I'm trying the tail -f 172.16.X.XX /var/log/squid/access.log to view the sites requested by the client ip 172.16.X.XX but the result is it still open all the ip's requesting for the internet access. is there any tail commands that can monitor only the specific IP address requesting for internet access.
View 2 Repliesi have been studying linux for 3 month ,so i have solved some problems related with server part.The problem i have is the squid access.Can I allow some IP's to download files on squid.I mean i already give access to download by reply_body tag,andwant to give permission only one specific IP for unlimit access to download.Is there any solution
View 3 Replies View RelatedI have my firewall setup so that only specific subnets/IP addresses can access the system. My issue is that I have remote user/laptop who needs to access the system, but is constantly on a different subnet/dhcp IP address. Is there configuration for iptables where I can enter the mac address of the laptop to allow access to the system and not specify a subnet or IP address?
View 3 Replies View RelatedI am using Redhat 5.3 , I configured well access list using IP address, but my customer want to access list on MAC address basis.
View 2 Replies View RelatedI am using squid to controlling access to the internet all is working fine expect one of the user who is using outside organization portal to connect internet. But whenever he tries to enter in the portal by typing (EXAMPLE)url. Permission denied error from squid occur.
How can i allow this portal in squid. So squid will allow this to access.
In Iran there is a famous "access denied page" that redirects you to a strange page with a lot of HTML errors and lol, telling you RTFM about ridiculous Internet laws.I want to filter the contents of the page, because the page IP, URL, ... are all unknown.I don't know much about squid configuration scripts.I can read but cannot write
View 1 Replies View Relatedhow to block PC in Squid using Mac Address. I tried as in /etc/squid/squid. conf
acl block arp 00:13:45:d3: 24:e4
https_access deny block
but it give me error as like: - (This is the output of # squid -k parse) aclParseAclLine: Invalid ACL type 'arp' FATAL: Bungled squid.conf line 1234: acl block arp 00:13:45:d3: 24:e4 squid Cache (Version 2.5.STABLE6) : Terminated abnormally
I want to know how to bind Ip addresses to its mac addresses in Squid Proxy
View 5 Replies View Relatedhow to block a specific MAC address
View 2 Replies View RelatedI hv Cent OS 5.3 installed as server. I hv a network of approx 100 desktops and laptops. For a security purpose i want to block certain laptops from gaining a the network access using dhcp. Can we block the ip address leasing if a specific MAC address request for a ip lease?
View 7 Replies View Relatedi want to set upload /download limit in squid for particular ip address.
View 7 Replies View RelatedI have vps box with debian. I have two ip addresses, but first (default) is currently unavailable. In that case there is many problem. Fortunately wget has --bind-address option so I can download. My question is how can i configure apt-get, aptitude to use specific address?
View 1 Replies View Relatedi have followed web site [URL] for MAC to IP bind but it dont work on my system
Code:
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8
[code].....
I need a simple traffic monitor for Linux, that counts the traffic in a specific wireless network because I have volume restrictions on that one.I tried it using the following iptables rule:
[code]...
iptables -m mac -A INPUT -p all --mac-source <mac-address> ! -s 10.0.0.0/8
where <mac-address> is the router's one. 10.0.0.0/8 is the local subnet. What I actually want is something like --routed-through <mac-address>. Also, is there some way to gather iptables's statistics? Or is there maybe another tool that does what I want (reliable)?
I'm using squid for proxy server in FC6. I'm also using squidGuard for web-site access restriction. I want to do some exception now for website access. For example, squid user1 with ip 192.168.7.10/32 shoud not access facebook.com while all other squid users with ip 192.168.7.11/32, 192.168.7.9/32 and so on... can access facebook.com since facebook.com is not listed in squidGuard .db files
View 1 Replies View RelatedI am facing problem to access my network PC's and even ping. My network scenario is as follows. I am using squid 2.6 stable 21 on RHEL5. all other PC's on network (OS is Windows XP Professional SP2) are connected to internet through squid, authentication is ON on squid. All PC's on network (Win XP Systems)are assigned IP statically and Default Gateway is set which is Squid's IP. I want to access these PC's (Win XP Systems) mean share data between them. The problem is that i am unable to access and even ping these PC's.
View 2 Replies View RelatedI am using internet web control through squid... All is working fine only some little bit issues.
(1) Sometime when i tried to open google.com or any site I got message (The requested URL could not be retrieved) Screen Shot Attached.) but again after sometimes same websites will open.
url
(2) I would like to block word 'sex'.. So I have edit squid.conf with the following acl
acl Blockword url_regex sex
http_access deny Blockword
but problem occur in some websites where 'sensex' word found in url. Then squid block 'sensex' url content website also..
I have developed a website. Now i would like to monitor the IP address of machines who are accessing the server. The simplest possible solution to this that comes first into my mind is to use jsp inbuilt tags.
Code:
<%
out.print( request.getRemoteAddr() );
out.print( request.getRemoteHost() );
%>
but it has given me some other IP address(May be a proxy server's ip address)
So i was left with one choice is to run netstat on host server . Here is what i have done.
Code:
netstat -an | grep 8080 (As tomcat runs on port 8080).
Should i modify the command or there is any other way around to monitor the IP address?
I have configured my squid that have a limited access to websites but still some website were accessable vis https so I removed transparent from squid. Now what changes do I have to make in iptbles
View 1 Replies View RelatedHow to give full access for the particular ipaddess in squid. and how to give particular website access to the particular ipaddress.
View 4 Replies View RelatedHow will I allocate specific bandwidth to clients using squid? I use squid on RHEL5 serer ...
View 1 Replies View RelatedI run the openssh daemon on port 22 and have the proftp running on port 21. I would like to block SSH for a specific user.I use proftpd.I would like to prevent the SSH access for this user and leave the FTP working for this user specific.Into /etc/passwd, I tried to change the /bin/bash to /bin/false, but this blocks both SSH and FTP access for this account.
View 3 Replies View RelatedI'm fairly new to Linux and very new to Squid and am having authentication issues! I am using Oracle Enterprise Linux (which is basically Red Hat without the branding) and wanting to use Squid Proxy Server for web access with authentication to Active Directory. I've found a number of articles about this online and all of them say to use auth program squid_ldap_conf which should be in /usr/lib/squid/. I don't have a squid directory in /usr/lib for starters and my squid binaries are in /etc/squid but there is no squid_ldap_conf in there either. I have installed the latest version of Squid (3.0) to see if that helped but I still cannot find the authorisation program.
View 3 Replies View RelatedI have two machines between which I need to share a folder.On server1, I have the user 'appuser' that needs to access (read/write/delete) on this share.On server2, 'root' accesses this share and writes to it.I have the following in /etc/exports on server1:/home/app-share 999.999.99.99/28(rw,insecure,sync,no_root_squash)where the number is the IP address. How can I change this to allow 'appuser' access?
View 1 Replies View RelatedI am using Squid Server from last 5years. There is a site "http://www.firstflight.net", which was accessible before few days but now I am unable to access this site. If I use IE8 then getting below error:
"Internet Explorer cannot display the webpage"
Or using Google chrome getting error:
"This webpage is not available The webpage at http://www.firstflight.net/ might be temporarily down or it may have moved permanently to a new web address. Error 330 (net::ERR_CONTENT_DECODING_FAILED): Unknown error."
But other sites are working fine..
I have an old FC2 box running Squid version 2.5. It has been running since 2003 so I am in the process of replacing it. I have a new machine with FC11, iptables, and Squid 3.0 installed.
On the old machine I use iptables to intercept Port 80 traffic and send it to Squid. By default I block all internet access and allow only sites that are in an Allowed_Sites.txt file. Within Squid I also have statements to allow certain users to bypass Squid based on their IP address.
I have set up the same thing on the new box. I have iptables intercepting the Port 80 traffic and sending it to Squid. That is working because if I remove the redirect statement from iptables all internet access is blocked.
The problem I am having is that Squid is not blocking any websites. It acts like the ACL is set to http_access allow all. I have worked on this for several hours and am stumped.
These are my Squid rules:
acl allowed_sites url_regex "/etc/squid/Allowed_Sites.txt"
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
acl SSL_ports port 443
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access allow Bypass_Users
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
acl our_networks src 192.168.1.0/24
http_access allow allowed_sites
http_access allow our_networks
http_access deny all
icp_access deny all
htcp_access deny all
http_port 192.168.1.254:3128 transparent
hierarchy_stoplist cgi-bin ?
access_log /var/log/squid/access.log squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|?) 0 0% 0
refresh_pattern . 0 20% 4320
visible_hostname FC11.proxybox
icp_port 3130
coredump_dir /var/spool/squid
When I try to access at physical address (0xD0000), we known that it is necessary to convert physical address to virtual address using function IOREMAP(0xD0000, 1024) and return me 0xC00D0000.
Now our doubt is when I have a board with I/O in address 0x150, is it necessary to convert this address to other virtual address??? or with inb(0x150) return me state of I/O in this address? How can I known where is this I/O address in my map memory?
My home directory's permissions allow only myself access to it. Is it possible to put a file inside my home directory with.. say.. full permissions, and create a symlink to it so other users can access that file alone inside my home folder? System is Ubuntu Karmic.
View 2 Replies View RelatedI've set up Ubuntu 9.04 (desktop) at home in a lab environment (workgroup rather than domain) and have configured Squid. Everything works fine but, when I took it to the next level and made the proxy transparent, my problems began. I can still access sites (having pointed the XP Pro client to the squid box as the DG) and the sites are logged in /var/log/squid/access.log but I am unable to use Outlook to access my SMTP and POP3. I guess that the setup is blocking ports 25 and 110 and I'll need to configure iptables to forward packets destined for these ports directly to the "real" DG, rather than the Squid box. Here's the set up:
A single NIC (eth0) on 172.19.0.250 / 16 (static) ADSL router ("real" DG) on 172.19.0.1 I executed iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128 My squid.conf:
Code:
acl all src all
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8
acl localnet src 10.0.0.0/8# RFC1918 possible internal network
acl localnet src 172.16.0.0/12# RFC1918 possible internal network
acl mynet src 172.19.0.0/16
[Code]....
I need to block mac address in my network then i foolowed as below acl's but am getting output as follows I tried as in /etc/squid/squid.conf acl block arp aa:aa:yy:yy:xx:xx http_access deny block but it give me error as like: - (This is the output of # squid -k parse) aclParseAclLine: Invalid ACL type 'arp' FATAL: Bungled squid.conf line 1234: acl block arp aa:aa:yy:yy:xx:xx squid Cache (Version 2.5.STABLE6): Terminated abnormally.
View 7 Replies View Related