Top-Themen

AppleEntwicklungHardwareInternetLinuxMicrosoftMultimediaNetzwerkeOff TopicSicherheitSonstige SystemeVirtualisierungWeiterbildungZusammenarbeit

Aktuelle Themen

Administrator.de FeedbackApache ServerAppleAssemblerAudioAusbildungAuslandBackupBasicBatch & ShellBenchmarksBibliotheken & ToolkitsBlogsCloud-DiensteClusterCMSCPU, RAM, MainboardsCSSC und C++DatenbankenDatenschutzDebianDigitiales FernsehenDNSDrucker und ScannerDSL, VDSLE-BooksE-BusinessE-MailEntwicklungErkennung und -AbwehrExchange ServerFestplatten, SSD, RaidFirewallFlatratesGoogle AndroidGrafikGrafikkarten & MonitoreGroupwareHardwareHosting & HousingHTMLHumor (lol)Hyper-VIconsIDE & EditorenInformationsdiensteInstallationInstant MessagingInternetInternet DomäneniOSISDN & AnaloganschlüsseiTunesJavaJavaScriptKiXtartKVMLAN, WAN, WirelessLinuxLinux DesktopLinux NetzwerkLinux ToolsLinux UserverwaltungLizenzierungMac OS XMicrosoftMicrosoft OfficeMikroTik RouterOSMonitoringMultimediaMultimedia & ZubehörNetzwerkeNetzwerkgrundlagenNetzwerkmanagementNetzwerkprotokolleNotebook & ZubehörNovell NetwareOff TopicOpenOffice, LibreOfficeOutlook & MailPapierkorbPascal und DelphiPeripheriegerätePerlPHPPythonRechtliche FragenRedHat, CentOS, FedoraRouter & RoutingSambaSAN, NAS, DASSchriftartenSchulung & TrainingSEOServerServer-HardwareSicherheitSicherheits-ToolsSicherheitsgrundlagenSolarisSonstige SystemeSoziale NetzwerkeSpeicherkartenStudentenjobs & PraktikumSuche ProjektpartnerSuseSwitche und HubsTipps & TricksTK-Netze & GeräteUbuntuUMTS, EDGE & GPRSUtilitiesVB for ApplicationsVerschlüsselung & ZertifikateVideo & StreamingViren und TrojanerVirtualisierungVisual StudioVmwareVoice over IPWebbrowserWebentwicklungWeiterbildungWindows 7Windows 8Windows 10Windows InstallationWindows MobileWindows NetzwerkWindows ServerWindows SystemdateienWindows ToolsWindows UpdateWindows UserverwaltungWindows VistaWindows XPXenserverXMLZusammenarbeit

FLI4L - SQUID - Proxy - SQUID ADDONS - User Authentifizierung

Frage Linux Linux Netzwerk

Mitglied: 33149

33149 (Level 1)

29.07.2006, aktualisiert 02.11.2016, 12977 Aufrufe, 4 Kommentare

Hi Leute,

ich versuche ein kleines Netzwerk mit Proxy und Squid einzurichten und bei jedem Zugriff auf dass Internet soll der User sich mit Usernamen und Passwort Authentifizieren müssen. Ich scheitere kläglich.

Der FLI4L Router besteht aus:
133MHZ Pentium
8 GB Platte
2 identischen Netzwerkkarten

Infrastruktur:

Momentan:
Rechner --> Fli4L-Router --> WirelessRouter --> Modem
192.168.0.13(PC) 192.168.0.10(eth0) + 192.168.0.20(eth1) 192.168.0.1(Router)

Als zusätzliche Vereinacherung soll der Fli4L als reiner Ethernet Router fungieren.

Alle in demselben Netz mit derselben Netzmaske (255.255.255.0)

Die Netzwerkkarten agieren beide mit dem IP Protokoll, da der FLI4L nicht als PPPOE Router eingerichtet ist (und auch nicht soll!)

Kann mir jemand sagen wie ich base.txt, squid.txt, squid_addons.txt, proxy.txt einrichten muss bzw helfen bei der Einrichtung? Dafür wäre ich sehr dankbar!

Meine momentanen Einstellungen (OHNE den Versuch der Authentifizierung):
01.
base.txt 
02.
#------------------------------------------------------------------------------ 
03.
# General settings: 
04.
#------------------------------------------------------------------------------ 
05.
HOSTNAME='fli4l'               # name of fli4l router 
06.
PASSWORD='fli4l'               # password for root login (console, sshd, imond) 
07.
BOOT_TYPE='hd'                 # boot device: fd, fdx2, dualfd, hd, cd, ls120, 
08.
                               # integrated, attached, netboot, pxeboot 
09.
                               # (cd, cdemul, hd and ls120 need an 
10.
                               # installed opt hd) 
11.
MOUNT_BOOT='rw'                # mount boot device (floppy): ro, rw, no 
12.
TIME_INFO='MEZ-1MESZ,M3.5.0,M10.5.0' 
13.
                               # description of local time zone, 
14.
                               # don't touch without reading documentation 
15.
KERNEL_VERSION='2.4.32'        # kernel version 
16.
KERNEL_BOOT_OPTION=''          # append option to kernel command line 
17.
COMP_TYPE_KERNEL='gzip'        # compression-type for kernel: gzip, bzip2 
18.
COMP_TYPE_ROOTFS='gzip'        # compression-type for rootfs: gzip, bzip2 
19.
IP_CONNTRACK_MAX=''            # override maximum limit of connection 
20.
                               # tracking entries 
21.
POWEROFF_ON_HALT='no'          # power off after shutting down the machine 
22.
REAL_MODE_POWEROFF='no'        # switch to real mode before invoking 
23.
                               # apm power off 
24.
 
25.
#------------------------------------------------------------------------------ 
26.
# Localisation 
27.
#------------------------------------------------------------------------------ 
28.
LOCALE='de'                    # defines the default language for several 
29.
                               # components, such as menu and httpd 
30.
 
31.
#------------------------------------------------------------------------------ 
32.
# Mount extra floppy drive to /floppy: 
33.
#------------------------------------------------------------------------------ 
34.
OPT_MOUNTFLOPPY='no'           # mount extra floppy drive: first, second, no 
35.
 
36.
#------------------------------------------------------------------------------ 
37.
# Console settings (serial console, blank time): 
38.
#------------------------------------------------------------------------------ 
39.
CONSOLE_BLANK_TIME=''          # time in minutes (1-60) to blank 
40.
                               # console; '0' = never, '' = system default 
41.
SER_CONSOLE='no'               # use serial interface instead of or as 
42.
                               # additional output device and main input device 
43.
    SER_CONSOLE_IF='0'         # serial interface to use, 0 for ttyS0 (COM1) 
44.
    SER_CONSOLE_RATE='9600'    # baudrate for serial console 
45.
    SER_BEEP='no'              # enable beep after boot and shutdown 
46.
 
47.
#------------------------------------------------------------------------------ 
48.
# Debug Settings: 
49.
#------------------------------------------------------------------------------ 
50.
DEBUG_STARTUP='no'             # write an execution trace of the boot 
51.
DEBUG_LOG=''                   # sequence to file DEBUG_LOG or console if 
52.
                               # DEBUG_LOG is empty 
53.
 
54.
#------------------------------------------------------------------------------ 
55.
# Show service menu after login: 
56.
#------------------------------------------------------------------------------ 
57.
OPT_MENU='yes'                 # service menu for users 
58.
    MENU_LANGUAGE=''           # language for the service menu; defaults to 
59.
                               # 'LOCALE' if left empty 
60.
#------------------------------------------------------------------------------ 
61.
# Keyboard layout 
62.
#------------------------------------------------------------------------------ 
63.
KEYBOARD_LOCALE='auto'         # auto: use most common keyboard layout for 
64.
                               # the language specified in 'LOCALE' 
65.
OPT_MAKEKBL='no'               # set to 'yes' to make a new local keyboard 
66.
                               # layout map on the fli4l-router 
67.
 
68.
Die Ethernetkarten lass ich weg um Zeichen zu sparen! 
69.
 
70.
 
71.
#------------------------------------------------------------------------------ 
72.
NET_DRV_N='1'                  			# number of ethernet drivers to load, usually 1 
73.
NET_DRV_1='8139too'           			# 1st driver: name (e.g. NE2000 PCI clone) 
74.
NET_DRV_1_OPTION=''            			# 1st driver: additional option 
75.
NET_DRV_2='8139too'                 # 2nd driver: name (e.g. NE2000 ISA clone) 
76.
NET_DRV_2_OPTION='io=0x240,0x300'   # 2nd driver: additional option 
77.
 
78.
#------------------------------------------------------------------------------ 
79.
# Ether networks used with IP protocol: 
80.
#------------------------------------------------------------------------------ 
81.
IP_NET_N='2'                   				# number of IP ethernet networks, usually 1 
82.
 
83.
 
84.
IP_NET_1='192.168.0.10/24'      				# IP address of your n'th ethernet card and netmask in CIDR (no. of set bits) 
85.
IP_NET_1_DEV='eth0'           					# required: device name like ethX 
86.
#DLINK zu Router - Squid Abfrage 
87.
 
88.
 
89.
IP_NET_2='192.168.0.20/24'      				# IP address of your n'th ethernet card and netmask in CIDR (no. of set bits) 
90.
IP_NET_2_DEV='eth1'         						# required: device name like ethX 
91.
#Andere zu Rechner 
92.
 
93.
#------------------------------------------------------------------------------ 
94.
# Additional routes, optional 
95.
#------------------------------------------------------------------------------ 
96.
IP_ROUTE_N='2'                              # number of additional routes 
97.
IP_ROUTE_1='192.168.0.10/24 192.168.0.20' 
98.
IP_ROUTE_2='0.0.0.0/0 192.168.0.1'   			# network/netmaskbits gateway 
99.
 
100.
#        IP_ROUTE_1='192.168.0.13/24 192.168.0.10' 
101.
 #       IP_ROUTE_2='0.0.0.0/0 192.168.0.1' 
102.
 
103.
 
104.
#------------------------------------------------------------------------------ 
105.
# Packetfilter configuration; there are two styles, old and new - 
106.
# you have to choose one of them. 
107.
#  
108.
# Please choose the new packet filter configuration, the old one is 
109.
# deprecated and only provided for compatibility reasons. During boot 
110.
# up the configuration will be translated to the new configuration, 
111.
# printed to the screen and written to bootmsg.txt to allow for an 
112.
# easy migration to the new config style. 
113.
114.
# Old style packet filter config - set ORIG_FW_CONFIG='yes' to use 
115.
# this version 
116.
#------------------------------------------------------------------------------ 
117.
ORIG_FW_CONFIG='no' 
118.
 
119.
#------------------------------------------------------------------------------ 
120.
# New style packet filter config - set NEW_FW_CONFIG='yes' to use this 
121.
# version 
122.
#------------------------------------------------------------------------------ 
123.
NEW_FW_CONFIG='yes'                  # new style packet filter config: yes/no 
124.
 
125.
126.
# Zugriff auf den Router 
127.
128.
 
129.
INPUT_POLICY='REJECT' 
130.
INPUT_ACCEPT_DEF='yes' 
131.
INPUT_LOG='no' 
132.
INPUT_LIST_N='1' 
133.
INPUT_LIST_1='IP_NET_1 ACCEPT'   # alle hosts im lokalen netz dürfen auf den router zugreifen 
134.
				  
135.
136.
# Zugriff auf das ``Internet'' 
137.
138.
 
139.
FORWARD_POLICY='REJECT' 
140.
FORWARD_ACCEPT_DEF='yes' 
141.
FORWARD_LOG='no' 
142.
FORWARD_LIST_N='3' 
143.
FORWARD_LIST_1='tmpl:samba DROP' # samba pakete, die das netz verlassen wollen, werden verworfen 
144.
FORWARD_LIST_2='IP_NET_1 ACCEPT' # alle anderen pakete dürfen das lokale netz verlassen 
145.
FORWARD_LIST_3='IP_NET_2 ACCEPT' # alle anderen pakete dürfen das lokale netz verlassen 
146.
 
147.
148.
# Maskieren des lokalen Netzes 
149.
150.
POSTROUTING_LIST_N='2' 
151.
POSTROUTING_LIST_1='IP_NET_1 MASQUERADE'  # masquerade traffic leaving the subnet 
152.
POSTROUTING_LIST_2='IP_NET_2 MASQUERADE'  # masquerade traffic leaving the subnet 
153.
 
154.
#------------------------------------------------------------------------------ 
155.
# Simple DMZ setup for dial-up based routers -- see documentation 
156.
#------------------------------------------------------------------------------ 
157.
OPT_DMZ='no' 
158.
 
159.
#------------------------------------------------------------------------------ 
160.
# Optional package: PORTFW 
161.
#------------------------------------------------------------------------------ 
162.
PORTFW_N='0'                          # how many portforwardings to set up 
163.
PORTFW_1_TARGET='8080'                # example 1: forward ext. port 8080 
164.
PORTFW_1_NEW_TARGET='192.168.6.15:80' # ...to int. host 192.168.6.15 port 80 
165.
PORTFW_1_PROTOCOL='tcp'               # ...using tcp 
166.
PORTFW_2_TARGET='3000-3010'           # example 2: forward portrange 3000-3010 
167.
PORTFW_2_NEW_TARGET='192.168.6.15'    # ...to int. host 192.168.6.15 
168.
PORTFW_2_PROTOCOL='tcp'               # ...using tcp 
169.
 
170.
#------------------------------------------------------------------------------ 
171.
# Masq modules 
172.
#------------------------------------------------------------------------------ 
173.
MASQ_MODULE_N='1'                     # load n masq modules (default: only ftp) 
174.
MASQ_MODULE_1='ftp'                   # ftp 
175.
MASQ_MODULE_1_OPTION=''               # options, see documentation 
176.
MASQ_MODULE_2='irc'                   # irc 
177.
MASQ_MODULE_2_OPTION=''               # options, see documentation 
178.
 
179.
#------------------------------------------------------------------------------ 
180.
# Domain configuration: 
181.
#------------------------------------------------------------------------------ 
182.
DOMAIN_NAME='lan.fli4l'               # your domain name 
183.
DNS_FORWARDERS='194.8.57.8'           # DNS servers of your provider, 
184.
                                      # e.g. ns.n-ix.net 
185.
 
186.
OPT_DNS='yes'                         # start dns server: yes or no 
187.
    DNS_LISTENIP_N='0'                # if 0 then listen on all interfaces 
188.
    DNS_LISTENIP_1='IP_NET_1_IPADDR'  # first IP to listen on 
189.
    DNS_VERBOSE='no'                  # log queries into syslog 
190.
    DNS_MX_SERVER=''                  # fqdn of the mx for your DOMAIN 
191.
    DNS_FORBIDDEN_N='0'               # number of forbidden domains 
192.
    DNS_FORBIDDEN_1='foo.bar'         # 1st forbidden domain 
193.
    DNS_FORBIDDEN_2='bar.foo'         # 2nd forbidden domain 
194.
    DNS_REDIRECT_N='0'                # number of redirected domains 
195.
    DNS_REDIRECT_1='foo.bar.foo'      # 1st redirected domain 
196.
    DNS_REDIRECT_1_IP='192.168.6.100' # IP of redirected domain 
197.
    DNS_BOGUS_PRIV='yes'              # fake reverse lookups for RFC1918 
198.
                                      # private address ranges 
199.
    DNS_FILTERWIN2K='yes'             # filters useless windows-originated DNS 
200.
                                      # requests and blocks all SRV requests 
201.
 
202.
    # Special DNS configuration 
203.
    #-------------------------- 
204.
    DNS_SPECIAL_N='0'                           # number of special  
205.
                                                # dns servers, normally 0 
206.
    #DNS_SPECIAL_1='firma.de 192.168.1.12'      # 1st special dns server 
207.
                                                # for firma.de 
208.
    #DNS_SPECIAL_2='lan.firma.de 192.168.2.12'  # 2nd special dns server 
209.
                                                # for lan.firma.de 
210.
 
211.
HOSTS_N='4'                           # number of hosts in your domain 
212.
                                      # 1st host: 
213.
HOST_1_NAME='HOSTNAME'                # name or aliasname e.g. "HOSTNAME" 
214.
HOST_1_IP='IP_NET_1_IPADDR'           # IP or aliasname e.g. "IP_NET_1_IPADDR" 
215.
#HOST_1_ALIAS_N='0'                   # number of optional alias names 
216.
#HOST_1_ALIAS_1='router.lan.fli4l'    # 1st optional alias name 
217.
#HOST_1_ALIAS_2='gateway.lan.fli4l' 
218.
                                      # 2nd host: 
219.
HOST_2_NAME='client2'                 # name 
220.
HOST_2_IP='192.168.6.2'               # IP 
221.
#HOST_2_DHCPTYP='hostname'            # set static dhcp-lease via [hostname]  
222.
                                      # or [mac] 
223.
#HOST_2_MAC='de:ad:af:fe:07:19'       # optional mac address used by dhcpd 
224.
                                      # 3rd host: 
225.
HOST_3_NAME='client3'                 # name 
226.
HOST_3_IP='192.168.6.3'               # IP 
227.
#HOST_3_MAC='de:ad:be:ef:07:19' 
228.
                                      # 4th host: 
229.
HOST_4_NAME='client4'                 # name 
230.
HOST_4_IP='192.168.6.4'               # IP 
231.
#HOST_4_MAC='de:ad:be:ef:08:15' 
232.
 
233.
#------------------------------------------------------------------------------ 
234.
# DNSMASQ-DHCP server 
235.
#------------------------------------------------------------------------------ 
236.
OPT_DNSDHCP='no'                      # activate DHCP server: yes or no 
237.
 
238.
    DNSDHCP_LS_TIME_DYN='3600'        # default time for dynamic leases: 1 hour 
239.
    DNSDHCP_MAX_LS_TIME_DYN='7200'    # max time  for dynamic leases: 2 hours 
240.
    DNSDHCP_LS_TIME_FIX='86400'       # default time for fix leases: 1 day 
241.
    DNSDHCP_MAX_LS_TIME_FIX='604800'  # max time for fix leases: 1 week 
242.
    DNSDHCP_LEASES_DIR='/boot'        # don't touch this until you 
243.
                                      # have read the manual! 
244.
 
245.
    DNSDHCP_WINSSERVER_1=''           # IP-address of 1st external wins-server 
246.
                                      # (don't use if OPT_NMBD='yes'!) 
247.
    DNSDHCP_WINSSERVER_2=''           # IP-address of 2nd external wins-server 
248.
                                      # (don't use if OPT_NMBD='yes'!) 
249.
 
250.
    # Parameters for local Networks 
251.
    # ----------------------------- 
252.
    DNSDHCP_RANGE_1_START='192.168.6.100'     # start-IP of n'th ethernet, 
253.
                                              # see IP_NET_N 
254.
    DNSDHCP_RANGE_1_END='192.168.6.150'       # end-IP of n'th ethernet, 
255.
                                              # see IP_NET_N 
256.
    DNSDHCP_RANGE_1_DNS_SERVER=''             # if empty the IP of interface 
257.
                                              # IP_NET_N is used; 
258.
                                              # if set to 'none' no 
259.
                                              # dns-server is transmitted 
260.
    DNSDHCP_RANGE_1_NTP_SERVER=''             # if empty and OPT_CHRONY='yes' 
261.
                                              # the IP of interface IP_NET_N 
262.
                                              # is used; if set to 'none' no 
263.
                                              # ntp-server is transmitted 
264.
    DNSDHCP_RANGE_1_GATEWAY=''                # if empty the IP of interface 
265.
                                              # IP_NET_N is used; 
266.
                                              # if set to 'none' no 
267.
                                              # gateway is transmitted 
268.
 
269.
    # Parameters for extra Networks (via relay) 
270.
    # ----------------------------------------- 
271.
    DNSDHCP_EXTRA_RANGE_N='0'                    # number of extra ranges 
272.
    DNSDHCP_EXTRA_RANGE_1_START='192.168.8.2'    # start-IP of n'th extra range 
273.
    DNSDHCP_EXTRA_RANGE_1_END='192.168.8.50'     # end-IP of n'th extra range 
274.
    DNSDHCP_EXTRA_RANGE_1_NETMASK='255.255.255.0'  # netmask for extra range 
275.
    DNSDHCP_EXTRA_RANGE_1_DNS_SERVER='192.168.8.1' # DNS Server for extra range 
276.
    DNSDHCP_EXTRA_RANGE_1_NTP_SERVER=''          # NTP Server for extra range 
277.
    DNSDHCP_EXTRA_RANGE_1_GATEWAY='192.168.8.1'  # default gateway for 
278.
                                                 # extra range 
279.
 
280.
    DNSDHCP_EXTRA_RANGE_1_DEVICE='eth0'    # device used to reach extra network 
281.
                                                    
282.
 
283.
    # Deny hosts from dhcp-Access 
284.
    # --------------------------- 
285.
    DNSDHCP_DENY_MAC_N='0'                    # number of denied MAC addresses 
286.
    DNSDHCP_DENY_MAC_1='00:01:02:03:04:05'    # MAC address is denied from DHCP 
287.
 
288.
 
289.
#------------------------------------------------------------------------------ 
290.
# imond configuration: 
291.
#------------------------------------------------------------------------------ 
292.
START_IMOND='no'                    # start imond: yes or no 
293.
    IMOND_USE_ORIG='yes'            # use the original version of imond instead 
294.
                                    # of the development version: yes or no 
295.
    IMOND_PORT='5000'               # port (tcp), don't open it to the outside 
296.
    IMOND_PASS=''                   # imond-password, may be empty 
297.
    IMOND_ADMIN_PASS=''             # imond-admin-password, may be empty 
298.
    IMOND_LED=''                    # tty for led: com1 - com4 or empty 
299.
    IMOND_BEEP='no'                 # beep if connection going up/down 
300.
    IMOND_LOG='no'                  # log /var/log/imond.log: yes or no 
301.
    IMOND_LOGDIR='/var/log'         # log-directory, e.g. /var/log 
302.
    IMOND_ENABLE='yes'              # accept "enable/disable" commands 
303.
    IMOND_DIAL='yes'                # accept "dial/hangup" commands 
304.
    IMOND_ROUTE='yes'               # accept "route" command 
305.
    IMOND_REBOOT='yes'              # accept "reboot" command 
306.
 
307.
#------------------------------------------------------------------------------ 
308.
# Generic circuit configuration: 
309.
#------------------------------------------------------------------------------ 
310.
IP_DYN_ADDR='yes'                   # use dyn. IP addresses (most providers do) 
311.
DIALMODE='auto'                     # standard dialmode: auto, manual, or off 
312.
 
313.
#------------------------------------------------------------------------------ 
314.
# optional package: syslogd 
315.
#------------------------------------------------------------------------------ 
316.
OPT_SYSLOGD='no'                       # start syslogd: yes or no 
317.
    SYSLOGD_DEST_N='1'                 # number of destinations 
318.
    SYSLOGD_DEST_1='*.* /dev/console'  # n'th prio & destination of syslog msgs 
319.
    SYSLOGD_DEST_2='*.* @192.168.6.2'  # example: loghost 192.168.6.2 
320.
    SYSLOGD_DEST_3='kern.info /var/log/dial.log'  # example: log infos to file 
321.
 
322.
#------------------------------------------------------------------------------ 
323.
# Optional package: klogd 
324.
#------------------------------------------------------------------------------ 
325.
OPT_KLOGD='no'                      # start klogd: yes or no 
326.
 
327.
#------------------------------------------------------------------------------ 
328.
# Optional package: y2k correction 
329.
#------------------------------------------------------------------------------ 
330.
OPT_Y2K='no'                        # y2k correction: yes or no 
331.
    Y2K_DAYS='0'                    # correct hardware y2k-bug: add x days 
332.
 
333.
#------------------------------------------------------------------------------ 
334.
# Optional package: PNP 
335.
#------------------------------------------------------------------------------ 
336.
OPT_PNP='no'                        # install isapnp tools: yes or no 
337.
 
338.
************************************************************************ 
339.
 
340.
proxy.txt 
341.
#------------------------------------------------------------------------------ 
342.
# Optional package: PRIVOXY (Privacy Enhancing Proxy) 
343.
#------------------------------------------------------------------------------ 
344.
OPT_PRIVOXY='yes'                  # privoxy: yes or no 
345.
 
346.
PRIVOXY_LISTEN_N='1'              # number off interfaces to listen on 
347.
PRIVOXY_LISTEN_1='IP_NET_1_IPADDR:8118' 
348.
#PRIVOXY_LISTEN_1='IP_NET_1_IPADDR:3128' 
349.
#PRIVOXY_LISTEN_1='IP_NET_1_IPADDR:3128' 
350.
                                  # use an ip adress or a symblic name like 
351.
                                  # IP_NET_1_IPADDR followed by a port number 
352.
PRIVOXY_ALLOW_N='2' 
353.
PRIVOXY_ALLOW_1='IP_NET_1'        # open firewall for the hosts and networks listed in the allow list 
354.
PRIVOXY_ALLOW_2='IP_NET_2'        # open firewall for the hosts and networks listed in the allow list 
355.
 
356.
#PRIVOXY_FORWARD=''  # optional forward-host:forward-port 
357.
PRIVOXY_FORWARD='localhost:3128'  # optional forward-host:forward-port 
358.
PRIVOXY_TOGGLE='yes'              # may user switch privoxy off? 
359.
PRIVOXY_EDIT_CONFIG='yes'         # may users edit the config online? 
360.
 
361.
PRIVOXY_LOGDIR=''                 # do you want a log file? 
362.
PRIVOXY_LOGLEVEL='1 4096 8192'    # what to log? (see manual) 
363.
PRIVOXY_USETOR='no'               # forward all request to the tor anon proxy 
364.
 
365.
OPT_TOR='no'                      # install tor sock4/5 anon proxy 
366.
TOR_LISTEN_N='2'                  # number off interfaces to listen on 
367.
TOR_LISTEN_1='IP_NET_1_IPADDR:9050' 
368.
TOR_LISTEN_2='IP_NET_2_IPADDR:9050' 
369.
                                  # use an ip adress or a symblic name like 
370.
                                  # IP_NET_1_IPADDR followed by a port number 
371.
 
372.
TOR_ALLOW_N='2' 
373.
TOR_ALLOW_1='IP_NET_1'            # open firewall for the hosts and networks 
374.
TOR_ALLOW_2='IP_NET_2'            # open firewall for the hosts and networks 
375.
 
376.
OPT_SS5='no'                      # install ss5 sock4/5 proxy 
377.
SS5_LISTEN_N='2'                  # number off interfaces to listen on 
378.
SS5_LISTEN_1='IP_NET_1_IPADDR:8050' 
379.
SS5_LISTEN_2='IP_NET_2_IPADDR:8050' 
380.
                                  # use an ip adress or a symblic name like 
381.
                                  # IP_NET_1_IPADDR followed by a port number 
382.
SS5_ALLOW_N='2' 
383.
SS5_ALLOW_1='IP_NET_1'            # open firewall for the hosts and networks 
384.
SS5_ALLOW_2='IP_NET_2'            # open firewall for the hosts and networks 
385.
 
386.
************************************************************************ 
387.
 
388.
squid.txt 
389.
 
390.
#------------------------------------------------------------------------------ 
391.
# Optional package: PROXY (squid) 
392.
#------------------------------------------------------------------------------ 
393.
OPT_SQUID='yes' 
394.
SQUID_TRANSPARENT_CACHING='no'                  # squid redirects port 80 to 
395.
                                                # cache clients who do not 
396.
                                                # enter proxy in configuration 
397.
SQUID_HTTP_PORT='3128'                          # Squid listens on this port 
398.
                                                # default: 3128 
399.
SQUID_MEM_CACHE_SIZE='12'                        # in MB 
400.
                                                # default: 8 
401.
SQUID_DISK_CACHE_SIZE='512'                     # in MB 
402.
                                                # first Squid cache directory 
403.
SQUID_MAX_OBJECT_SIZE='10000'                   # maximum size of objects in 
404.
                                                # cache in kB 
405.
SQUID_WORK_DIR='/data/squid'                    # dir where cache and logs are 
406.
                                                # stored. Must have rw access 
407.
                                                # and should not be deleted on 
408.
                                                # reboot 
409.
 
410.
#---------------------------------- 
411.
# log file settings: 
412.
#---------------------------------- 
413.
SQUID_CYCLE_LOG_N='10'                          # number of logfile rotations 
414.
                                                # (0=disable the rotation) 
415.
SQUID_CYCLE_LOG_TIME='172800'                   # if empty default of 48 hours 
416.
                                                # will be used. You have to set 
417.
                                                # it in seconds(48h=172800sec.) 
418.
                                                # could be 1h (3600) if you 
419.
                                                # have not enough space 
420.
                                                # after X sec. log files will 
421.
                                                # be deleted to free up space 
422.
SQUID_ACCESS_LOG='yes'                          # create access.log or not 
423.
SQUID_HTTPD_LIKE_LOG='yes'                      # emulate httpd like log entries 
424.
                                                # to make them more readable 
425.
                                                # e.g. if you don't want to have 
426.
                                                # a unix like timestamp in your 
427.
                                                # log's 
428.
                                                # prevents some loganalyzers 
429.
 
430.
#---------------------------------- 
431.
# squid network settings: 
432.
#---------------------------------- 
433.
SQUID_AUTO_CONFIG='yes'                         # configure allowed networks 
434.
                                                # with networks in base.txt 
435.
SQUID_ACCESS_NET_N='0'                          # number of IP ethernet networks 
436.
#SQUID_ACCESS_NET_1='10.0.0.0/8'                 # network wich is allowed to 
437.
                                                # access squid 
438.
#SQUID_ACCESS_NET_2='172.16.0.0/12'              # network wich is allowed to 
439.
                                                # access squid 
440.
#SQUID_ACCESS_NET_3='192.168.0.0/16'             # network wich is allowed to 
441.
                                                # access squid 
442.
#SQUID_ACCESS_NET_1='192.168.0.0/16' 
443.
 
444.
#---------------------------------- 
445.
# squid advanced settings: 
446.
#---------------------------------- 
447.
SQUID_CONNECT_TIMEOUT='60'                      # time duration until which squid 
448.
                                                # waits for reply from server 
449.
SQUID_CACHE_DIR_N='0'                           # define more than cache dirs 
450.
                                                # if you want to spread cache 
451.
                                                # over multiple disks 
452.
SQUID_CACHE_1_DIR='/disk2/squid-cache'          # where the cache is located 
453.
SQUID_CACHE_1_SIZE='1000'                       # in MB 
454.
 
455.
SQUID_NEXT_PROXY='no' # Parent Proxy 
456.
#SQUID_NEXT_PROXY_URL='IP_NET_1_IPADDR' # URL or IP of Parent Proxy 
457.
SQUID_NEXT_PROXY_URL='IP_NET_1_IPADDR' # URL or IP of Parent Proxy 
458.
SQUID_NEXT_PROXY_PORT='9050' # Port Parent Proxy 
459.
 
460.
************************************************************************ 
461.
 
462.
squid_addons.txt 
463.
 
464.
OPT_SQUID_ADDONS='yes'		# use this only with OPT_SQUID ex Version 1.0!! 
465.
 
466.
SQUID_ADDONS_ADMIN_EMAIL='admin@home.lan' 
467.
 
468.
#------------------------------------------------------------------------------ 
469.
# Authentication: 
470.
#------------------------------------------------------------------------------ 
471.
SQUID_ADDONS_AUTH='yes' 
472.
 
473.
SQUID_ADDONS_AUTH_TRUST_N='0' 
474.
SQUID_ADDONS_AUTH_TRUST_1_IP='192.168.0.13' 
475.
 
476.
SQUID_ADDONS_AUTH_USER_N='1'                			# number of users for authentication 
477.
SQUID_ADDONS_AUTH_USER_1_USERNAME='fli4l'   			# name of the 1st user 
478.
SQUID_ADDONS_AUTH_USER_1_PASSWORD='password'   		# password of the 1st user 
479.
 
480.
#------------------------------------------------------------------------------ 
481.
# Privoxy usage: 
482.
#------------------------------------------------------------------------------ 
483.
SQUID_ADDONS_USEPRIVOXY='no'						# If you want to use Squid and 
484.
#SQUID_ADDONS_PRIVOXY_USED_PORT='8118'	# Privoxy (in the Proxy-Package) Original 
485.
SQUID_ADDONS_PRIVOXY_USED_PORT='3128'		# Privoxy (in the Proxy-Package) 
486.
																				# than the prefered way is 
487.
																				# 'Browser->Squid->Privoxy' 
488.
 
489.
#------------------------------------------------------------------------------ 
490.
# Filter: 
491.
#------------------------------------------------------------------------------ 
492.
SQUID_ADDONS_FILTER_N='2' 
493.
SQUID_ADDONS_FILTER_1='domains-exclude' 
494.
SQUID_ADDONS_FILTER_2='feltel'			 
495.
		# from: 'http://www.feltel.de/ftp/os/linux/squid-proxy/blacklists' 
496.
		# and 'http://pgl.yoyo.org/adservers/index.php' (squid dstdom_regex) 
497.
 
498.
# Outdatet: 
499.
SQUID_ADDONS_FILTER_3='porn' 
500.
SQUID_ADDONS_FILTER_4='ads' 
501.
SQUID_ADDONS_FILTER_5='drugs' 
502.
SQUID_ADDONS_FILTER_6='gambling' 
503.
SQUID_ADDONS_FILTER_7='violence' 
504.
SQUID_ADDONS_FILTER_8='warez' 
505.
SQUID_ADDONS_FILTER_9='hacking' 
506.
SQUID_ADDONS_FILTER_10='aggressive' 
507.
SQUID_ADDONS_FILTER_11='audio-video' 
508.
SQUID_ADDONS_FILTER_12='proxy' 
509.
SQUID_ADDONS_FILTER_13='mail' 
510.
 
511.
#------------------------------------------------------------------------------ 
512.
# Sarg: the Squid Analyzer 
513.
514.
# EASYCRON_x_COMMAND='/usr/local/squid-addons/bin/sarg_create_report_daily 
515.
# EASYCRON_x_TIME='*/5 * * * *'		# for daily report every 5 minutes 
516.
517.
# EASYCRON_x_COMMAND='/usr/local/squid-addons/bin/sarg_create_report_monthly 
518.
# EASYCRON_x_TIME='0 0 1 * *'		# create monthly report and rotate  
519.
#					# the squid log 
520.
521.
# the URL for the WebReport is: http://ip-or-name-of-the-fli4l/sargreport 
522.
#------------------------------------------------------------------------------ 
523.
SQUID_ADDONS_SARG='yes' 
524.
 
525.
SQUID_ADDONS_SARG_USER_N='1'		# number of users to authenticate for 
526.
					# the Web-View, if zero than everyone 
527.
					# who knows the url can see the reports 
528.
					 
529.
SQUID_ADDONS_SARG_USER_1_USERNAME='admin'	# name of the 1st user 
530.
SQUID_ADDONS_SARG_USER_1_PASSWORD='password'   	# password of the 1st user 
531.
 
532.
SQUID_ADDONS_SARG_CUSTOMER_LOGO='no'		# place a image in PNG-format 
533.
						# in config/etc/squid/custom.png 
534.
SQUID_ADDONS_SARG_CUSTOMER_LOGO_SIZE='151 33'	# the size of the former logo 
535.
 
536.
#SQUID_ADDONS_SARG_CUSTOMER_CSS='no'		# an CSS-File for the output		-- won't work at moment!! 
537.
						# configure the template at 
538.
						# config/etc/squid/css.tpl and 
539.
						# rename it to custom.css 
540.
 
541.
SQUID_ADDONS_SARG_BACKGROUND_COLOR='#FFCC00'  	# color in HEX-Values 
542.
 
543.
# Do NOT change, unless you know what you do! 
544.
SQUID_ADDONS_SARG_REPORT_TYPE='topusers topsites denied auth_failures downloads' 
545.
SQUID_ADDONS_SARG_TOPUSER_FIELDS='NUM USERID BYTES %BYTES IN-CACHE-OUT USED_TIME %TIME TOTAL' 
546.
SQUID_ADDONS_SARG_USER_REPORT_FIELDS='CONNECT BYTES %BYTES IN-CACHE-OUT USED_TIME %TIME TOTAL'

Das sind meine aktuellen Dateien

Zur weiteren Info:
Ich benutze Fli4L 3.1.0 sowie die Pakete für 3.1.0

Für eine Hilfe wäre ich sehr dankbar...

Grüße

subbermichl
Mitglied: crimson1968
29.07.2006 um 21:15 Uhr
Hi,

nur mal eine generelle Frage dazu:
Warum schaust Du nicht in die Fli4l - Newsgroups? Dort sind eher Leute zu finden, die Dir helfen können.

Ich hatte vor langer Zeit einen Fli4l-Router im Einsatz, habe damals auch mit Squid rumgewerkelt und den
Router dann irgendwann aufgegeben. Ansonsten hätte ich Dir auch hier gerne geholfen, aber die Erinnerung
ist schlecht.


Gruß,
crimson1968
Bitte warten ..
Mitglied: 33149
29.07.2006 um 21:24 Uhr
Hallo vielen dank für den Tipp! Ich denke aber es ist eine Frage des Routings "und nichts dramatisches" deswegen habe ich mich an das administrator.de Forum gewandt. Hier sind schon einige Experten!
Bitte warten ..
Mitglied: 33149
30.07.2006 um 18:53 Uhr
Problem gelöst

Wer ebenfalls interesse hat, einfach melden.

Grüße

subbermichl
Bitte warten ..
Mitglied: 33149
02.08.2006 um 00:57 Uhr
Hallo Leute!

Aufgrund der hohen Nachfrage nach Fli4L und dem Zusammenhand zu Proxy & User Authentifizierung z.B. in einem kleinen Heimnetz habe ich mir die Mühe gemacht, und mache mir die Mühe, eure Fragen zu beantworten bzw. einige Tutorials zu schreiben.

Bei Fragen, auch andere..., besucht bitte http://www.zymware.de oder http://www.zymware-it.de und ich werde versuchen eure Fragen so treffend wie möglich zu beantworten. Bitte nutzt dies auch wenn ich euch schon Unterstützung in diesem Umfeld biete...
denn: wie kann man "Nach-Hause-telefonierende" Schadprogramme oder Viren besser unterbinden als wie man Ihnen den Zugriff aufs Internet NUR mit Authentifizierung erlaubt?!?

Grüße

subbermichl

23.09.2006

Habe ein Fli4l Forum eingerichtet... bitte um rege Beteiligung!

Forum: www.fli4l.zymware.de
Bitte warten ..
Neuester Wissensbeitrag
Windows 10

Powershell 5 BSOD

(8)

Tipp von agowa338 zum Thema Windows 10 ...

Ähnliche Inhalte
Firewall
gelöst PFSense Squid Proxy über OpenVpn Verbindung nutzen (4)

Frage von horstvogel zum Thema Firewall ...

Monitoring
Squid als Proxy OK als GW NOK (3)

Frage von vikozo zum Thema Monitoring ...

Heiß diskutierte Inhalte
Microsoft
Ordner mit LW-Buchstaben versehen und benennen (20)

Frage von Xaero1982 zum Thema Microsoft ...

Outlook & Mail
gelöst Outlook 2010 findet ost datei nicht (19)

Frage von Floh21 zum Thema Outlook & Mail ...

Netzwerkmanagement
gelöst Anregungen, kleiner Betrieb, IT-Umgebung (18)

Frage von Unwichtig zum Thema Netzwerkmanagement ...

Festplatten, SSD, Raid
M.2 SSD wird nicht erkannt (14)

Frage von uridium69 zum Thema Festplatten, SSD, Raid ...