Ubuntu/squid
From r00tedvw.com wiki
(Difference between revisions)
Line 15: | Line 15: | ||
1060 http_access allow all | 1060 http_access allow all | ||
+ | adding additional settings to help mask proxy IP | ||
+ | #Privacy Things | ||
+ | header_access X-Forwarded-For deny all | ||
+ | via off | ||
+ | forwarded_for off | ||
+ | follow_x_forwarded_for deny all | ||
==iptables== | ==iptables== | ||
restrict access via iptables. Add an implicit deny for INPUT, but only after you've given yourself appropriate access to at least ssh. | restrict access via iptables. Add an implicit deny for INPUT, but only after you've given yourself appropriate access to at least ssh. | ||
~$sudo iptables -A INPUT -s [ip address/range] -p tcp --dport 3128 -j ACCEPT | ~$sudo iptables -A INPUT -s [ip address/range] -p tcp --dport 3128 -j ACCEPT |
Revision as of 19:30, 22 June 2014
Proxy server
Installed on Ubuntu 14.04 Server
Contents |
Installation
~$sudo apt-get update -y && sudo apt-get install squid3 squid3-common -y
backup conf
~/etc/squid3$ sudo cp squid.conf squid.conf.bak
Edit Configuration
edit the config file and add a hostname
~/etc/squid3/squid3.conf 4751 visible_hostname proxy.domain
allow everyone to access the proxy (controlled through iptables instead)
1060 http_access allow all
adding additional settings to help mask proxy IP
#Privacy Things header_access X-Forwarded-For deny all via off forwarded_for off follow_x_forwarded_for deny all
iptables
restrict access via iptables. Add an implicit deny for INPUT, but only after you've given yourself appropriate access to at least ssh.
~$sudo iptables -A INPUT -s [ip address/range] -p tcp --dport 3128 -j ACCEPT