Upload File

web viewcreate rule for allow (clients range 192.168.1.0/24) and deny (domain like...

  • Home
  • Documents
  • Web viewCreate rule for allow (clients range 192.168.1.0/24) and deny (domain like facebook.com,youtue.com,dap-news.com) XP test. Access don’t use proxy server
23
Homework Proxy server with IPTABLE Requirement Server 2003 (DNS,DHCP,AD,ip 192.168.1.1) Proxy server with iptable linux (2 interface vmnet1 192.168.1.2/24,vmnet2 172.16.1.212/23) Xp client for test(ip range 192.168.1.10=>192.168.1.30/24) Task to do 1. Clients use services of server 2. Clients access internet using proxy only 3. Block website facebook.com, youtube.com, dap- news.com Proxy Server Assing ip for proxy server have two interface Assing defautgateway Prepare by CHAN Sarat SNA2012B Teacher : KIM Bunthoun Student : CHAN Sarat

Upload: lamhanh

Post on 06-Feb-2018

214 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Web viewCreate rule for allow (clients range 192.168.1.0/24) and deny (domain like facebook.com,youtue.com,dap-news.com) XP test. Access don’t use proxy server

Homework Proxy server with IPTABLE

Requirement

Server 2003 (DNS,DHCP,AD,ip 192.168.1.1) Proxy server with iptable linux (2 interface vmnet1

192.168.1.2/24,vmnet2 172.16.1.212/23) Xp client for test(ip range 192.168.1.10=>192.168.1.30/24)

Task to do

1. Clients use services of server 2. Clients access internet using proxy only3. Block website facebook.com, youtube.com, dap-news.com

Proxy Server

Assing ip for proxy server have two interface Assing defautgateway

Prepare by CHAN Sarat SNA2012B

Teacher : KIM Bunthoun

Student : CHAN Sarat

Class : SNA2012B

Page 2: Web viewCreate rule for allow (clients range 192.168.1.0/24) and deny (domain like facebook.com,youtue.com,dap-news.com) XP test. Access don’t use proxy server

Prepare by CHAN Sarat SNA2012B

Page 3: Web viewCreate rule for allow (clients range 192.168.1.0/24) and deny (domain like facebook.com,youtue.com,dap-news.com) XP test. Access don’t use proxy server

Assign DNS cist.lan

Test by ping ip dns cist.lan

Prepare by CHAN Sarat SNA2012B

Page 4: Web viewCreate rule for allow (clients range 192.168.1.0/24) and deny (domain like facebook.com,youtue.com,dap-news.com) XP test. Access don’t use proxy server

Ping defaut gateway cist.lan

Server2003 Assign ip and defaut gateway

Prepare by CHAN Sarat SNA2012B

Page 5: Web viewCreate rule for allow (clients range 192.168.1.0/24) and deny (domain like facebook.com,youtue.com,dap-news.com) XP test. Access don’t use proxy server

Forwarder dns

Test by ping dns cist.lan

Prepare by CHAN Sarat SNA2012B

Page 6: Web viewCreate rule for allow (clients range 192.168.1.0/24) and deny (domain like facebook.com,youtue.com,dap-news.com) XP test. Access don’t use proxy server

Test ping google.com

Prepare by CHAN Sarat SNA2012B

Page 7: Web viewCreate rule for allow (clients range 192.168.1.0/24) and deny (domain like facebook.com,youtue.com,dap-news.com) XP test. Access don’t use proxy server

Create rule iptables to allow client & server access internet throw router-proxy

Test proxy server ping google.com

Prepare by CHAN Sarat SNA2012B

Page 8: Web viewCreate rule for allow (clients range 192.168.1.0/24) and deny (domain like facebook.com,youtue.com,dap-news.com) XP test. Access don’t use proxy server

XP client

clients use dns “sarat.com”

Prepare by CHAN Sarat SNA2012B

Page 9: Web viewCreate rule for allow (clients range 192.168.1.0/24) and deny (domain like facebook.com,youtue.com,dap-news.com) XP test. Access don’t use proxy server

Proxy Server

Install sqid

File configure squid “vim/etc/squid/squid.conf”

Default port squid 3128 and 8080

Prepare by CHAN Sarat SNA2012B

Page 10: Web viewCreate rule for allow (clients range 192.168.1.0/24) and deny (domain like facebook.com,youtue.com,dap-news.com) XP test. Access don’t use proxy server

Cache file

Create acl (acl client src 192.168.1.0/24) Disable some options

Prepare by CHAN Sarat SNA2012B

Page 11: Web viewCreate rule for allow (clients range 192.168.1.0/24) and deny (domain like facebook.com,youtue.com,dap-news.com) XP test. Access don’t use proxy server

Disable “icp_access allow localnet”

Prepare by CHAN Sarat SNA2012B

Page 12: Web viewCreate rule for allow (clients range 192.168.1.0/24) and deny (domain like facebook.com,youtue.com,dap-news.com) XP test. Access don’t use proxy server

Restart services squid

Create acl for lan client and domain

Create rule for allow (clients range 192.168.1.0/24) and deny (domain like facebook.com,youtue.com,dap-news.com)

Prepare by CHAN Sarat SNA2012B

Page 13: Web viewCreate rule for allow (clients range 192.168.1.0/24) and deny (domain like facebook.com,youtue.com,dap-news.com) XP test. Access don’t use proxy server

XP test

Access don’t use proxy server

Prepare by CHAN Sarat SNA2012B

Page 14: Web viewCreate rule for allow (clients range 192.168.1.0/24) and deny (domain like facebook.com,youtue.com,dap-news.com) XP test. Access don’t use proxy server

Access use proxy server IP interface router connect to server(192.168.1.2) Port use default port proxy server 3128

Result can access internet

Prepare by CHAN Sarat SNA2012B

Page 15: Web viewCreate rule for allow (clients range 192.168.1.0/24) and deny (domain like facebook.com,youtue.com,dap-news.com) XP test. Access don’t use proxy server

Test website that we block

We access facebook.com

We access dap-news.com

Prepare by CHAN Sarat SNA2012B

Page 16: Web viewCreate rule for allow (clients range 192.168.1.0/24) and deny (domain like facebook.com,youtue.com,dap-news.com) XP test. Access don’t use proxy server

We access youtube.com

squidGuard

Prepare by CHAN Sarat SNA2012B

Page 17: Web viewCreate rule for allow (clients range 192.168.1.0/24) and deny (domain like facebook.com,youtue.com,dap-news.com) XP test. Access don’t use proxy server

Prepare by CHAN Sarat SNA2012B

Page 18: Web viewCreate rule for allow (clients range 192.168.1.0/24) and deny (domain like facebook.com,youtue.com,dap-news.com) XP test. Access don’t use proxy server

Prepare by CHAN Sarat SNA2012B

Page 19: Web viewCreate rule for allow (clients range 192.168.1.0/24) and deny (domain like facebook.com,youtue.com,dap-news.com) XP test. Access don’t use proxy server

Prepare by CHAN Sarat SNA2012B

Page 20: Web viewCreate rule for allow (clients range 192.168.1.0/24) and deny (domain like facebook.com,youtue.com,dap-news.com) XP test. Access don’t use proxy server

Prepare by CHAN Sarat SNA2012B

Page 21: Web viewCreate rule for allow (clients range 192.168.1.0/24) and deny (domain like facebook.com,youtue.com,dap-news.com) XP test. Access don’t use proxy server

Prepare by CHAN Sarat SNA2012B

Page 22: Web viewCreate rule for allow (clients range 192.168.1.0/24) and deny (domain like facebook.com,youtue.com,dap-news.com) XP test. Access don’t use proxy server

Prepare by CHAN Sarat SNA2012B


NetBrain Consultant Edition v5 · NETBRAIN Consultant Edition 5.0: ... Analyze what’s changed in topology, routing, ... Dynamic map of VLAN 192.168.1.0/24

ЕКСПЕДИЦІЙНИЙ ЗВІТufology-news.com/u/18672430/SRCAA_Zond/Journal_of_field_works… · Рис.10. Центр формації із механічно вдавленою

EIBC Версия для Интернет Протокол Заседания ...ufology-news.com/u/18672430/Ufology_News/Minutes... · eibc Версия для Интернет Протокол

April 7, 2016 - bloximages.chicago2.vip.townnews.combloximages.chicago2.vip.townnews.com/townnews365... · April 7, 2016 ... Webinar announcements Receive invitations to Town News.com

ةيملاعلإا قلاخلأا - maharat-news.commaharat-news.com/Temp/Attachments/37cacf6c-f794-46c8-868f-54e182eed1fd.… · ةيملاعلإا قلاخلأا ينب عقالا

DELL POWERVAULT NX3500 INTEGRATION WITHIN A … · DELL POWERVAULT NX3500 INTEGRATION WITHIN A MICROSOFT ... 192.168.0.0/24 Network IP:192.168.1.0/24 ... Network topology diagram

briandangarted.files.wordpress.com€¦ · Web viewCreate an artwork that illustrates the transformative effects of popular culture across generations

Graduate From the Class of 2013 Reveals What Schoolies Week is Really Like _ News.com

NetBrain Enterprise Suite v5 · NETBRAIN ENTERPRISE SUITE 5.1: ... discovers both network topology and the network ... Dynamic map of VLAN 192.168.1.0/24

portletblogfromyathambusiness.files.wordpress.com…  · Web viewCreate the folder in WEB-INF (like folder name is jsp) like below

HALO KIOSK - airportindustry-news.com

ROUTE: Implementing Cisco IP Routing Course 1: … not support VLSM ... 192.168.1.0 /24 192.168.2.0 /24 Fa0/0 RIPv1

A 20-year plague | CNET News.com hist…  · Web viewDecades after creation, viruses defy cure. By Robert Lemos Staff Writer, CNET News.com November 25, 2003, 4:00AM PT . Of all

2021 MEDIA KIT - itb-berlin-news.com · 10-14 march 2021 berlin itb-berlin-news.com key benefits for exhibitors: attract trade visitors maximise business at itb berlin give buyers

Tax-News.com Cyprus Review 2010-2011 review 2010-2011.pdfoffshore jurisdictions, offshore trusts or offshore investments. Tax-News.com Cyprus Review 2010-2011 A review and forecast

Witnesses Tell of Shocking Moment Trainer Dave Styles Mauled by Tiger at Australia Zoo _ News.com

grafenwoehr-news.com // Issue #6 // May June 2012 // English

Nelson Mandela's Funeral_ Mourners Join World Leaders at FNB Stadium, Johannesburg for Service _ News.com

2017 MEDIA KIT - ddn-news.comddn-news.com/lib/sitefiles/mediakit.pdf · 2017 MEDIA KIT Covering the News of Pharma, Biotech & Life Science ddn-news.com ddncancer.com 2017 MEDIA KIT

10 Things Your Boss Won't Tell You _ News.com

New Zealand's Top 10 Road Trips _ News.com

Who Likes Cake? VLSM? •Get maximum usage from your addresses •192.168.1.0/24 = 1 network – 254 hosts •192.168.1.0/26 = 4 subnets – 62 hosts •192.168.1.0/28 = 16 ... BITS

grafenwoehr-news.com // Issue #9 // November / December 2012 // English

INTERNATIONAL DEVELOPMENT CENTREufology-news.com/u/18672430/Ufology_News/Minutes...Днепропетровска, Запорожья, а также из Херсонской, Донецкой,

grafenwoehr-news.com // Ausgabe #6 // 03/2012 // English

trchistory.files.wordpress.com  · Web viewCreate a timeline of events in HVII’s reign. Colour code each event thematically:

Static IP Routing (SIR) - Transition Networks · Static IP Routing Module Functional Diagram ... This minimizes the network topology knowledge needed ... (e.g., 192.168.1.0/24). In

€¦ · Web viewCreate new Word document, format document, ... Safari. Plagiarism. ... . Keyboarding

Cool cows make for happier herd in dubai gulf news.com

Wedding Showcase 2016 | The Crescent-News | Defiance, Ohio | Website: crescent-news.com

E0 192.168.1.1/24 LAN - 192.168.1.0/24LAN – 172.16.0.0/16 10.0.0.1/8 S0 S1 10.0.0.2/8 Head Office Branch Office E0 172.16.0.1/16

CLIPS_Word_Template - SIelearningsielearning.tafensw.edu.au/.../lo/9218/documents/9218_r…  · Web viewCreate a stimulating, positive and developmentally appropriate environment

High-Achievers Suffering From 'Imposter Syndrome' _ News.com

TheGreenBow VPN Client · TheGreenBow IPSec VPN Client ... 1.2 VPN Network topology In our VPN network example (diagram hereafter), ... local_net 192.168.1.0/24

VPN Tracker for Mac OS X · ... Asanté FriendlyNET VR2004 connection diagram ... LAN 192.168.1.1 LAN 192.168.1.0/24 192.168.1.10 ... „Host to Network“ as Topology,