_NET_2_IPADDR:9050'  
                                  # use an ip adress or a symblic name like
                                  # IP_NET_1_IPADDR followed by a port number

TOR_ALLOW_N='2'  
TOR_ALLOW_1='IP_NET_1'            # open firewall for the hosts and networks  
TOR_ALLOW_2='IP_NET_2'            # open firewall for the hosts and networks  

OPT_SS5='no'                      # install ss5 sock4/5 proxy  
SS5_LISTEN_N='2'                  # number off interfaces to listen on  
SS5_LISTEN_1='IP_NET_1_IPADDR:8050'  
SS5_LISTEN_2='IP_NET_2_IPADDR:8050'  
                                  # use an ip adress or a symblic name like
                                  # IP_NET_1_IPADDR followed by a port number
SS5_ALLOW_N='2'  
SS5_ALLOW_1='IP_NET_1'            # open firewall for the hosts and networks  
SS5_ALLOW_2='IP_NET_2'            # open firewall for the hosts and networks  

************************************************************************

squid.txt

#------------------------------------------------------------------------------
# Optional package: PROXY (squid)
#------------------------------------------------------------------------------
OPT_SQUID='yes'  
SQUID_TRANSPARENT_CACHING='no'                  # squid redirects port 80 to  
                                                # cache clients who do not
                                                # enter proxy in configuration
SQUID_HTTP_PORT='3128'                          # Squid listens on this port  
                                                # default: 3128
SQUID_MEM_CACHE_SIZE='12'                        # in MB  
                                                # default: 8
SQUID_DISK_CACHE_SIZE='512'                     # in MB  
                                                # first Squid cache directory
SQUID_MAX_OBJECT_SIZE='10000'                   # maximum size of objects in  
                                                # cache in kB
SQUID_WORK_DIR='/data/squid'                    # dir where cache and logs are  
                                                # stored. Must have rw access
                                                # and should not be deleted on
                                                # reboot

#----------------------------------
# log file settings:
#----------------------------------
SQUID_CYCLE_LOG_N='10'                          # number of logfile rotations  
                                                # (0=disable the rotation)
SQUID_CYCLE_LOG_TIME='172800'                   # if empty default of 48 hours  
                                                # will be used. You have to set
                                                # it in seconds(48h=172800sec.)
                                                # could be 1h (3600) if you
                                                # have not enough space
                                                # after X sec. log files will
                                                # be deleted to free up space
SQUID_ACCESS_LOG='yes'                          # create access.log or not  
SQUID_HTTPD_LIKE_LOG='yes'                      # emulate httpd like log entries  
                                                # to make them more readable
                                                # e.g. if you don't want to have  
                                                # a unix like timestamp in your
                                                # log's  
                                                # prevents some loganalyzers

#----------------------------------
# squid network settings:
#----------------------------------
SQUID_AUTO_CONFIG='yes'                         # configure allowed networks  
                                                # with networks in base.txt
SQUID_ACCESS_NET_N='0'                          # number of IP ethernet networks  
#SQUID_ACCESS_NET_1='10.0.0.0/8'                 # network wich is allowed to  
                                                # access squid
#SQUID_ACCESS_NET_2='172.16.0.0/12'              # network wich is allowed to  
                                                # access squid
#SQUID_ACCESS_NET_3='192.168.0.0/16'             # network wich is allowed to  
                                                # access squid
#SQUID_ACCESS_NET_1='192.168.0.0/16'  

#----------------------------------
# squid advanced settings:
#----------------------------------
SQUID_CONNECT_TIMEOUT='60'                      # time duration until which squid  
                                                # waits for reply from server
SQUID_CACHE_DIR_N='0'                           # define more than cache dirs  
                                                # if you want to spread cache
                                                # over multiple disks
SQUID_CACHE_1_DIR='/disk2/squid-cache'          # where the cache is located  
SQUID_CACHE_1_SIZE='1000'                       # in MB  

SQUID_NEXT_PROXY='no' # Parent Proxy  
#SQUID_NEXT_PROXY_URL='IP_NET_1_IPADDR' # URL or IP of Parent Proxy  
SQUID_NEXT_PROXY_URL='IP_NET_1_IPADDR' # URL or IP of Parent Proxy  
SQUID_NEXT_PROXY_PORT='9050' # Port Parent Proxy  

************************************************************************

squid_addons.txt

OPT_SQUID_ADDONS='yes'		# use this only with OPT_SQUID ex Version 1.0!!  

SQUID_ADDONS_ADMIN_EMAIL='admin@home.lan'  

#------------------------------------------------------------------------------
# Authentication:
#------------------------------------------------------------------------------
SQUID_ADDONS_AUTH='yes'  

SQUID_ADDONS_AUTH_TRUST_N='0'  
SQUID_ADDONS_AUTH_TRUST_1_IP='192.168.0.13'  

SQUID_ADDONS_AUTH_USER_N='1'                			# number of users for authentication  
SQUID_ADDONS_AUTH_USER_1_USERNAME='fli4l'   			# name of the 1st user  
SQUID_ADDONS_AUTH_USER_1_PASSWORD='password'   		# password of the 1st user  

#------------------------------------------------------------------------------
# Privoxy usage:
#------------------------------------------------------------------------------
SQUID_ADDONS_USEPRIVOXY='no'						# If you want to use Squid and  
#SQUID_ADDONS_PRIVOXY_USED_PORT='8118'	# Privoxy (in the Proxy-Package) Original  
SQUID_ADDONS_PRIVOXY_USED_PORT='3128'		# Privoxy (in the Proxy-Package)  
																				# than the prefered way is
																				# 'Browser->Squid->Privoxy'  

#------------------------------------------------------------------------------
# Filter:
#------------------------------------------------------------------------------
SQUID_ADDONS_FILTER_N='2'  
SQUID_ADDONS_FILTER_1='domains-exclude'  
SQUID_ADDONS_FILTER_2='feltel'			  
		# from: 'http://www.feltel.de/ftp/os/linux/squid-proxy/blacklists'  
		# and 'http://pgl.yoyo.org/adservers/index.php' (squid dstdom_regex)  

# Outdatet:
SQUID_ADDONS_FILTER_3='porn'  
SQUID_ADDONS_FILTER_4='ads'  
SQUID_ADDONS_FILTER_5='drugs'  
SQUID_ADDONS_FILTER_6='gambling'  
SQUID_ADDONS_FILTER_7='violence'  
SQUID_ADDONS_FILTER_8='warez'  
SQUID_ADDONS_FILTER_9='hacking'  
SQUID_ADDONS_FILTER_10='aggressive'  
SQUID_ADDONS_FILTER_11='audio-video'  
SQUID_ADDONS_FILTER_12='proxy'  
SQUID_ADDONS_FILTER_13='mail'  

#------------------------------------------------------------------------------
# Sarg: the Squid Analyzer
#
# EASYCRON_x_COMMAND='/usr/local/squid-addons/bin/sarg_create_report_daily  
# EASYCRON_x_TIME='*/5 * * * *'		# for daily report every 5 minutes  
#
# EASYCRON_x_COMMAND='/usr/local/squid-addons/bin/sarg_create_report_monthly  
# EASYCRON_x_TIME='0 0 1 * *'		# create monthly report and rotate   
#					# the squid log
#
# the URL for the WebReport is: http://ip-or-name-of-the-fli4l/sargreport
#------------------------------------------------------------------------------
SQUID_ADDONS_SARG='yes'  

SQUID_ADDONS_SARG_USER_N='1'		# number of users to authenticate for  
					# the Web-View, if zero than everyone
					# who knows the url can see the reports
					
SQUID_ADDONS_SARG_USER_1_USERNAME='admin'	# name of the 1st user  
SQUID_ADDONS_SARG_USER_1_PASSWORD='password'   	# password of the 1st user  

SQUID_ADDONS_SARG_CUSTOMER_LOGO='no'		# place a image in PNG-format  
						# in config/etc/squid/custom.png
SQUID_ADDONS_SARG_CUSTOMER_LOGO_SIZE='151 33'	# the size of the former logo  

#SQUID_ADDONS_SARG_CUSTOMER_CSS='no'		# an CSS-File for the output		-- won't work at moment!!  
						# configure the template at
						# config/etc/squid/css.tpl and
						# rename it to custom.css

SQUID_ADDONS_SARG_BACKGROUND_COLOR='#FFCC00'  	# color in HEX-Values  

# Do NOT change, unless you know what you do!
SQUID_ADDONS_SARG_REPORT_TYPE='topusers topsites denied auth_failures downloads'  
SQUID_ADDONS_SARG_TOPUSER_FIELDS='NUM USERID BYTES %BYTES IN-CACHE-OUT USED_TIME %TIME TOTAL'  
SQUID_ADDONS_SARG_USER_REPORT_FIELDS='CONNECT BYTES %BYTES IN-CACHE-OUT USED_TIME %TIME TOTAL'  


Das sind meine aktuellen Dateien

Zur weiteren Info:
Ich benutze Fli4L 3.1.0 sowie die Pakete für 3.1.0

Für eine Hilfe wäre ich sehr dankbar...

Grüße

subbermichl

Content-Key: 36941

Url: https://administrator.de/contentid/36941

Ausgedruckt am: 29.03.2024 um 13:03 Uhr

Mitglied: crimson1968
crimson1968 29.07.2006 um 21:15:39 Uhr
Goto Top
Hi,

nur mal eine generelle Frage dazu:
Warum schaust Du nicht in die Fli4l - Newsgroups? Dort sind eher Leute zu finden, die Dir helfen können.

Ich hatte vor langer Zeit einen Fli4l-Router im Einsatz, habe damals auch mit Squid rumgewerkelt und den
Router dann irgendwann aufgegeben. Ansonsten hätte ich Dir auch hier gerne geholfen, aber die Erinnerung
ist schlecht. face-smile


Gruß,
crimson1968
Mitglied: 33149
33149 29.07.2006 um 21:24:38 Uhr
Goto Top
Hallo vielen dank für den Tipp! Ich denke aber es ist eine Frage des Routings "und nichts dramatisches" deswegen habe ich mich an das administrator.de Forum gewandt. Hier sind schon einige Experten!
Mitglied: 33149
33149 30.07.2006 um 18:53:12 Uhr
Goto Top
Problem gelöst face-smile

Wer ebenfalls interesse hat, einfach melden.

Grüße

subbermichl
Mitglied: 33149
33149 02.08.2006 um 00:57:27 Uhr
Goto Top
Hallo Leute!

Aufgrund der hohen Nachfrage nach Fli4L und dem Zusammenhand zu Proxy & User Authentifizierung z.B. in einem kleinen Heimnetz habe ich mir die Mühe gemacht, und mache mir die Mühe, eure Fragen zu beantworten bzw. einige Tutorials zu schreiben.

Bei Fragen, auch andere..., besucht bitte http://www.zymware.de oder http://www.zymware-it.de und ich werde versuchen eure Fragen so treffend wie möglich zu beantworten. Bitte nutzt dies auch wenn ich euch schon Unterstützung in diesem Umfeld biete...
denn: wie kann man "Nach-Hause-telefonierende" Schadprogramme oder Viren besser unterbinden als wie man Ihnen den Zugriff aufs Internet NUR mit Authentifizierung erlaubt?!?

Grüße

subbermichl

23.09.2006

Habe ein Fli4l Forum eingerichtet... bitte um rege Beteiligung!

Forum: www.fli4l.zymware.de