Squid + Dhcp

Başlatan midas, 20 Mart 2014 - 13:34:03

« önceki - sonraki »

0 Üyeler ve 2 Ziyaretçi konuyu incelemekte.

midas

arkadaslar ubuntu üzerine dhcp ve squid kurdum fakat transparent olarak calıstramadım yapılandırmam asagıdaki gibi

DHCp
default-lease-time 600;
    max-lease-time 7200;

    option subnet-mask 255.255.255.0;
    option broadcast-address 192.168.10.255;
    option routers 192.168.10.10;
    option domain-name-servers 192.168.10.10, 208.67.222.222;
    #option domain-name "dincsoy.net";

    subnet 192.168.10.0 netmask 255.255.255.0 {
    range 192.168.10.11 192.168.10.99;
    }


Squid

acl SSL_ports port 443
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http

acl CONNECT method CONNECT
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
http_access allow localhost
http_access deny all
http_port 3128 transparent
acl lan src 192.168.10.0/24

http_access allow lan
coredump_dir /var/spool/squid3
refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern -i (/cgi-bin/|\?) 0     0%      0
refresh_pattern (Release|Packages(.gz)*)$      0       20%     2880
refresh_pattern .               0       20%     4320

iptables

# Generated by iptables-save v1.4.18 on Thu Mar 20 11:12:45 2014
*filter
:INPUT ACCEPT [2457:3096260]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [1552:135819]
-A INPUT -i eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
COMMIT
# Completed on Thu Mar 20 11:12:45 2014
# Generated by iptables-save v1.4.18 on Thu Mar 20 11:12:45 2014
*nat
:PREROUTING ACCEPT [15:1309]
:INPUT ACCEPT [7:1053]
:OUTPUT ACCEPT [22:1581]
:POSTROUTING ACCEPT [22:1581]
-A POSTROUTING -o eth1 -j MASQUERADE
COMMIT
# Completed on Thu Mar 20 11:12:45 2014

sorun ne olabilir ?