Redhat 6.2 Installation Howto -Basic Proxy and Transparent



Similar documents
How to Create, Setup, and Configure an Ubuntu Router with a Transparent Proxy.

Deploying IBM Lotus Domino on Red Hat Enterprise Linux 5. Version 1.0

Linux Networking Basics

OS Installation Guide Red Hat Linux 9.0

Linux Squid Proxy Server

Semantic based Web Application Firewall (SWAF - V 1.6)

Chapter 2 Preparing Your Network

DSL-G604T Install Guides

Red Hat Linux 7.2 Installation Guide

THE HONG KONG POLYTECHNIC UNIVERSITY Department of Electronic and Information Engineering

F-SECURE MESSAGING SECURITY GATEWAY

A candidate following a programme of learning leading to this unit will be able to:

Installing Operating Systems

SuperLumin Nemesis. Administration Guide. February 2011

Virtual Appliance Setup Guide

I N S T A L L A T I O N M A N U A L

Installing Virtual Coordinator (VC) in Linux Systems that use RPM (Red Hat, Fedora, CentOS) Document # 15807A1-103 Date: Aug 06, 2012

What is included in the ATRC server support

Operating System Installation Guidelines

CYAN SECURE WEB APPLIANCE. User interface manual

SETTING UP REMOTE ACCESS ON EYEMAX PC BASED DVR.

Kwickserver Firewall. Overwiew. Features. Two distinct internal networks. Portfilter. Documentation Version 1.1. Peter Buzanits

F-Secure Messaging Security Gateway. Deployment Guide

Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice.

Quick Note 052. Connecting to Digi Remote Manager SM Through Web Proxy

1:1 NAT in ZeroShell. Requirements. Overview. Network Setup

Wireless G Broadband quick install

Cable Internet Connection & Sharing using Red Hat 7.2 (Version 1.0, )

1. What is this? Why would I want it?

Dynamic DNS How-To Guide

Step-by-Step Setup Guide Wireless File Transmitter FTP Mode

How to Configure an Initial Installation of the VMware ESXi Hypervisor

Deploying Windows Streaming Media Servers NLB Cluster and metasan

EZblue BusinessServer The All - In - One Server For Your Home And Business

Instructions for Adding a MacOS 10.4.x Server to ASURITE for File Sharing. Installation Section

F-Secure Internet Gatekeeper Virtual Appliance

How to set up a free iscsi or NAS storage system for VMware ESX using Openfiler

Secure Web Appliance. Reverse Proxy

How to install PowerChute Network Shutdown on VMware ESXi 3.5, 4.0 and 4.1

Remote Desktop How-To. How to log into your computer remotely using Windows XP, etc.

EZblue BusinessServer The All - In - One Server For Your Home And Business

Chapter 1 Configuring Basic Connectivity

SAS3 INSTALLATION MANUAL SNONO SYSTEMS 2015

Firewall VPN Router. Quick Installation Guide M73-APO09-380

Best Practices in Hardening Apache Services under Linux

Yosemite Server Backup Installation Guide

ZENworks Virtual Appliance Deployment and Administration Reference

Smoothwall Web Filter Deployment Guide

QuickBooks Enterprise Solutions. Linux Database Server Manager Installation and Configuration Guide

User Guide. Cloud Gateway Software Device

Create a virtual machine at your assigned virtual server. Use the following specs

TB168 (Rev4) - Networking Linux Based Controls

Deskpool Quick Start. Version: V2.1.x. Based on Hyper-V Server 2012 R2. Shenzhen Jieyun Technology Co., Ltd (

Multi-Homing Dual WAN Firewall Router

Aspen Cloud Server Management Console

NETWORK SET UP GUIDE FOR

Installation Guide for WebSphere Application Server (WAS) and its Fix Packs on AIX V5.3L

Evaluation guide. Vyatta Quick Evaluation Guide

Installing the Microsoft Network Driver Interface

Configuration Manual English version

IIS, FTP Server and Windows

Configuring SSL VPN on the Cisco ISA500 Security Appliance

Overview Customer Login Main Page VM Management Creation... 4 Editing a Virtual Machine... 6

Upgrading Cisco UCS Central

Internet Filtering Appliance. User s Guide VERSION 1.2

Configuring a BEC 7800TN Wireless ADSL Modem

42goISP Documentation

SYSTEM ADMINISTRATION LAB

Network Setup Guide. 1 Glossary. 2 Operation. 1.1 Static IP. 1.2 Point-to-Point Protocol over Ethernet (PPPoE)

(1) Network Camera

Virtual Appliance for VMware Server. Getting Started Guide. Revision Warning and Disclaimer

Amahi Instruction Manual

Hosting more than one FortiOS instance on. VLANs. 1. Network topology

First Installation Guide

Configuring Your Gateman Proxy Server

Hands-on MESH Network Exercise Workbook

Pass Through Proxy. How-to. Overview:..1 Why PTP?...1

1 PC to WX64 direction connection with crossover cable or hub/switch

escan SBS 2008 Installation Guide

LOCKSS on LINUX. Installation Manual and the OpenBSD Transition 02/17/2011

Lab Configuring Access Policies and DMZ Settings

Barracuda Link Balancer Administrator s Guide

Asterisk SIP Trunk Settings - Vestalink

VoIPon Tel: +44 (0) Fax: +44 (0)

REMOTE ACCESS DDNS CONFIGURATION MANUAL

ISERink Installation Guide

Newton Linux User Group Graphing SNMP with Cacti and RRDtool

LOCKSS on LINUX. CentOS6 Installation Manual 08/22/2013

Support Notes for SUSE LINUX Enterprise Server 9 Service Pack 3 for the Intel Itanium 2 Processor Family

Savvius Insight Initial Configuration

Configuring Routers and Their Settings

Setting Up Scan to SMB on TaskALFA series MFP s.

System Area Manager. Remote Management

Cloud.com CloudStack Community Edition 2.1 Beta Installation Guide

PRODUCT VERSION: LYNC SERVER 2010, LYNC SERVER 2013, WINDOWS SERVER 2008

ODP REGIONAL NODE DEPLOYMENT QUICK GUIDE FOR TRAININGS

How to Configure edgebox as a Web Server

Dell Proximity Printing Solution. Installation Guide

You may refer the Quick Installation Guide in the package box for more information.

Name Services (DNS): This is Quick rule will enable the Domain Name Services on the firewall.

Transcription:

Redhat 6.2 Installation Howto -Basic Proxy and Transparent This is a guide document although very detailed in some sections. It assumes you have a have an idea about installing RH and working with Linux. Some will find it very tedious others will be grateful. 1) Installation Pre install Decide if you are going to do basic proxy behind the firewall (one nic needed) Proxy as firewall or transparent proxy (two nics needed) a) Disk partitions Swap area set this equal or greater to the size of the ram. Minimum 128 Meg. Create a /boot partition of 30 meg / (Root) to fill the rest of the drive (or minimum 4 gig) or partition for /home and / var. b) Video setup Choose the Compaq 171FS works for most monitor types. Be VERY SURE to create a boot disk just in case something goes wrong. I recommend installing EVERYTHING. It never fails you always need the one thing you forgot to put on. 2) Post install Linuxconf a) Network (for internal interface) Set hostname proxy.domain.org IP address - (192.168.0.1) Subnet - 255.255.255.0 Device name eth0 Kernel module 3c509 (or whatever has been detected) Second NIC (if transparent ) Ask you ISP or use DHCP IP address (216.174.182.1) Subnet 255.255.255.0 Device name - eth1 Kernel Module 3c509 (or whatever has been detected) b) DNS Domain nlsd113.org Dns 142.165.5.2, 142.165.21.5 supplied by ISP or DHCP c) Routes If DHCP just enable forwarding. Gateway 192.168.0.254 if internal or supplied by ISP Enable routing (forwarding)

d) Hosts Cd /etc Vi hosts Add this line 192.168.0.1 proxy.domain.org proxy 3) Upgrades It is very wise to download all the patches for 6.2 from a web site and burn them to a CD. There are allot of patches almost 300 megabytes worth. Some of these patches are required before you can install DG so you better get them Also get the latest Dansguardian, blacklists and your favorite bannedphrase list. I highly recommend Webmin as well as you will be providing a restart button Through the webmin interface a little later. Also this install guide is based on Webmin on RH 6.2 Adding patches (insert the patches CD Rom) Mount /dev/cdrom Cd /mnt/cdrom Using rpm U a*.rpm install the following groups of packages in the order listed. example. Rpm U d*.rpm d, Rp, a, b, y, x, w, v, t, o, e, f, p, l, m, n, k, g, j, s, uc, um, us, rh, rm, imap-2000-,imap-devel- 2000, imap-2000c, imap-devel-2000c, in, ip, ir, ipspell-3.1, up Ls less Rpm U DansGua*.rpm Rpm U SysVinit* Rpm U X*.rpm Cp blacklists*.gz /etc/dansguardian Cp ban*.zip /etc/dansguardian Tar zxpf blacklist*.gz Mv bannedphraselist bannedphraselist.old Unzip bannedphraselist2.zip Cd /etc Vi lilo.conf Change the line with vmlinuz to be just vmlinuz Type Lilo <enter> Restart the system with shutdown r now 4) DG Startx if it runs O.K. at a good resolution the move on else exit and run Xconfigurator If gnome crashes then use ps ax to find the pid (number) for gnome session and kill it.

5) Setup with Webmin a) System Bootup and Shutdown Set the following applications to boot on startup Dansguardian Httpd Dhcpd Named Squid Apache Configure b) Servers Networking set port to 81 save and apply (or start) DHCP Add a new subnet Network address 192.168.0.0 netmask 255.255.255.0 Address range 192.168.0.50 192.168.0.200 Save Edit client options Default routers 192.168.0.254 Dns servers 192.168.0.1, 142.165.5.2 Save Control alt F3 login Cd /etc Vi dhcpd.conf Find the line with domain name servers set to 192.168.0.1,142.165.5.2 Squid Misc (Set these option only if you will be using transparent proxy) Http accel host virtual (make sure to DESELECT default) http accel port 80 http accel with proxy on http accel user header yes

Access Control Select <client address> and click <Create New ACL> Acl name localnetwork 192.168.0.1 192.168.0.254 255.255.255.0 save Add proxy restriction Select allow And select the name localnetwork and save Move the restriction to the top of the list Return to squid menu Initialize the cache as squid (if this has not been done) Start squid or apply changes Hardware -> network configuration Network interface 6) Runlevel Setup Startx if not already started Use system -> control panel Make sure that DG starts at number 99 and squid at 87 on runlevels 3 and 5 Squid must load first 7) Configure DG Control alt F3 and login if not already done Cd /etc/dansguardian Dansguardian.conf Vi dansguardian.conf Change YOUR-SERVER to 192.168.0.1:81 Change reporting level and log level to taste. (log level is best it is only records violations. Prefered log settings, only log violations, and reporting only level 1. cp dansguardian.conf dansguardian.good (this is upgrade protection. Upgrades WILL erase this file) Bannedurllist Vi bannedurllist Remove leading # (comment) characters from entries except the line containing proxy (it may not be in your blacklist and Dg will fail to start) Restart DG /etc/rc.d/init.d/dansguardian restart

8) Webmin Setup 1) Open Webmin Notes: These setups are made to allow teachers to log in and restart the internet if it should shutdown for some reason. http://192.168.0.1:10000 if not already done. Log in with root xxxxxx Goto webmin -> webmin configuration Goto webmin modules Set module to clone to custom commands Set the name to Dansguardian restart Clone the module Webmin index -> Others -> Dansguardian Restart Create a new custom command Description -> Internet Restart Command -> /etc/rc.d/init.d/dansguardian restart Run as user -> root Save Webmin index -> Webmin -> Webmin Users Create a new webmin user Username -> user Password -> password Modules -> select dansguardian restart save 9) Test your proxy Set your client for both ports 8080 and 3128 8080 should be filtered and 3128 unfiltered. 10) Transparent proxy Many thanks to bkahuna2k@usa.net whoever you may be ;-) for this fine info. vi /etc/rc.d/init.d/rc.firewall if using ipchains add... /sbin/ipchains -A input -p tcp -d 0.0.0.0/0 80 -j REDIRECT 8080 /sbin/ipchains A input if using ipfwadm add... /sbin/ipfwadm -I -a accept -P tcp -D 0.0.0.0/0 80 -r 8080 For Masquerading Add /sbin/depmod -a /sbin/modprobe ip_masq_ftp /sbin/modprobe ip_masq_raudio /sbin/modprobe ip_masq_irc /sbin/modprobe ip_masq_quake 26000,27000,27910,27960

/sbin/modprobe ip_masq_cuseeme /sbin/modprobe ip_masq_vdolive echo "1" > /proc/sys/net/ipv4/ip_forward echo "1" > /proc/sys/net/ipv4/ip_dynaddr /sbin/ipchains -P forward DENY /sbin/ipchains -A forward -s 192.168.0.0/24 -j MASQ

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information