If you want to filter a net browsing in a linux gateway server using iptables,squid and Dansguardian follow my steps
etho=Internet ipaddress
eth1=192.168.0.229
Do the necessary steps to make Linux machine as router and gateway
# yum install squid
Open the configuration file of the squid.
# vi /etc/squid/squid.conf
Enter the following line
http_port 3128 transparent
Add the Acls
acl home_network src 192.168.0.0/24
http_access allow home_network
# service squid start
# iptables -A INPUT -m tcp -p tcp -s ! 127.0.0.1 --dport 3128 -j DROP
# service iptables save
# service iptables restart
This Will block your employess from connecting to squid directly.
1 . Install Dansguardian from the source or RPM
I am using RPM here
The files are installed in /etc/dansguardian. Open Main configuration file of dansguardian. Enter the following details.
# vi /etc/dansguadian/dansguardian.conf
proxyip = 192.168.0.229
proxyport = 3128
filterport = 8080
save the file.
Run the following redirect
# iptables -A PREROUTING -s 192.168.0.0/24 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080
In the clients set the gateway as 192.168.0.229(in my case)
No comments:
Post a Comment