33149
29.07.2006, aktualisiert am 02.11.2016
13982
4
0
FLI4L - SQUID - Proxy - SQUID ADDONS - User Authentifizierung
Hi Leute,
ich versuche ein kleines Netzwerk mit Proxy und Squid einzurichten und bei jedem Zugriff auf dass Internet soll der User sich mit Usernamen und Passwort Authentifizieren müssen. Ich scheitere kläglich.
Der FLI4L Router besteht aus:
133MHZ Pentium
8 GB Platte
2 identischen Netzwerkkarten
Infrastruktur:
Momentan:
Rechner --> Fli4L-Router --> WirelessRouter --> Modem
192.168.0.13(PC) 192.168.0.10(eth0) + 192.168.0.20(eth1) 192.168.0.1(Router)
Als zusätzliche Vereinacherung soll der Fli4L als reiner Ethernet Router fungieren.
Alle in demselben Netz mit derselben Netzmaske (255.255.255.0)
Die Netzwerkkarten agieren beide mit dem IP Protokoll, da der FLI4L nicht als PPPOE Router eingerichtet ist (und auch nicht soll!)
Kann mir jemand sagen wie ich base.txt, squid.txt, squid_addons.txt, proxy.txt einrichten muss bzw helfen bei der Einrichtung? Dafür wäre ich sehr dankbar!
Meine momentanen Einstellungen (OHNE den Versuch der Authentifizierung):
Das sind meine aktuellen Dateien
Zur weiteren Info:
Ich benutze Fli4L 3.1.0 sowie die Pakete für 3.1.0
Für eine Hilfe wäre ich sehr dankbar...
Grüße
subbermichl
ich versuche ein kleines Netzwerk mit Proxy und Squid einzurichten und bei jedem Zugriff auf dass Internet soll der User sich mit Usernamen und Passwort Authentifizieren müssen. Ich scheitere kläglich.
Der FLI4L Router besteht aus:
133MHZ Pentium
8 GB Platte
2 identischen Netzwerkkarten
Infrastruktur:
Momentan:
Rechner --> Fli4L-Router --> WirelessRouter --> Modem
192.168.0.13(PC) 192.168.0.10(eth0) + 192.168.0.20(eth1) 192.168.0.1(Router)
Als zusätzliche Vereinacherung soll der Fli4L als reiner Ethernet Router fungieren.
Alle in demselben Netz mit derselben Netzmaske (255.255.255.0)
Die Netzwerkkarten agieren beide mit dem IP Protokoll, da der FLI4L nicht als PPPOE Router eingerichtet ist (und auch nicht soll!)
Kann mir jemand sagen wie ich base.txt, squid.txt, squid_addons.txt, proxy.txt einrichten muss bzw helfen bei der Einrichtung? Dafür wäre ich sehr dankbar!
Meine momentanen Einstellungen (OHNE den Versuch der Authentifizierung):
base.txt
#------------------------------------------------------------------------------
# General settings:
#------------------------------------------------------------------------------
HOSTNAME='fli4l' # name of fli4l router
PASSWORD='fli4l' # password for root login (console, sshd, imond)
BOOT_TYPE='hd' # boot device: fd, fdx2, dualfd, hd, cd, ls120,
# integrated, attached, netboot, pxeboot
# (cd, cdemul, hd and ls120 need an
# installed opt hd)
MOUNT_BOOT='rw' # mount boot device (floppy): ro, rw, no
TIME_INFO='MEZ-1MESZ,M3.5.0,M10.5.0'
# description of local time zone,
# don't touch without reading documentation
KERNEL_VERSION='2.4.32' # kernel version
KERNEL_BOOT_OPTION='' # append option to kernel command line
COMP_TYPE_KERNEL='gzip' # compression-type for kernel: gzip, bzip2
COMP_TYPE_ROOTFS='gzip' # compression-type for rootfs: gzip, bzip2
IP_CONNTRACK_MAX='' # override maximum limit of connection
# tracking entries
POWEROFF_ON_HALT='no' # power off after shutting down the machine
REAL_MODE_POWEROFF='no' # switch to real mode before invoking
# apm power off
#------------------------------------------------------------------------------
# Localisation
#------------------------------------------------------------------------------
LOCALE='de' # defines the default language for several
# components, such as menu and httpd
#------------------------------------------------------------------------------
# Mount extra floppy drive to /floppy:
#------------------------------------------------------------------------------
OPT_MOUNTFLOPPY='no' # mount extra floppy drive: first, second, no
#------------------------------------------------------------------------------
# Console settings (serial console, blank time):
#------------------------------------------------------------------------------
CONSOLE_BLANK_TIME='' # time in minutes (1-60) to blank
# console; '0' = never, '' = system default
SER_CONSOLE='no' # use serial interface instead of or as
# additional output device and main input device
SER_CONSOLE_IF='0' # serial interface to use, 0 for ttyS0 (COM1)
SER_CONSOLE_RATE='9600' # baudrate for serial console
SER_BEEP='no' # enable beep after boot and shutdown
#------------------------------------------------------------------------------
# Debug Settings:
#------------------------------------------------------------------------------
DEBUG_STARTUP='no' # write an execution trace of the boot
DEBUG_LOG='' # sequence to file DEBUG_LOG or console if
# DEBUG_LOG is empty
#------------------------------------------------------------------------------
# Show service menu after login:
#------------------------------------------------------------------------------
OPT_MENU='yes' # service menu for users
MENU_LANGUAGE='' # language for the service menu; defaults to
# 'LOCALE' if left empty
#------------------------------------------------------------------------------
# Keyboard layout
#------------------------------------------------------------------------------
KEYBOARD_LOCALE='auto' # auto: use most common keyboard layout for
# the language specified in 'LOCALE'
OPT_MAKEKBL='no' # set to 'yes' to make a new local keyboard
# layout map on the fli4l-router
Die Ethernetkarten lass ich weg um Zeichen zu sparen!
#------------------------------------------------------------------------------
NET_DRV_N='1' # number of ethernet drivers to load, usually 1
NET_DRV_1='8139too' # 1st driver: name (e.g. NE2000 PCI clone)
NET_DRV_1_OPTION='' # 1st driver: additional option
NET_DRV_2='8139too' # 2nd driver: name (e.g. NE2000 ISA clone)
NET_DRV_2_OPTION='io=0x240,0x300' # 2nd driver: additional option
#------------------------------------------------------------------------------
# Ether networks used with IP protocol:
#------------------------------------------------------------------------------
IP_NET_N='2' # number of IP ethernet networks, usually 1
IP_NET_1='192.168.0.10/24' # IP address of your n'th ethernet card and netmask in CIDR (no. of set bits)
IP_NET_1_DEV='eth0' # required: device name like ethX
#DLINK zu Router - Squid Abfrage
IP_NET_2='192.168.0.20/24' # IP address of your n'th ethernet card and netmask in CIDR (no. of set bits)
IP_NET_2_DEV='eth1' # required: device name like ethX
#Andere zu Rechner
#------------------------------------------------------------------------------
# Additional routes, optional
#------------------------------------------------------------------------------
IP_ROUTE_N='2' # number of additional routes
IP_ROUTE_1='192.168.0.10/24 192.168.0.20'
IP_ROUTE_2='0.0.0.0/0 192.168.0.1' # network/netmaskbits gateway
# IP_ROUTE_1='192.168.0.13/24 192.168.0.10'
# IP_ROUTE_2='0.0.0.0/0 192.168.0.1'
#------------------------------------------------------------------------------
# Packetfilter configuration; there are two styles, old and new -
# you have to choose one of them.
#
# Please choose the new packet filter configuration, the old one is
# deprecated and only provided for compatibility reasons. During boot
# up the configuration will be translated to the new configuration,
# printed to the screen and written to bootmsg.txt to allow for an
# easy migration to the new config style.
#
# Old style packet filter config - set ORIG_FW_CONFIG='yes' to use
# this version
#------------------------------------------------------------------------------
ORIG_FW_CONFIG='no'
#------------------------------------------------------------------------------
# New style packet filter config - set NEW_FW_CONFIG='yes' to use this
# version
#------------------------------------------------------------------------------
NEW_FW_CONFIG='yes' # new style packet filter config: yes/no
#
# Zugriff auf den Router
#
INPUT_POLICY='REJECT'
INPUT_ACCEPT_DEF='yes'
INPUT_LOG='no'
INPUT_LIST_N='1'
INPUT_LIST_1='IP_NET_1 ACCEPT' # alle hosts im lokalen netz dürfen auf den router zugreifen
#
# Zugriff auf das ``Internet''
#
FORWARD_POLICY='REJECT'
FORWARD_ACCEPT_DEF='yes'
FORWARD_LOG='no'
FORWARD_LIST_N='3'
FORWARD_LIST_1='tmpl:samba DROP' # samba pakete, die das netz verlassen wollen, werden verworfen
FORWARD_LIST_2='IP_NET_1 ACCEPT' # alle anderen pakete dürfen das lokale netz verlassen
FORWARD_LIST_3='IP_NET_2 ACCEPT' # alle anderen pakete dürfen das lokale netz verlassen
#
# Maskieren des lokalen Netzes
#
POSTROUTING_LIST_N='2'
POSTROUTING_LIST_1='IP_NET_1 MASQUERADE' # masquerade traffic leaving the subnet
POSTROUTING_LIST_2='IP_NET_2 MASQUERADE' # masquerade traffic leaving the subnet
#------------------------------------------------------------------------------
# Simple DMZ setup for dial-up based routers -- see documentation
#------------------------------------------------------------------------------
OPT_DMZ='no'
#------------------------------------------------------------------------------
# Optional package: PORTFW
#------------------------------------------------------------------------------
PORTFW_N='0' # how many portforwardings to set up
PORTFW_1_TARGET='8080' # example 1: forward ext. port 8080
PORTFW_1_NEW_TARGET='192.168.6.15:80' # ...to int. host 192.168.6.15 port 80
PORTFW_1_PROTOCOL='tcp' # ...using tcp
PORTFW_2_TARGET='3000-3010' # example 2: forward portrange 3000-3010
PORTFW_2_NEW_TARGET='192.168.6.15' # ...to int. host 192.168.6.15
PORTFW_2_PROTOCOL='tcp' # ...using tcp
#------------------------------------------------------------------------------
# Masq modules
#------------------------------------------------------------------------------
MASQ_MODULE_N='1' # load n masq modules (default: only ftp)
MASQ_MODULE_1='ftp' # ftp
MASQ_MODULE_1_OPTION='' # options, see documentation
MASQ_MODULE_2='irc' # irc
MASQ_MODULE_2_OPTION='' # options, see documentation
#------------------------------------------------------------------------------
# Domain configuration:
#------------------------------------------------------------------------------
DOMAIN_NAME='lan.fli4l' # your domain name
DNS_FORWARDERS='194.8.57.8' # DNS servers of your provider,
# e.g. ns.n-ix.net
OPT_DNS='yes' # start dns server: yes or no
DNS_LISTENIP_N='0' # if 0 then listen on all interfaces
DNS_LISTENIP_1='IP_NET_1_IPADDR' # first IP to listen on
DNS_VERBOSE='no' # log queries into syslog
DNS_MX_SERVER='' # fqdn of the mx for your DOMAIN
DNS_FORBIDDEN_N='0' # number of forbidden domains
DNS_FORBIDDEN_1='foo.bar' # 1st forbidden domain
DNS_FORBIDDEN_2='bar.foo' # 2nd forbidden domain
DNS_REDIRECT_N='0' # number of redirected domains
DNS_REDIRECT_1='foo.bar.foo' # 1st redirected domain
DNS_REDIRECT_1_IP='192.168.6.100' # IP of redirected domain
DNS_BOGUS_PRIV='yes' # fake reverse lookups for RFC1918
# private address ranges
DNS_FILTERWIN2K='yes' # filters useless windows-originated DNS
# requests and blocks all SRV requests
# Special DNS configuration
#--------------------------
DNS_SPECIAL_N='0' # number of special
# dns servers, normally 0
#DNS_SPECIAL_1='firma.de 192.168.1.12' # 1st special dns server
# for firma.de
#DNS_SPECIAL_2='lan.firma.de 192.168.2.12' # 2nd special dns server
# for lan.firma.de
HOSTS_N='4' # number of hosts in your domain
# 1st host:
HOST_1_NAME='HOSTNAME' # name or aliasname e.g. "HOSTNAME"
HOST_1_IP='IP_NET_1_IPADDR' # IP or aliasname e.g. "IP_NET_1_IPADDR"
#HOST_1_ALIAS_N='0' # number of optional alias names
#HOST_1_ALIAS_1='router.lan.fli4l' # 1st optional alias name
#HOST_1_ALIAS_2='gateway.lan.fli4l'
# 2nd host:
HOST_2_NAME='client2' # name
HOST_2_IP='192.168.6.2' # IP
#HOST_2_DHCPTYP='hostname' # set static dhcp-lease via [hostname]
# or [mac]
#HOST_2_MAC='de:ad:af:fe:07:19' # optional mac address used by dhcpd
# 3rd host:
HOST_3_NAME='client3' # name
HOST_3_IP='192.168.6.3' # IP
#HOST_3_MAC='de:ad:be:ef:07:19'
# 4th host:
HOST_4_NAME='client4' # name
HOST_4_IP='192.168.6.4' # IP
#HOST_4_MAC='de:ad:be:ef:08:15'
#------------------------------------------------------------------------------
# DNSMASQ-DHCP server
#------------------------------------------------------------------------------
OPT_DNSDHCP='no' # activate DHCP server: yes or no
DNSDHCP_LS_TIME_DYN='3600' # default time for dynamic leases: 1 hour
DNSDHCP_MAX_LS_TIME_DYN='7200' # max time for dynamic leases: 2 hours
DNSDHCP_LS_TIME_FIX='86400' # default time for fix leases: 1 day
DNSDHCP_MAX_LS_TIME_FIX='604800' # max time for fix leases: 1 week
DNSDHCP_LEASES_DIR='/boot' # don't touch this until you
# have read the manual!
DNSDHCP_WINSSERVER_1='' # IP-address of 1st external wins-server
# (don't use if OPT_NMBD='yes'!)
DNSDHCP_WINSSERVER_2='' # IP-address of 2nd external wins-server
# (don't use if OPT_NMBD='yes'!)
# Parameters for local Networks
# -----------------------------
DNSDHCP_RANGE_1_START='192.168.6.100' # start-IP of n'th ethernet,
# see IP_NET_N
DNSDHCP_RANGE_1_END='192.168.6.150' # end-IP of n'th ethernet,
# see IP_NET_N
DNSDHCP_RANGE_1_DNS_SERVER='' # if empty the IP of interface
# IP_NET_N is used;
# if set to 'none' no
# dns-server is transmitted
DNSDHCP_RANGE_1_NTP_SERVER='' # if empty and OPT_CHRONY='yes'
# the IP of interface IP_NET_N
# is used; if set to 'none' no
# ntp-server is transmitted
DNSDHCP_RANGE_1_GATEWAY='' # if empty the IP of interface
# IP_NET_N is used;
# if set to 'none' no
# gateway is transmitted
# Parameters for extra Networks (via relay)
# -----------------------------------------
DNSDHCP_EXTRA_RANGE_N='0' # number of extra ranges
DNSDHCP_EXTRA_RANGE_1_START='192.168.8.2' # start-IP of n'th extra range
DNSDHCP_EXTRA_RANGE_1_END='192.168.8.50' # end-IP of n'th extra range
DNSDHCP_EXTRA_RANGE_1_NETMASK='255.255.255.0' # netmask for extra range
DNSDHCP_EXTRA_RANGE_1_DNS_SERVER='192.168.8.1' # DNS Server for extra range
DNSDHCP_EXTRA_RANGE_1_NTP_SERVER='' # NTP Server for extra range
DNSDHCP_EXTRA_RANGE_1_GATEWAY='192.168.8.1' # default gateway for
# extra range
DNSDHCP_EXTRA_RANGE_1_DEVICE='eth0' # device used to reach extra network
# Deny hosts from dhcp-Access
# ---------------------------
DNSDHCP_DENY_MAC_N='0' # number of denied MAC addresses
DNSDHCP_DENY_MAC_1='00:01:02:03:04:05' # MAC address is denied from DHCP
#------------------------------------------------------------------------------
# imond configuration:
#------------------------------------------------------------------------------
START_IMOND='no' # start imond: yes or no
IMOND_USE_ORIG='yes' # use the original version of imond instead
# of the development version: yes or no
IMOND_PORT='5000' # port (tcp), don't open it to the outside
IMOND_PASS='' # imond-password, may be empty
IMOND_ADMIN_PASS='' # imond-admin-password, may be empty
IMOND_LED='' # tty for led: com1 - com4 or empty
IMOND_BEEP='no' # beep if connection going up/down
IMOND_LOG='no' # log /var/log/imond.log: yes or no
IMOND_LOGDIR='/var/log' # log-directory, e.g. /var/log
IMOND_ENABLE='yes' # accept "enable/disable" commands
IMOND_DIAL='yes' # accept "dial/hangup" commands
IMOND_ROUTE='yes' # accept "route" command
IMOND_REBOOT='yes' # accept "reboot" command
#------------------------------------------------------------------------------
# Generic circuit configuration:
#------------------------------------------------------------------------------
IP_DYN_ADDR='yes' # use dyn. IP addresses (most providers do)
DIALMODE='auto' # standard dialmode: auto, manual, or off
#------------------------------------------------------------------------------
# optional package: syslogd
#------------------------------------------------------------------------------
OPT_SYSLOGD='no' # start syslogd: yes or no
SYSLOGD_DEST_N='1' # number of destinations
SYSLOGD_DEST_1='*.* /dev/console' # n'th prio & destination of syslog msgs
SYSLOGD_DEST_2='*.* @192.168.6.2' # example: loghost 192.168.6.2
SYSLOGD_DEST_3='kern.info /var/log/dial.log' # example: log infos to file
#------------------------------------------------------------------------------
# Optional package: klogd
#------------------------------------------------------------------------------
OPT_KLOGD='no' # start klogd: yes or no
#------------------------------------------------------------------------------
# Optional package: y2k correction
#------------------------------------------------------------------------------
OPT_Y2K='no' # y2k correction: yes or no
Y2K_DAYS='0' # correct hardware y2k-bug: add x days
#------------------------------------------------------------------------------
# Optional package: PNP
#------------------------------------------------------------------------------
OPT_PNP='no' # install isapnp tools: yes or no
************************************************************************
proxy.txt
#------------------------------------------------------------------------------
# Optional package: PRIVOXY (Privacy Enhancing Proxy)
#------------------------------------------------------------------------------
OPT_PRIVOXY='yes' # privoxy: yes or no
PRIVOXY_LISTEN_N='1' # number off interfaces to listen on
PRIVOXY_LISTEN_1='IP_NET_1_IPADDR:8118'
#PRIVOXY_LISTEN_1='IP_NET_1_IPADDR:3128'
#PRIVOXY_LISTEN_1='IP_NET_1_IPADDR:3128'
# use an ip adress or a symblic name like
# IP_NET_1_IPADDR followed by a port number
PRIVOXY_ALLOW_N='2'
PRIVOXY_ALLOW_1='IP_NET_1' # open firewall for the hosts and networks listed in the allow list
PRIVOXY_ALLOW_2='IP_NET_2' # open firewall for the hosts and networks listed in the allow list
#PRIVOXY_FORWARD='' # optional forward-host:forward-port
PRIVOXY_FORWARD='localhost:3128' # optional forward-host:forward-port
PRIVOXY_TOGGLE='yes' # may user switch privoxy off?
PRIVOXY_EDIT_CONFIG='yes' # may users edit the config online?
PRIVOXY_LOGDIR='' # do you want a log file?
PRIVOXY_LOGLEVEL='1 4096 8192' # what to log? (see manual)
PRIVOXY_USETOR='no' # forward all request to the tor anon proxy
OPT_TOR='no' # install tor sock4/5 anon proxy
TOR_LISTEN_N='2' # number off interfaces to listen on
TOR_LISTEN_1='IP_NET_1_IPADDR:9050'
TOR_LISTEN_2='IP_NET_2_IPADDR:9050'
# use an ip adress or a symblic name like
# IP_NET_1_IPADDR followed by a port number
TOR_ALLOW_N='2'
TOR_ALLOW_1='IP_NET_1' # open firewall for the hosts and networks
TOR_ALLOW_2='IP_NET_2' # open firewall for the hosts and networks
OPT_SS5='no' # install ss5 sock4/5 proxy
SS5_LISTEN_N='2' # number off interfaces to listen on
SS5_LISTEN_1='IP_NET_1_IPADDR:8050'
SS5_LISTEN_2='IP_NET_2_IPADDR:8050'
# use an ip adress or a symblic name like
# IP_NET_1_IPADDR followed by a port number
SS5_ALLOW_N='2'
SS5_ALLOW_1='IP_NET_1' # open firewall for the hosts and networks
SS5_ALLOW_2='IP_NET_2' # open firewall for the hosts and networks
************************************************************************
squid.txt
#------------------------------------------------------------------------------
# Optional package: PROXY (squid)
#------------------------------------------------------------------------------
OPT_SQUID='yes'
SQUID_TRANSPARENT_CACHING='no' # squid redirects port 80 to
# cache clients who do not
# enter proxy in configuration
SQUID_HTTP_PORT='3128' # Squid listens on this port
# default: 3128
SQUID_MEM_CACHE_SIZE='12' # in MB
# default: 8
SQUID_DISK_CACHE_SIZE='512' # in MB
# first Squid cache directory
SQUID_MAX_OBJECT_SIZE='10000' # maximum size of objects in
# cache in kB
SQUID_WORK_DIR='/data/squid' # dir where cache and logs are
# stored. Must have rw access
# and should not be deleted on
# reboot
#----------------------------------
# log file settings:
#----------------------------------
SQUID_CYCLE_LOG_N='10' # number of logfile rotations
# (0=disable the rotation)
SQUID_CYCLE_LOG_TIME='172800' # if empty default of 48 hours
# will be used. You have to set
# it in seconds(48h=172800sec.)
# could be 1h (3600) if you
# have not enough space
# after X sec. log files will
# be deleted to free up space
SQUID_ACCESS_LOG='yes' # create access.log or not
SQUID_HTTPD_LIKE_LOG='yes' # emulate httpd like log entries
# to make them more readable
# e.g. if you don't want to have
# a unix like timestamp in your
# log's
# prevents some loganalyzers
#----------------------------------
# squid network settings:
#----------------------------------
SQUID_AUTO_CONFIG='yes' # configure allowed networks
# with networks in base.txt
SQUID_ACCESS_NET_N='0' # number of IP ethernet networks
#SQUID_ACCESS_NET_1='10.0.0.0/8' # network wich is allowed to
# access squid
#SQUID_ACCESS_NET_2='172.16.0.0/12' # network wich is allowed to
# access squid
#SQUID_ACCESS_NET_3='192.168.0.0/16' # network wich is allowed to
# access squid
#SQUID_ACCESS_NET_1='192.168.0.0/16'
#----------------------------------
# squid advanced settings:
#----------------------------------
SQUID_CONNECT_TIMEOUT='60' # time duration until which squid
# waits for reply from server
SQUID_CACHE_DIR_N='0' # define more than cache dirs
# if you want to spread cache
# over multiple disks
SQUID_CACHE_1_DIR='/disk2/squid-cache' # where the cache is located
SQUID_CACHE_1_SIZE='1000' # in MB
SQUID_NEXT_PROXY='no' # Parent Proxy
#SQUID_NEXT_PROXY_URL='IP_NET_1_IPADDR' # URL or IP of Parent Proxy
SQUID_NEXT_PROXY_URL='IP_NET_1_IPADDR' # URL or IP of Parent Proxy
SQUID_NEXT_PROXY_PORT='9050' # Port Parent Proxy
************************************************************************
squid_addons.txt
OPT_SQUID_ADDONS='yes' # use this only with OPT_SQUID ex Version 1.0!!
SQUID_ADDONS_ADMIN_EMAIL='admin@home.lan'
#------------------------------------------------------------------------------
# Authentication:
#------------------------------------------------------------------------------
SQUID_ADDONS_AUTH='yes'
SQUID_ADDONS_AUTH_TRUST_N='0'
SQUID_ADDONS_AUTH_TRUST_1_IP='192.168.0.13'
SQUID_ADDONS_AUTH_USER_N='1' # number of users for authentication
SQUID_ADDONS_AUTH_USER_1_USERNAME='fli4l' # name of the 1st user
SQUID_ADDONS_AUTH_USER_1_PASSWORD='password' # password of the 1st user
#------------------------------------------------------------------------------
# Privoxy usage:
#------------------------------------------------------------------------------
SQUID_ADDONS_USEPRIVOXY='no' # If you want to use Squid and
#SQUID_ADDONS_PRIVOXY_USED_PORT='8118' # Privoxy (in the Proxy-Package) Original
SQUID_ADDONS_PRIVOXY_USED_PORT='3128' # Privoxy (in the Proxy-Package)
# than the prefered way is
# 'Browser->Squid->Privoxy'
#------------------------------------------------------------------------------
# Filter:
#------------------------------------------------------------------------------
SQUID_ADDONS_FILTER_N='2'
SQUID_ADDONS_FILTER_1='domains-exclude'
SQUID_ADDONS_FILTER_2='feltel'
# from: 'http://www.feltel.de/ftp/os/linux/squid-proxy/blacklists'
# and 'http://pgl.yoyo.org/adservers/index.php' (squid dstdom_regex)
# Outdatet:
SQUID_ADDONS_FILTER_3='porn'
SQUID_ADDONS_FILTER_4='ads'
SQUID_ADDONS_FILTER_5='drugs'
SQUID_ADDONS_FILTER_6='gambling'
SQUID_ADDONS_FILTER_7='violence'
SQUID_ADDONS_FILTER_8='warez'
SQUID_ADDONS_FILTER_9='hacking'
SQUID_ADDONS_FILTER_10='aggressive'
SQUID_ADDONS_FILTER_11='audio-video'
SQUID_ADDONS_FILTER_12='proxy'
SQUID_ADDONS_FILTER_13='mail'
#------------------------------------------------------------------------------
# Sarg: the Squid Analyzer
#
# EASYCRON_x_COMMAND='/usr/local/squid-addons/bin/sarg_create_report_daily
# EASYCRON_x_TIME='*/5 * * * *' # for daily report every 5 minutes
#
# EASYCRON_x_COMMAND='/usr/local/squid-addons/bin/sarg_create_report_monthly
# EASYCRON_x_TIME='0 0 1 * *' # create monthly report and rotate
# # the squid log
#
# the URL for the WebReport is: http://ip-or-name-of-the-fli4l/sargreport
#------------------------------------------------------------------------------
SQUID_ADDONS_SARG='yes'
SQUID_ADDONS_SARG_USER_N='1' # number of users to authenticate for
# the Web-View, if zero than everyone
# who knows the url can see the reports
SQUID_ADDONS_SARG_USER_1_USERNAME='admin' # name of the 1st user
SQUID_ADDONS_SARG_USER_1_PASSWORD='password' # password of the 1st user
SQUID_ADDONS_SARG_CUSTOMER_LOGO='no' # place a image in PNG-format
# in config/etc/squid/custom.png
SQUID_ADDONS_SARG_CUSTOMER_LOGO_SIZE='151 33' # the size of the former logo
#SQUID_ADDONS_SARG_CUSTOMER_CSS='no' # an CSS-File for the output -- won't work at moment!!
# configure the template at
# config/etc/squid/css.tpl and
# rename it to custom.css
SQUID_ADDONS_SARG_BACKGROUND_COLOR='#FFCC00' # color in HEX-Values
# Do NOT change, unless you know what you do!
SQUID_ADDONS_SARG_REPORT_TYPE='topusers topsites denied auth_failures downloads'
SQUID_ADDONS_SARG_TOPUSER_FIELDS='NUM USERID BYTES %BYTES IN-CACHE-OUT USED_TIME %TIME TOTAL'
SQUID_ADDONS_SARG_USER_REPORT_FIELDS='CONNECT BYTES %BYTES IN-CACHE-OUT USED_TIME %TIME TOTAL' Das sind meine aktuellen Dateien
Zur weiteren Info:
Ich benutze Fli4L 3.1.0 sowie die Pakete für 3.1.0
Für eine Hilfe wäre ich sehr dankbar...
Grüße
subbermichl
Kommentieren
Teilen
Auf Facebook teilen
Auf X (Twitter) teilen
Auf Reddit teilen
Auf Linkedin teilenBitte markiere auch die Kommentare, die zur Lösung des Beitrags beigetragen haben
Content-ID: 36941
Url: https://administrator.de/forum/fli4l-squid-proxy-squid-addons-user-authentifizierung-36941.html
Ausgedruckt am: 07.05.2025 um 00:05 Uhr
4 Kommentare
Neuester Kommentar
Hi,
nur mal eine generelle Frage dazu:
Warum schaust Du nicht in die Fli4l - Newsgroups? Dort sind eher Leute zu finden, die Dir helfen können.
Ich hatte vor langer Zeit einen Fli4l-Router im Einsatz, habe damals auch mit Squid rumgewerkelt und den
Router dann irgendwann aufgegeben. Ansonsten hätte ich Dir auch hier gerne geholfen, aber die Erinnerung
ist schlecht.
Gruß,
crimson1968
nur mal eine generelle Frage dazu:
Warum schaust Du nicht in die Fli4l - Newsgroups? Dort sind eher Leute zu finden, die Dir helfen können.
Ich hatte vor langer Zeit einen Fli4l-Router im Einsatz, habe damals auch mit Squid rumgewerkelt und den
Router dann irgendwann aufgegeben. Ansonsten hätte ich Dir auch hier gerne geholfen, aber die Erinnerung
ist schlecht.
Gruß,
crimson1968
Hallo vielen dank für den Tipp! Ich denke aber es ist eine Frage des Routings "und nichts dramatisches" deswegen habe ich mich an das administrator.de Forum gewandt. Hier sind schon einige Experten!
Problem gelöst
Wer ebenfalls interesse hat, einfach melden.
Grüße
subbermichl
Wer ebenfalls interesse hat, einfach melden.
Grüße
subbermichl
Hallo Leute!
Aufgrund der hohen Nachfrage nach Fli4L und dem Zusammenhand zu Proxy & User Authentifizierung z.B. in einem kleinen Heimnetz habe ich mir die Mühe gemacht, und mache mir die Mühe, eure Fragen zu beantworten bzw. einige Tutorials zu schreiben.
Bei Fragen, auch andere..., besucht bitte http://www.zymware.de oder http://www.zymware-it.de und ich werde versuchen eure Fragen so treffend wie möglich zu beantworten. Bitte nutzt dies auch wenn ich euch schon Unterstützung in diesem Umfeld biete...
denn: wie kann man "Nach-Hause-telefonierende" Schadprogramme oder Viren besser unterbinden als wie man Ihnen den Zugriff aufs Internet NUR mit Authentifizierung erlaubt?!?
Grüße
subbermichl
23.09.2006
Habe ein Fli4l Forum eingerichtet... bitte um rege Beteiligung!
Forum: www.fli4l.zymware.de
Aufgrund der hohen Nachfrage nach Fli4L und dem Zusammenhand zu Proxy & User Authentifizierung z.B. in einem kleinen Heimnetz habe ich mir die Mühe gemacht, und mache mir die Mühe, eure Fragen zu beantworten bzw. einige Tutorials zu schreiben.
Bei Fragen, auch andere..., besucht bitte http://www.zymware.de oder http://www.zymware-it.de und ich werde versuchen eure Fragen so treffend wie möglich zu beantworten. Bitte nutzt dies auch wenn ich euch schon Unterstützung in diesem Umfeld biete...
denn: wie kann man "Nach-Hause-telefonierende" Schadprogramme oder Viren besser unterbinden als wie man Ihnen den Zugriff aufs Internet NUR mit Authentifizierung erlaubt?!?
Grüße
subbermichl
23.09.2006
Habe ein Fli4l Forum eingerichtet... bitte um rege Beteiligung!
Forum: www.fli4l.zymware.de
