Top-Themen

Aktuelle Themen (A bis Z)

Administrator.de FeedbackApache ServerAppleAssemblerAudioAusbildungAuslandBackupBasicBatch & ShellBenchmarksBibliotheken & ToolkitsBlogsCloud-DiensteClusterCMSCPU, RAM, MainboardsCSSC und C++DatenbankenDatenschutzDebianDigitiales FernsehenDNSDrucker und ScannerDSL, VDSLE-BooksE-BusinessE-MailEntwicklungErkennung und -AbwehrExchange ServerFestplatten, SSD, RaidFirewallFlatratesGoogle AndroidGrafikGrafikkarten & MonitoreGroupwareHardwareHosting & HousingHTMLHumor (lol)Hyper-VIconsIDE & EditorenInformationsdiensteInstallationInstant MessagingInternetInternet DomäneniOSISDN & AnaloganschlüsseiTunesJavaJavaScriptKiXtartKVMLAN, WAN, WirelessLinuxLinux DesktopLinux NetzwerkLinux ToolsLinux UserverwaltungLizenzierungMac OS XMicrosoftMicrosoft OfficeMikroTik RouterOSMonitoringMultimediaMultimedia & ZubehörNetzwerkeNetzwerkgrundlagenNetzwerkmanagementNetzwerkprotokolleNotebook & ZubehörNovell NetwareOff TopicOpenOffice, LibreOfficeOutlook & MailPapierkorbPascal und DelphiPeripheriegerätePerlPHPPythonRechtliche FragenRedHat, CentOS, FedoraRouter & RoutingSambaSAN, NAS, DASSchriftartenSchulung & TrainingSEOServerServer-HardwareSicherheitSicherheits-ToolsSicherheitsgrundlagenSolarisSonstige SystemeSoziale NetzwerkeSpeicherkartenStudentenjobs & PraktikumSuche ProjektpartnerSuseSwitche und HubsTipps & TricksTK-Netze & GeräteUbuntuUMTS, EDGE & GPRSUtilitiesVB for ApplicationsVerschlüsselung & ZertifikateVideo & StreamingViren und TrojanerVirtualisierungVisual StudioVmwareVoice over IPWebbrowserWebentwicklungWeiterbildungWindows 7Windows 8Windows 10Windows InstallationWindows MobileWindows NetzwerkWindows ServerWindows SystemdateienWindows ToolsWindows UpdateWindows UserverwaltungWindows VistaWindows XPXenserverXMLZusammenarbeit

FLI4L - SQUID - Proxy - SQUID ADDONS - User Authentifizierung

Mitglied: 33149

33149 (Level 1)

29.07.2006, aktualisiert 02.11.2016, 13157 Aufrufe, 4 Kommentare

Hi Leute,

ich versuche ein kleines Netzwerk mit Proxy und Squid einzurichten und bei jedem Zugriff auf dass Internet soll der User sich mit Usernamen und Passwort Authentifizieren müssen. Ich scheitere kläglich.

Der FLI4L Router besteht aus:
133MHZ Pentium
8 GB Platte
2 identischen Netzwerkkarten

Infrastruktur:

Momentan:
Rechner --> Fli4L-Router --> WirelessRouter --> Modem
192.168.0.13(PC) 192.168.0.10(eth0) + 192.168.0.20(eth1) 192.168.0.1(Router)

Als zusätzliche Vereinacherung soll der Fli4L als reiner Ethernet Router fungieren.

Alle in demselben Netz mit derselben Netzmaske (255.255.255.0)

Die Netzwerkkarten agieren beide mit dem IP Protokoll, da der FLI4L nicht als PPPOE Router eingerichtet ist (und auch nicht soll!)

Kann mir jemand sagen wie ich base.txt, squid.txt, squid_addons.txt, proxy.txt einrichten muss bzw helfen bei der Einrichtung? Dafür wäre ich sehr dankbar!

Meine momentanen Einstellungen (OHNE den Versuch der Authentifizierung):
01.
base.txt
02.
#------------------------------------------------------------------------------
03.
# General settings:
04.
#------------------------------------------------------------------------------
05.
HOSTNAME='fli4l'               # name of fli4l router
06.
PASSWORD='fli4l'               # password for root login (console, sshd, imond)
07.
BOOT_TYPE='hd'                 # boot device: fd, fdx2, dualfd, hd, cd, ls120,
08.
                               # integrated, attached, netboot, pxeboot
09.
                               # (cd, cdemul, hd and ls120 need an
10.
                               # installed opt hd)
11.
MOUNT_BOOT='rw'                # mount boot device (floppy): ro, rw, no
12.
TIME_INFO='MEZ-1MESZ,M3.5.0,M10.5.0'
13.
                               # description of local time zone,
14.
                               # don't touch without reading documentation
15.
KERNEL_VERSION='2.4.32'        # kernel version
16.
KERNEL_BOOT_OPTION=''          # append option to kernel command line
17.
COMP_TYPE_KERNEL='gzip'        # compression-type for kernel: gzip, bzip2
18.
COMP_TYPE_ROOTFS='gzip'        # compression-type for rootfs: gzip, bzip2
19.
IP_CONNTRACK_MAX=''            # override maximum limit of connection
20.
                               # tracking entries
21.
POWEROFF_ON_HALT='no'          # power off after shutting down the machine
22.
REAL_MODE_POWEROFF='no'        # switch to real mode before invoking
23.
                               # apm power off
24.
 
25.
#------------------------------------------------------------------------------
26.
# Localisation
27.
#------------------------------------------------------------------------------
28.
LOCALE='de'                    # defines the default language for several
29.
                               # components, such as menu and httpd
30.
 
31.
#------------------------------------------------------------------------------
32.
# Mount extra floppy drive to /floppy:
33.
#------------------------------------------------------------------------------
34.
OPT_MOUNTFLOPPY='no'           # mount extra floppy drive: first, second, no
35.
 
36.
#------------------------------------------------------------------------------
37.
# Console settings (serial console, blank time):
38.
#------------------------------------------------------------------------------
39.
CONSOLE_BLANK_TIME=''          # time in minutes (1-60) to blank
40.
                               # console; '0' = never, '' = system default
41.
SER_CONSOLE='no'               # use serial interface instead of or as
42.
                               # additional output device and main input device
43.
    SER_CONSOLE_IF='0'         # serial interface to use, 0 for ttyS0 (COM1)
44.
    SER_CONSOLE_RATE='9600'    # baudrate for serial console
45.
    SER_BEEP='no'              # enable beep after boot and shutdown
46.
 
47.
#------------------------------------------------------------------------------
48.
# Debug Settings:
49.
#------------------------------------------------------------------------------
50.
DEBUG_STARTUP='no'             # write an execution trace of the boot
51.
DEBUG_LOG=''                   # sequence to file DEBUG_LOG or console if
52.
                               # DEBUG_LOG is empty
53.
 
54.
#------------------------------------------------------------------------------
55.
# Show service menu after login:
56.
#------------------------------------------------------------------------------
57.
OPT_MENU='yes'                 # service menu for users
58.
    MENU_LANGUAGE=''           # language for the service menu; defaults to
59.
                               # 'LOCALE' if left empty
60.
#------------------------------------------------------------------------------
61.
# Keyboard layout
62.
#------------------------------------------------------------------------------
63.
KEYBOARD_LOCALE='auto'         # auto: use most common keyboard layout for
64.
                               # the language specified in 'LOCALE'
65.
OPT_MAKEKBL='no'               # set to 'yes' to make a new local keyboard
66.
                               # layout map on the fli4l-router
67.
 
68.
Die Ethernetkarten lass ich weg um Zeichen zu sparen!
69.
 
70.
 
71.
#------------------------------------------------------------------------------
72.
NET_DRV_N='1'                  			# number of ethernet drivers to load, usually 1
73.
NET_DRV_1='8139too'           			# 1st driver: name (e.g. NE2000 PCI clone)
74.
NET_DRV_1_OPTION=''            			# 1st driver: additional option
75.
NET_DRV_2='8139too'                 # 2nd driver: name (e.g. NE2000 ISA clone)
76.
NET_DRV_2_OPTION='io=0x240,0x300'   # 2nd driver: additional option
77.
 
78.
#------------------------------------------------------------------------------
79.
# Ether networks used with IP protocol:
80.
#------------------------------------------------------------------------------
81.
IP_NET_N='2'                   				# number of IP ethernet networks, usually 1
82.
 
83.
 
84.
IP_NET_1='192.168.0.10/24'      				# IP address of your n'th ethernet card and netmask in CIDR (no. of set bits)
85.
IP_NET_1_DEV='eth0'           					# required: device name like ethX
86.
#DLINK zu Router - Squid Abfrage
87.
 
88.
 
89.
IP_NET_2='192.168.0.20/24'      				# IP address of your n'th ethernet card and netmask in CIDR (no. of set bits)
90.
IP_NET_2_DEV='eth1'         						# required: device name like ethX
91.
#Andere zu Rechner
92.
 
93.
#------------------------------------------------------------------------------
94.
# Additional routes, optional
95.
#------------------------------------------------------------------------------
96.
IP_ROUTE_N='2'                              # number of additional routes
97.
IP_ROUTE_1='192.168.0.10/24 192.168.0.20'
98.
IP_ROUTE_2='0.0.0.0/0 192.168.0.1'   			# network/netmaskbits gateway
99.
 
100.
#        IP_ROUTE_1='192.168.0.13/24 192.168.0.10'
101.
 #       IP_ROUTE_2='0.0.0.0/0 192.168.0.1'
102.
 
103.
 
104.
#------------------------------------------------------------------------------
105.
# Packetfilter configuration; there are two styles, old and new -
106.
# you have to choose one of them.
107.
# 
108.
# Please choose the new packet filter configuration, the old one is
109.
# deprecated and only provided for compatibility reasons. During boot
110.
# up the configuration will be translated to the new configuration,
111.
# printed to the screen and written to bootmsg.txt to allow for an
112.
# easy migration to the new config style.
113.
#
114.
# Old style packet filter config - set ORIG_FW_CONFIG='yes' to use
115.
# this version
116.
#------------------------------------------------------------------------------
117.
ORIG_FW_CONFIG='no'
118.
 
119.
#------------------------------------------------------------------------------
120.
# New style packet filter config - set NEW_FW_CONFIG='yes' to use this
121.
# version
122.
#------------------------------------------------------------------------------
123.
NEW_FW_CONFIG='yes'                  # new style packet filter config: yes/no
124.
 
125.
#
126.
# Zugriff auf den Router
127.
#
128.
 
129.
INPUT_POLICY='REJECT'
130.
INPUT_ACCEPT_DEF='yes'
131.
INPUT_LOG='no'
132.
INPUT_LIST_N='1'
133.
INPUT_LIST_1='IP_NET_1 ACCEPT'   # alle hosts im lokalen netz dürfen auf den router zugreifen
134.
				 
135.
#
136.
# Zugriff auf das ``Internet''
137.
#
138.
 
139.
FORWARD_POLICY='REJECT'
140.
FORWARD_ACCEPT_DEF='yes'
141.
FORWARD_LOG='no'
142.
FORWARD_LIST_N='3'
143.
FORWARD_LIST_1='tmpl:samba DROP' # samba pakete, die das netz verlassen wollen, werden verworfen
144.
FORWARD_LIST_2='IP_NET_1 ACCEPT' # alle anderen pakete dürfen das lokale netz verlassen
145.
FORWARD_LIST_3='IP_NET_2 ACCEPT' # alle anderen pakete dürfen das lokale netz verlassen
146.
 
147.
#
148.
# Maskieren des lokalen Netzes
149.
#
150.
POSTROUTING_LIST_N='2'
151.
POSTROUTING_LIST_1='IP_NET_1 MASQUERADE'  # masquerade traffic leaving the subnet
152.
POSTROUTING_LIST_2='IP_NET_2 MASQUERADE'  # masquerade traffic leaving the subnet
153.
 
154.
#------------------------------------------------------------------------------
155.
# Simple DMZ setup for dial-up based routers -- see documentation
156.
#------------------------------------------------------------------------------
157.
OPT_DMZ='no'
158.
 
159.
#------------------------------------------------------------------------------
160.
# Optional package: PORTFW
161.
#------------------------------------------------------------------------------
162.
PORTFW_N='0'                          # how many portforwardings to set up
163.
PORTFW_1_TARGET='8080'                # example 1: forward ext. port 8080
164.
PORTFW_1_NEW_TARGET='192.168.6.15:80' # ...to int. host 192.168.6.15 port 80
165.
PORTFW_1_PROTOCOL='tcp'               # ...using tcp
166.
PORTFW_2_TARGET='3000-3010'           # example 2: forward portrange 3000-3010
167.
PORTFW_2_NEW_TARGET='192.168.6.15'    # ...to int. host 192.168.6.15
168.
PORTFW_2_PROTOCOL='tcp'               # ...using tcp
169.
 
170.
#------------------------------------------------------------------------------
171.
# Masq modules
172.
#------------------------------------------------------------------------------
173.
MASQ_MODULE_N='1'                     # load n masq modules (default: only ftp)
174.
MASQ_MODULE_1='ftp'                   # ftp
175.
MASQ_MODULE_1_OPTION=''               # options, see documentation
176.
MASQ_MODULE_2='irc'                   # irc
177.
MASQ_MODULE_2_OPTION=''               # options, see documentation
178.
 
179.
#------------------------------------------------------------------------------
180.
# Domain configuration:
181.
#------------------------------------------------------------------------------
182.
DOMAIN_NAME='lan.fli4l'               # your domain name
183.
DNS_FORWARDERS='194.8.57.8'           # DNS servers of your provider,
184.
                                      # e.g. ns.n-ix.net
185.
 
186.
OPT_DNS='yes'                         # start dns server: yes or no
187.
    DNS_LISTENIP_N='0'                # if 0 then listen on all interfaces
188.
    DNS_LISTENIP_1='IP_NET_1_IPADDR'  # first IP to listen on
189.
    DNS_VERBOSE='no'                  # log queries into syslog
190.
    DNS_MX_SERVER=''                  # fqdn of the mx for your DOMAIN
191.
    DNS_FORBIDDEN_N='0'               # number of forbidden domains
192.
    DNS_FORBIDDEN_1='foo.bar'         # 1st forbidden domain
193.
    DNS_FORBIDDEN_2='bar.foo'         # 2nd forbidden domain
194.
    DNS_REDIRECT_N='0'                # number of redirected domains
195.
    DNS_REDIRECT_1='foo.bar.foo'      # 1st redirected domain
196.
    DNS_REDIRECT_1_IP='192.168.6.100' # IP of redirected domain
197.
    DNS_BOGUS_PRIV='yes'              # fake reverse lookups for RFC1918
198.
                                      # private address ranges
199.
    DNS_FILTERWIN2K='yes'             # filters useless windows-originated DNS
200.
                                      # requests and blocks all SRV requests
201.
 
202.
    # Special DNS configuration
203.
    #--------------------------
204.
    DNS_SPECIAL_N='0'                           # number of special 
205.
                                                # dns servers, normally 0
206.
    #DNS_SPECIAL_1='firma.de 192.168.1.12'      # 1st special dns server
207.
                                                # for firma.de
208.
    #DNS_SPECIAL_2='lan.firma.de 192.168.2.12'  # 2nd special dns server
209.
                                                # for lan.firma.de
210.
 
211.
HOSTS_N='4'                           # number of hosts in your domain
212.
                                      # 1st host:
213.
HOST_1_NAME='HOSTNAME'                # name or aliasname e.g. "HOSTNAME"
214.
HOST_1_IP='IP_NET_1_IPADDR'           # IP or aliasname e.g. "IP_NET_1_IPADDR"
215.
#HOST_1_ALIAS_N='0'                   # number of optional alias names
216.
#HOST_1_ALIAS_1='router.lan.fli4l'    # 1st optional alias name
217.
#HOST_1_ALIAS_2='gateway.lan.fli4l'
218.
                                      # 2nd host:
219.
HOST_2_NAME='client2'                 # name
220.
HOST_2_IP='192.168.6.2'               # IP
221.
#HOST_2_DHCPTYP='hostname'            # set static dhcp-lease via [hostname] 
222.
                                      # or [mac]
223.
#HOST_2_MAC='de:ad:af:fe:07:19'       # optional mac address used by dhcpd
224.
                                      # 3rd host:
225.
HOST_3_NAME='client3'                 # name
226.
HOST_3_IP='192.168.6.3'               # IP
227.
#HOST_3_MAC='de:ad:be:ef:07:19'
228.
                                      # 4th host:
229.
HOST_4_NAME='client4'                 # name
230.
HOST_4_IP='192.168.6.4'               # IP
231.
#HOST_4_MAC='de:ad:be:ef:08:15'
232.
 
233.
#------------------------------------------------------------------------------
234.
# DNSMASQ-DHCP server
235.
#------------------------------------------------------------------------------
236.
OPT_DNSDHCP='no'                      # activate DHCP server: yes or no
237.
 
238.
    DNSDHCP_LS_TIME_DYN='3600'        # default time for dynamic leases: 1 hour
239.
    DNSDHCP_MAX_LS_TIME_DYN='7200'    # max time  for dynamic leases: 2 hours
240.
    DNSDHCP_LS_TIME_FIX='86400'       # default time for fix leases: 1 day
241.
    DNSDHCP_MAX_LS_TIME_FIX='604800'  # max time for fix leases: 1 week
242.
    DNSDHCP_LEASES_DIR='/boot'        # don't touch this until you
243.
                                      # have read the manual!
244.
 
245.
    DNSDHCP_WINSSERVER_1=''           # IP-address of 1st external wins-server
246.
                                      # (don't use if OPT_NMBD='yes'!)
247.
    DNSDHCP_WINSSERVER_2=''           # IP-address of 2nd external wins-server
248.
                                      # (don't use if OPT_NMBD='yes'!)
249.
 
250.
    # Parameters for local Networks
251.
    # -----------------------------
252.
    DNSDHCP_RANGE_1_START='192.168.6.100'     # start-IP of n'th ethernet,
253.
                                              # see IP_NET_N
254.
    DNSDHCP_RANGE_1_END='192.168.6.150'       # end-IP of n'th ethernet,
255.
                                              # see IP_NET_N
256.
    DNSDHCP_RANGE_1_DNS_SERVER=''             # if empty the IP of interface
257.
                                              # IP_NET_N is used;
258.
                                              # if set to 'none' no
259.
                                              # dns-server is transmitted
260.
    DNSDHCP_RANGE_1_NTP_SERVER=''             # if empty and OPT_CHRONY='yes'
261.
                                              # the IP of interface IP_NET_N
262.
                                              # is used; if set to 'none' no
263.
                                              # ntp-server is transmitted
264.
    DNSDHCP_RANGE_1_GATEWAY=''                # if empty the IP of interface
265.
                                              # IP_NET_N is used;
266.
                                              # if set to 'none' no
267.
                                              # gateway is transmitted
268.
 
269.
    # Parameters for extra Networks (via relay)
270.
    # -----------------------------------------
271.
    DNSDHCP_EXTRA_RANGE_N='0'                    # number of extra ranges
272.
    DNSDHCP_EXTRA_RANGE_1_START='192.168.8.2'    # start-IP of n'th extra range
273.
    DNSDHCP_EXTRA_RANGE_1_END='192.168.8.50'     # end-IP of n'th extra range
274.
    DNSDHCP_EXTRA_RANGE_1_NETMASK='255.255.255.0'  # netmask for extra range
275.
    DNSDHCP_EXTRA_RANGE_1_DNS_SERVER='192.168.8.1' # DNS Server for extra range
276.
    DNSDHCP_EXTRA_RANGE_1_NTP_SERVER=''          # NTP Server for extra range
277.
    DNSDHCP_EXTRA_RANGE_1_GATEWAY='192.168.8.1'  # default gateway for
278.
                                                 # extra range
279.
 
280.
    DNSDHCP_EXTRA_RANGE_1_DEVICE='eth0'    # device used to reach extra network
281.
                                                   
282.
 
283.
    # Deny hosts from dhcp-Access
284.
    # ---------------------------
285.
    DNSDHCP_DENY_MAC_N='0'                    # number of denied MAC addresses
286.
    DNSDHCP_DENY_MAC_1='00:01:02:03:04:05'    # MAC address is denied from DHCP
287.
 
288.
 
289.
#------------------------------------------------------------------------------
290.
# imond configuration:
291.
#------------------------------------------------------------------------------
292.
START_IMOND='no'                    # start imond: yes or no
293.
    IMOND_USE_ORIG='yes'            # use the original version of imond instead
294.
                                    # of the development version: yes or no
295.
    IMOND_PORT='5000'               # port (tcp), don't open it to the outside
296.
    IMOND_PASS=''                   # imond-password, may be empty
297.
    IMOND_ADMIN_PASS=''             # imond-admin-password, may be empty
298.
    IMOND_LED=''                    # tty for led: com1 - com4 or empty
299.
    IMOND_BEEP='no'                 # beep if connection going up/down
300.
    IMOND_LOG='no'                  # log /var/log/imond.log: yes or no
301.
    IMOND_LOGDIR='/var/log'         # log-directory, e.g. /var/log
302.
    IMOND_ENABLE='yes'              # accept "enable/disable" commands
303.
    IMOND_DIAL='yes'                # accept "dial/hangup" commands
304.
    IMOND_ROUTE='yes'               # accept "route" command
305.
    IMOND_REBOOT='yes'              # accept "reboot" command
306.
 
307.
#------------------------------------------------------------------------------
308.
# Generic circuit configuration:
309.
#------------------------------------------------------------------------------
310.
IP_DYN_ADDR='yes'                   # use dyn. IP addresses (most providers do)
311.
DIALMODE='auto'                     # standard dialmode: auto, manual, or off
312.
 
313.
#------------------------------------------------------------------------------
314.
# optional package: syslogd
315.
#------------------------------------------------------------------------------
316.
OPT_SYSLOGD='no'                       # start syslogd: yes or no
317.
    SYSLOGD_DEST_N='1'                 # number of destinations
318.
    SYSLOGD_DEST_1='*.* /dev/console'  # n'th prio & destination of syslog msgs
319.
    SYSLOGD_DEST_2='*.* @192.168.6.2'  # example: loghost 192.168.6.2
320.
    SYSLOGD_DEST_3='kern.info /var/log/dial.log'  # example: log infos to file
321.
 
322.
#------------------------------------------------------------------------------
323.
# Optional package: klogd
324.
#------------------------------------------------------------------------------
325.
OPT_KLOGD='no'                      # start klogd: yes or no
326.
 
327.
#------------------------------------------------------------------------------
328.
# Optional package: y2k correction
329.
#------------------------------------------------------------------------------
330.
OPT_Y2K='no'                        # y2k correction: yes or no
331.
    Y2K_DAYS='0'                    # correct hardware y2k-bug: add x days
332.
 
333.
#------------------------------------------------------------------------------
334.
# Optional package: PNP
335.
#------------------------------------------------------------------------------
336.
OPT_PNP='no'                        # install isapnp tools: yes or no
337.
 
338.
************************************************************************
339.
 
340.
proxy.txt
341.
#------------------------------------------------------------------------------
342.
# Optional package: PRIVOXY (Privacy Enhancing Proxy)
343.
#------------------------------------------------------------------------------
344.
OPT_PRIVOXY='yes'                  # privoxy: yes or no
345.
 
346.
PRIVOXY_LISTEN_N='1'              # number off interfaces to listen on
347.
PRIVOXY_LISTEN_1='IP_NET_1_IPADDR:8118'
348.
#PRIVOXY_LISTEN_1='IP_NET_1_IPADDR:3128'
349.
#PRIVOXY_LISTEN_1='IP_NET_1_IPADDR:3128'
350.
                                  # use an ip adress or a symblic name like
351.
                                  # IP_NET_1_IPADDR followed by a port number
352.
PRIVOXY_ALLOW_N='2'
353.
PRIVOXY_ALLOW_1='IP_NET_1'        # open firewall for the hosts and networks listed in the allow list
354.
PRIVOXY_ALLOW_2='IP_NET_2'        # open firewall for the hosts and networks listed in the allow list
355.
 
356.
#PRIVOXY_FORWARD=''  # optional forward-host:forward-port
357.
PRIVOXY_FORWARD='localhost:3128'  # optional forward-host:forward-port
358.
PRIVOXY_TOGGLE='yes'              # may user switch privoxy off?
359.
PRIVOXY_EDIT_CONFIG='yes'         # may users edit the config online?
360.
 
361.
PRIVOXY_LOGDIR=''                 # do you want a log file?
362.
PRIVOXY_LOGLEVEL='1 4096 8192'    # what to log? (see manual)
363.
PRIVOXY_USETOR='no'               # forward all request to the tor anon proxy
364.
 
365.
OPT_TOR='no'                      # install tor sock4/5 anon proxy
366.
TOR_LISTEN_N='2'                  # number off interfaces to listen on
367.
TOR_LISTEN_1='IP_NET_1_IPADDR:9050'
368.
TOR_LISTEN_2='IP_NET_2_IPADDR:9050'
369.
                                  # use an ip adress or a symblic name like
370.
                                  # IP_NET_1_IPADDR followed by a port number
371.
 
372.
TOR_ALLOW_N='2'
373.
TOR_ALLOW_1='IP_NET_1'            # open firewall for the hosts and networks
374.
TOR_ALLOW_2='IP_NET_2'            # open firewall for the hosts and networks
375.
 
376.
OPT_SS5='no'                      # install ss5 sock4/5 proxy
377.
SS5_LISTEN_N='2'                  # number off interfaces to listen on
378.
SS5_LISTEN_1='IP_NET_1_IPADDR:8050'
379.
SS5_LISTEN_2='IP_NET_2_IPADDR:8050'
380.
                                  # use an ip adress or a symblic name like
381.
                                  # IP_NET_1_IPADDR followed by a port number
382.
SS5_ALLOW_N='2'
383.
SS5_ALLOW_1='IP_NET_1'            # open firewall for the hosts and networks
384.
SS5_ALLOW_2='IP_NET_2'            # open firewall for the hosts and networks
385.
 
386.
************************************************************************
387.
 
388.
squid.txt
389.
 
390.
#------------------------------------------------------------------------------
391.
# Optional package: PROXY (squid)
392.
#------------------------------------------------------------------------------
393.
OPT_SQUID='yes'
394.
SQUID_TRANSPARENT_CACHING='no'                  # squid redirects port 80 to
395.
                                                # cache clients who do not
396.
                                                # enter proxy in configuration
397.
SQUID_HTTP_PORT='3128'                          # Squid listens on this port
398.
                                                # default: 3128
399.
SQUID_MEM_CACHE_SIZE='12'                        # in MB
400.
                                                # default: 8
401.
SQUID_DISK_CACHE_SIZE='512'                     # in MB
402.
                                                # first Squid cache directory
403.
SQUID_MAX_OBJECT_SIZE='10000'                   # maximum size of objects in
404.
                                                # cache in kB
405.
SQUID_WORK_DIR='/data/squid'                    # dir where cache and logs are
406.
                                                # stored. Must have rw access
407.
                                                # and should not be deleted on
408.
                                                # reboot
409.
 
410.
#----------------------------------
411.
# log file settings:
412.
#----------------------------------
413.
SQUID_CYCLE_LOG_N='10'                          # number of logfile rotations
414.
                                                # (0=disable the rotation)
415.
SQUID_CYCLE_LOG_TIME='172800'                   # if empty default of 48 hours
416.
                                                # will be used. You have to set
417.
                                                # it in seconds(48h=172800sec.)
418.
                                                # could be 1h (3600) if you
419.
                                                # have not enough space
420.
                                                # after X sec. log files will
421.
                                                # be deleted to free up space
422.
SQUID_ACCESS_LOG='yes'                          # create access.log or not
423.
SQUID_HTTPD_LIKE_LOG='yes'                      # emulate httpd like log entries
424.
                                                # to make them more readable
425.
                                                # e.g. if you don't want to have
426.
                                                # a unix like timestamp in your
427.
                                                # log's
428.
                                                # prevents some loganalyzers
429.
 
430.
#----------------------------------
431.
# squid network settings:
432.
#----------------------------------
433.
SQUID_AUTO_CONFIG='yes'                         # configure allowed networks
434.
                                                # with networks in base.txt
435.
SQUID_ACCESS_NET_N='0'                          # number of IP ethernet networks
436.
#SQUID_ACCESS_NET_1='10.0.0.0/8'                 # network wich is allowed to
437.
                                                # access squid
438.
#SQUID_ACCESS_NET_2='172.16.0.0/12'              # network wich is allowed to
439.
                                                # access squid
440.
#SQUID_ACCESS_NET_3='192.168.0.0/16'             # network wich is allowed to
441.
                                                # access squid
442.
#SQUID_ACCESS_NET_1='192.168.0.0/16'
443.
 
444.
#----------------------------------
445.
# squid advanced settings:
446.
#----------------------------------
447.
SQUID_CONNECT_TIMEOUT='60'                      # time duration until which squid
448.
                                                # waits for reply from server
449.
SQUID_CACHE_DIR_N='0'                           # define more than cache dirs
450.
                                                # if you want to spread cache
451.
                                                # over multiple disks
452.
SQUID_CACHE_1_DIR='/disk2/squid-cache'          # where the cache is located
453.
SQUID_CACHE_1_SIZE='1000'                       # in MB
454.
 
455.
SQUID_NEXT_PROXY='no' # Parent Proxy
456.
#SQUID_NEXT_PROXY_URL='IP_NET_1_IPADDR' # URL or IP of Parent Proxy
457.
SQUID_NEXT_PROXY_URL='IP_NET_1_IPADDR' # URL or IP of Parent Proxy
458.
SQUID_NEXT_PROXY_PORT='9050' # Port Parent Proxy
459.
 
460.
************************************************************************
461.
 
462.
squid_addons.txt
463.
 
464.
OPT_SQUID_ADDONS='yes'		# use this only with OPT_SQUID ex Version 1.0!!
465.
 
466.
SQUID_ADDONS_ADMIN_EMAIL='admin@home.lan'
467.
 
468.
#------------------------------------------------------------------------------
469.
# Authentication:
470.
#------------------------------------------------------------------------------
471.
SQUID_ADDONS_AUTH='yes'
472.
 
473.
SQUID_ADDONS_AUTH_TRUST_N='0'
474.
SQUID_ADDONS_AUTH_TRUST_1_IP='192.168.0.13'
475.
 
476.
SQUID_ADDONS_AUTH_USER_N='1'                			# number of users for authentication
477.
SQUID_ADDONS_AUTH_USER_1_USERNAME='fli4l'   			# name of the 1st user
478.
SQUID_ADDONS_AUTH_USER_1_PASSWORD='password'   		# password of the 1st user
479.
 
480.
#------------------------------------------------------------------------------
481.
# Privoxy usage:
482.
#------------------------------------------------------------------------------
483.
SQUID_ADDONS_USEPRIVOXY='no'						# If you want to use Squid and
484.
#SQUID_ADDONS_PRIVOXY_USED_PORT='8118'	# Privoxy (in the Proxy-Package) Original
485.
SQUID_ADDONS_PRIVOXY_USED_PORT='3128'		# Privoxy (in the Proxy-Package)
486.
																				# than the prefered way is
487.
																				# 'Browser->Squid->Privoxy'
488.
 
489.
#------------------------------------------------------------------------------
490.
# Filter:
491.
#------------------------------------------------------------------------------
492.
SQUID_ADDONS_FILTER_N='2'
493.
SQUID_ADDONS_FILTER_1='domains-exclude'
494.
SQUID_ADDONS_FILTER_2='feltel'			
495.
		# from: 'http://www.feltel.de/ftp/os/linux/squid-proxy/blacklists'
496.
		# and 'http://pgl.yoyo.org/adservers/index.php' (squid dstdom_regex)
497.
 
498.
# Outdatet:
499.
SQUID_ADDONS_FILTER_3='porn'
500.
SQUID_ADDONS_FILTER_4='ads'
501.
SQUID_ADDONS_FILTER_5='drugs'
502.
SQUID_ADDONS_FILTER_6='gambling'
503.
SQUID_ADDONS_FILTER_7='violence'
504.
SQUID_ADDONS_FILTER_8='warez'
505.
SQUID_ADDONS_FILTER_9='hacking'
506.
SQUID_ADDONS_FILTER_10='aggressive'
507.
SQUID_ADDONS_FILTER_11='audio-video'
508.
SQUID_ADDONS_FILTER_12='proxy'
509.
SQUID_ADDONS_FILTER_13='mail'
510.
 
511.
#------------------------------------------------------------------------------
512.
# Sarg: the Squid Analyzer
513.
#
514.
# EASYCRON_x_COMMAND='/usr/local/squid-addons/bin/sarg_create_report_daily
515.
# EASYCRON_x_TIME='*/5 * * * *'		# for daily report every 5 minutes
516.
#
517.
# EASYCRON_x_COMMAND='/usr/local/squid-addons/bin/sarg_create_report_monthly
518.
# EASYCRON_x_TIME='0 0 1 * *'		# create monthly report and rotate 
519.
#					# the squid log
520.
#
521.
# the URL for the WebReport is: http://ip-or-name-of-the-fli4l/sargreport
522.
#------------------------------------------------------------------------------
523.
SQUID_ADDONS_SARG='yes'
524.
 
525.
SQUID_ADDONS_SARG_USER_N='1'		# number of users to authenticate for
526.
					# the Web-View, if zero than everyone
527.
					# who knows the url can see the reports
528.
					
529.
SQUID_ADDONS_SARG_USER_1_USERNAME='admin'	# name of the 1st user
530.
SQUID_ADDONS_SARG_USER_1_PASSWORD='password'   	# password of the 1st user
531.
 
532.
SQUID_ADDONS_SARG_CUSTOMER_LOGO='no'		# place a image in PNG-format
533.
						# in config/etc/squid/custom.png
534.
SQUID_ADDONS_SARG_CUSTOMER_LOGO_SIZE='151 33'	# the size of the former logo
535.
 
536.
#SQUID_ADDONS_SARG_CUSTOMER_CSS='no'		# an CSS-File for the output		-- won't work at moment!!
537.
						# configure the template at
538.
						# config/etc/squid/css.tpl and
539.
						# rename it to custom.css
540.
 
541.
SQUID_ADDONS_SARG_BACKGROUND_COLOR='#FFCC00'  	# color in HEX-Values
542.
 
543.
# Do NOT change, unless you know what you do!
544.
SQUID_ADDONS_SARG_REPORT_TYPE='topusers topsites denied auth_failures downloads'
545.
SQUID_ADDONS_SARG_TOPUSER_FIELDS='NUM USERID BYTES %BYTES IN-CACHE-OUT USED_TIME %TIME TOTAL'
546.
SQUID_ADDONS_SARG_USER_REPORT_FIELDS='CONNECT BYTES %BYTES IN-CACHE-OUT USED_TIME %TIME TOTAL'

Das sind meine aktuellen Dateien

Zur weiteren Info:
Ich benutze Fli4L 3.1.0 sowie die Pakete für 3.1.0

Für eine Hilfe wäre ich sehr dankbar...

Grüße

subbermichl
Mitglied: crimson1968
29.07.2006 um 21:15 Uhr
Hi,

nur mal eine generelle Frage dazu:
Warum schaust Du nicht in die Fli4l - Newsgroups? Dort sind eher Leute zu finden, die Dir helfen können.

Ich hatte vor langer Zeit einen Fli4l-Router im Einsatz, habe damals auch mit Squid rumgewerkelt und den
Router dann irgendwann aufgegeben. Ansonsten hätte ich Dir auch hier gerne geholfen, aber die Erinnerung
ist schlecht.


Gruß,
crimson1968
Bitte warten ..
Mitglied: 33149
29.07.2006 um 21:24 Uhr
Hallo vielen dank für den Tipp! Ich denke aber es ist eine Frage des Routings "und nichts dramatisches" deswegen habe ich mich an das administrator.de Forum gewandt. Hier sind schon einige Experten!
Bitte warten ..
Mitglied: 33149
30.07.2006 um 18:53 Uhr
Problem gelöst

Wer ebenfalls interesse hat, einfach melden.

Grüße

subbermichl
Bitte warten ..
Mitglied: 33149
02.08.2006 um 00:57 Uhr
Hallo Leute!

Aufgrund der hohen Nachfrage nach Fli4L und dem Zusammenhand zu Proxy & User Authentifizierung z.B. in einem kleinen Heimnetz habe ich mir die Mühe gemacht, und mache mir die Mühe, eure Fragen zu beantworten bzw. einige Tutorials zu schreiben.

Bei Fragen, auch andere..., besucht bitte http://www.zymware.de oder http://www.zymware-it.de und ich werde versuchen eure Fragen so treffend wie möglich zu beantworten. Bitte nutzt dies auch wenn ich euch schon Unterstützung in diesem Umfeld biete...
denn: wie kann man "Nach-Hause-telefonierende" Schadprogramme oder Viren besser unterbinden als wie man Ihnen den Zugriff aufs Internet NUR mit Authentifizierung erlaubt?!?

Grüße

subbermichl

23.09.2006

Habe ein Fli4l Forum eingerichtet... bitte um rege Beteiligung!

Forum: www.fli4l.zymware.de
Bitte warten ..
Ähnliche Inhalte
Netzwerkmanagement
Squid-Proxy "Portstau"?
Frage von J989898Netzwerkmanagement2 Kommentare

Hallo, und zwar habe ich letztens zufälligerweiße in den configs gelesen, dass bei unserem squid (Wohnheim) neben dem Port ...

Firewall
Pfsense und Squid Reverse Proxy
gelöst Frage von GadlaeFirewall3 Kommentare

Hallo zusammen Seit dem Update von Pfsense 2.2 habe ich ein Problem mit dem Squid Reverse Proxy. Ich habe ...

Debian
Squid Proxy ändert seine Route
gelöst Frage von johanna-pDebian11 Kommentare

Liebe Gemeinde, mein Proxy (Squid ver. 27stable9) läuft auf Debian 7 und ändert intermittierend seine Route. So soll es ...

Router & Routing
Squid Revers Proxy Probleme - Exchange
gelöst Frage von theoberlinRouter & Routing1 Kommentar

Hallo zusammen, ich habe ein kleines Problem bezüglich einer Reverse Proxy Konfiguration. Ausgangssituation: PfSense CARP Cluster, Exchange 2016 auf ...

Neue Wissensbeiträge
Humor (lol)
Administrator.de Perlen
Tipp von DerWindowsFreak2 vor 16 StundenHumor (lol)2 Kommentare

Hallo, Heute beim stöbern auf dieser Seite bin auf folgenden Thread aus dem Jahre 2006 gestossen: Was meint ihr? ...

Erkennung und -Abwehr
OpenSSH-Backdoor Malware erkennen
Tipp von Frank vor 1 TagErkennung und -Abwehr

Sicherheitsforscher von Eset haben 21 Malware-Familien untersucht. Die Malware soll Hintertüren via OpenSSH bereitstellen, so dass Angreifer Fernzugriff auf ...

iOS
WatchChat für Whatsapp
Tipp von Criemo vor 4 TageniOS5 Kommentare

Ziemlich coole App für WhatsApp User in Verbindung mit der Apple Watch. Gibts für iOS sowohl als auch für ...

iOS
IOS hat nen Cursor!
Tipp von Criemo vor 5 TageniOS5 Kommentare

Nette Funktion im iOS. iPhone-Mauszeiger aktivieren „Nichts ist nerviger, als bei einem Tippfehler zu versuchen, den iOS-Cursor an die ...

Heiß diskutierte Inhalte
Festplatten, SSD, Raid
SSD zeigt falsche Werte
Frage von karl2014Festplatten, SSD, Raid25 Kommentare

Ich habe ein Problem mit der SSD in meinem Laptop mit Windows 10. Es ist eine 1Tb Platte die ...

Server-Hardware
WS 2016 Essentials Hardware
Frage von ChefknechtServer-Hardware23 Kommentare

Moin welche Hardware würdet ihr empfehlen? Dell Poweredge HP Proliant Fujitsu Ich bin total konfus was nun nötig ist, ...

Windows Server
Welche Option fürs Windows Server Installations besser
Frage von backitWindows Server22 Kommentare

Hi Zusammen, ich werde unserer AD (SBS 2011) und Exchange 2010 Servern auf neuen physikalischen Server umziehen. ich habe ...

Ubuntu
Installation freerdp 2.0.0-rc4
Frage von kristovUbuntu20 Kommentare

Hallo, möchte freerdp 2.0.0-rc4 auf linux mint 18.3 installieren, habe aber keine Ahnung, wie das funktioniert. freerdp 1.1 ist ...