2018 Proxy · Title: 2018 Proxy Created Date: 20180330133200Z
· Web viewClients access internet using proxy only Block website facebook.com, youtube.com,...
Transcript of · Web viewClients access internet using proxy only Block website facebook.com, youtube.com,...
![Page 1: · Web viewClients access internet using proxy only Block website facebook.com, youtube.com, dap-news.com Proxy Server Assing ip for proxy server have two interface Assing defautgateway](https://reader033.fdocuments.in/reader033/viewer/2022051600/5aa11cf27f8b9a76178ee2ba/html5/thumbnails/1.jpg)
Homework Proxy server with IPTABLE
Requirement
Server 2003 (DNS,DHCP,AD,ip 192.168.1.1) Proxy server with iptable linux (2 interface vmnet1
192.168.1.2/24,vmnet2 172.16.1.212/23) Xp client for test(ip range 192.168.1.10=>192.168.1.30/24)
Prepare by CHAN Sarat SNA2012B
Teacher : KIM Bunthoeun
Student : CHAN Sarat
Class : SNA2012B
![Page 2: · Web viewClients access internet using proxy only Block website facebook.com, youtube.com, dap-news.com Proxy Server Assing ip for proxy server have two interface Assing defautgateway](https://reader033.fdocuments.in/reader033/viewer/2022051600/5aa11cf27f8b9a76178ee2ba/html5/thumbnails/2.jpg)
Task to do1. Clients use services of server 2. Clients access internet using proxy only3. Block website facebook.com, youtube.com, dap-news.com
Proxy Server
Assing ip for proxy server have two interface Assing defautgateway
Prepare by CHAN Sarat SNA2012B
![Page 3: · Web viewClients access internet using proxy only Block website facebook.com, youtube.com, dap-news.com Proxy Server Assing ip for proxy server have two interface Assing defautgateway](https://reader033.fdocuments.in/reader033/viewer/2022051600/5aa11cf27f8b9a76178ee2ba/html5/thumbnails/3.jpg)
Assign DNS cist.lan
Prepare by CHAN Sarat SNA2012B
![Page 4: · Web viewClients access internet using proxy only Block website facebook.com, youtube.com, dap-news.com Proxy Server Assing ip for proxy server have two interface Assing defautgateway](https://reader033.fdocuments.in/reader033/viewer/2022051600/5aa11cf27f8b9a76178ee2ba/html5/thumbnails/4.jpg)
Test by ping ip dns cist.lan
Ping defaut gateway cist.lan
Prepare by CHAN Sarat SNA2012B
![Page 5: · Web viewClients access internet using proxy only Block website facebook.com, youtube.com, dap-news.com Proxy Server Assing ip for proxy server have two interface Assing defautgateway](https://reader033.fdocuments.in/reader033/viewer/2022051600/5aa11cf27f8b9a76178ee2ba/html5/thumbnails/5.jpg)
Server2003 Assign ip and defaut gateway
Forwarder dns
Prepare by CHAN Sarat SNA2012B
![Page 6: · Web viewClients access internet using proxy only Block website facebook.com, youtube.com, dap-news.com Proxy Server Assing ip for proxy server have two interface Assing defautgateway](https://reader033.fdocuments.in/reader033/viewer/2022051600/5aa11cf27f8b9a76178ee2ba/html5/thumbnails/6.jpg)
Test by ping dns cist.lan
Prepare by CHAN Sarat SNA2012B
![Page 7: · Web viewClients access internet using proxy only Block website facebook.com, youtube.com, dap-news.com Proxy Server Assing ip for proxy server have two interface Assing defautgateway](https://reader033.fdocuments.in/reader033/viewer/2022051600/5aa11cf27f8b9a76178ee2ba/html5/thumbnails/7.jpg)
Test ping google.com
Prepare by CHAN Sarat SNA2012B
![Page 8: · Web viewClients access internet using proxy only Block website facebook.com, youtube.com, dap-news.com Proxy Server Assing ip for proxy server have two interface Assing defautgateway](https://reader033.fdocuments.in/reader033/viewer/2022051600/5aa11cf27f8b9a76178ee2ba/html5/thumbnails/8.jpg)
Create rule iptables to allow client access internet throw router-proxy
Test proxy server ping google.com
Prepare by CHAN Sarat SNA2012B
![Page 9: · Web viewClients access internet using proxy only Block website facebook.com, youtube.com, dap-news.com Proxy Server Assing ip for proxy server have two interface Assing defautgateway](https://reader033.fdocuments.in/reader033/viewer/2022051600/5aa11cf27f8b9a76178ee2ba/html5/thumbnails/9.jpg)
XP client
clients use dns “sarat.com”
Prepare by CHAN Sarat SNA2012B
![Page 10: · Web viewClients access internet using proxy only Block website facebook.com, youtube.com, dap-news.com Proxy Server Assing ip for proxy server have two interface Assing defautgateway](https://reader033.fdocuments.in/reader033/viewer/2022051600/5aa11cf27f8b9a76178ee2ba/html5/thumbnails/10.jpg)
Proxy Server
Install sqid
File configure squid “vim/etc/squid/squid.conf”
Prepare by CHAN Sarat SNA2012B
![Page 11: · Web viewClients access internet using proxy only Block website facebook.com, youtube.com, dap-news.com Proxy Server Assing ip for proxy server have two interface Assing defautgateway](https://reader033.fdocuments.in/reader033/viewer/2022051600/5aa11cf27f8b9a76178ee2ba/html5/thumbnails/11.jpg)
Default port squid 3128 and 8080
Cache file
Create acl (acl client src 192.168.1.0/24) Disable some options
Prepare by CHAN Sarat SNA2012B
![Page 12: · Web viewClients access internet using proxy only Block website facebook.com, youtube.com, dap-news.com Proxy Server Assing ip for proxy server have two interface Assing defautgateway](https://reader033.fdocuments.in/reader033/viewer/2022051600/5aa11cf27f8b9a76178ee2ba/html5/thumbnails/12.jpg)
Disable “icp_access allow localnet”
Prepare by CHAN Sarat SNA2012B
![Page 13: · Web viewClients access internet using proxy only Block website facebook.com, youtube.com, dap-news.com Proxy Server Assing ip for proxy server have two interface Assing defautgateway](https://reader033.fdocuments.in/reader033/viewer/2022051600/5aa11cf27f8b9a76178ee2ba/html5/thumbnails/13.jpg)
Restart services squid
Create acl for lan client and domain
Create rule for allow (clients range 192.168.1.0/24) and deny (domain like facebook.com,youtue.com,dap-news.com)
Prepare by CHAN Sarat SNA2012B
![Page 14: · Web viewClients access internet using proxy only Block website facebook.com, youtube.com, dap-news.com Proxy Server Assing ip for proxy server have two interface Assing defautgateway](https://reader033.fdocuments.in/reader033/viewer/2022051600/5aa11cf27f8b9a76178ee2ba/html5/thumbnails/14.jpg)
XP test Access don’t use proxy server
Prepare by CHAN Sarat SNA2012B
![Page 15: · Web viewClients access internet using proxy only Block website facebook.com, youtube.com, dap-news.com Proxy Server Assing ip for proxy server have two interface Assing defautgateway](https://reader033.fdocuments.in/reader033/viewer/2022051600/5aa11cf27f8b9a76178ee2ba/html5/thumbnails/15.jpg)
Access use proxy server IP interface router connect to server(192.168.1.2) Port use default port proxy server 3128
Result can access internet
Prepare by CHAN Sarat SNA2012B
![Page 16: · Web viewClients access internet using proxy only Block website facebook.com, youtube.com, dap-news.com Proxy Server Assing ip for proxy server have two interface Assing defautgateway](https://reader033.fdocuments.in/reader033/viewer/2022051600/5aa11cf27f8b9a76178ee2ba/html5/thumbnails/16.jpg)
Test website that we block We access facebook.com
We access dap-news.com
We access youtube.com
Prepare by CHAN Sarat SNA2012B
![Page 17: · Web viewClients access internet using proxy only Block website facebook.com, youtube.com, dap-news.com Proxy Server Assing ip for proxy server have two interface Assing defautgateway](https://reader033.fdocuments.in/reader033/viewer/2022051600/5aa11cf27f8b9a76178ee2ba/html5/thumbnails/17.jpg)
Authentication with user in ADvim /etc/squid/squid.conf
Prepare by CHAN Sarat SNA2012B
![Page 18: · Web viewClients access internet using proxy only Block website facebook.com, youtube.com, dap-news.com Proxy Server Assing ip for proxy server have two interface Assing defautgateway](https://reader033.fdocuments.in/reader033/viewer/2022051600/5aa11cf27f8b9a76178ee2ba/html5/thumbnails/18.jpg)
THE END
Prepare by CHAN Sarat SNA2012B