Thursday, 14 October 2010

Squid

yuim install squid -y

chkconfig squid on

vim /etc/squid/squid.conf

Add
acl our_networks src 192.168.0.0/24
http_access allow our_networks
visible_hostname servername.example.com

Port
http_port 3128
Run
squid -z

IPTABLES

Redirect
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 3128
iptables -A RH-Firewall-1-INPUT -p tcp --dport 3128 -j ACCEPT

Standard
iptables -A RH-Firewall-1-INPUT -p tcp --dport 3128 -j ACCEPT


SELINUX
If changing squid port either add the port to selinux or set the squid_connect_any boolean

semanage port -a -t http_cache_port_t -p tcp PORTNUM
OR
setsebool -P squid_connect_any=1
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)