This is my ver 1.0 routing bash script that makes use my other internet connection manually. My application here is route non-important sites like for example here Facebook site.
aroute.sh
#!/bin/bash
# version 1.0
#This script will list all the route and apply it.
#Change your gateway here
gateway="192.168.1.2"
#get the server IP list from the net and dump it to a file
#dig TXT +short _netblocks{,2,3}.google.com | tr ' ' '\n' | grep '^ip4:' > dump
whois -h whois.radb.net -- '-i origin AS32934' | grep "route:" > fbdump
linenum=`wc -l fbdump` #get file count
linenum=`echo ${linenum:0:2}` #trim the output so that it will only leave the integer
while [ $linenum != 0 ]
do
str1=`cat fbdump | head -n$linenum | tail -n1` #get the line content from the file
str2=`echo ${str1:7}` #Trim the text
echo $str2
nmaskpos=`echo $str2 | grep -aob '/' | grep -oE '[0-9]+'` #get the position of netmask
nmask=`echo ${str2:$nmaskpos+1}` #get the netmask content
str2=`echo ${str2:0:$nmaskpos}` #remove the netmask from the network ID
#get the netmask
case "$nmask" in
16) nmask="255.255.0.0"
;;
17) nmask="255.255.128.0"
;;
18) nmask="255.255.192.0"
;;
19) nmask="255.255.224.0"
;;
20) nmask="255.255.240.0"
;;
21) nmask="255.255.248.0"
;;
22) nmask="255.255.252.0"
;;
23) nmask="255.255.254.0"
;;
24) nmask="255.255.255.0"
;;
25) nmask="255.255.255.128"
;;
26) nmask="255.255.255.192"
;;
27) nmask="255.255.255.224"
;;
28) nmask="255.255.255.240"
;;
29) nmask="255.255.255.248"
;;
30) nmask="255.255.255.252"
;;
esac
#execute the route command
route add -net $str2 netmask $nmask gw $gateway
let linenum=$linenum-1
echo linenum_loop=$linenum
done
netstat -nr
echo Finished!
On the gateway variable is where you set your other router IP. For example your main gateway is 192.168.1.1 and the other is 192.168.1.2 so to route all facebook requests to 192.168.1.2 just set it on the gateway variable.
If you wish to make the script accept parameters instead of editing the gateway variable change the gateway="192.168.1.2" to gateway="$1" then to execute the script just do it like this...
# ./aroute.sh 192.168.1.2
This will put the 192.168.1.2 to the variable gateway.
I also left a command to list all google IP in the script as reference to others who like to use it.
Tuesday, August 15, 2017
Monday, August 15, 2016
Passwordless SSH login
I created this to remind myself how I did it.
First I disabled password authentication so no password login can be made possible. Just edit the file "/etc/ssh/sshd_config" then set the "PasswordAuthentication" to "no".
Don't forget to restart the ssh service.
For Debian - service ssh restart
For CentOS/Fedora - service sshd restart
Add yourself to the sudoers file. Command to edit it...
# visudo
Then add yourself. Example is below
# User privilege specification
root ALL=(ALL:ALL) ALL
[your username] ALL=(ALL:ALL) ALL
First I disabled password authentication so no password login can be made possible. Just edit the file "/etc/ssh/sshd_config" then set the "PasswordAuthentication" to "no".
Don't forget to restart the ssh service.
For Debian - service ssh restart
For CentOS/Fedora - service sshd restart
Add yourself to the sudoers file. Command to edit it...
# visudo
Then add yourself. Example is below
# User privilege specification
root ALL=(ALL:ALL) ALL
Friday, August 12, 2016
Setup ImageMagick on CentOS 6
source: Install ImageMagick on CentOS 6
First install dependencies:
yum -y groupinstall 'Development Tools'
yum -y install bzip2-devel freetype-devel libjpeg-devel libpng-devel libtiff-devel giflib-devel zlib-devel ghostscript-devel djvulibre-devel libwmf-devel jasper-devel libtool-ltdl-devel libX11-devel libXext-devel libXt-devel lcms-devel libxml2-devel librsvg2-devel OpenEXR-devel php-devel
Download the source
# wget http://www.imagemagick.org/download/ImageMagick.tar.gz
Now for the installation routine
# tar xvf ImageMagick.tar.gz
# cd ImageMagick*
# ./configure
# make
# make install
Verify that the compile and install were successful:
# convert --version
Troubleshooting: if convert command did not show up try logging out and in.
First install dependencies:
yum -y groupinstall 'Development Tools'
yum -y install bzip2-devel freetype-devel libjpeg-devel libpng-devel libtiff-devel giflib-devel zlib-devel ghostscript-devel djvulibre-devel libwmf-devel jasper-devel libtool-ltdl-devel libX11-devel libXext-devel libXt-devel lcms-devel libxml2-devel librsvg2-devel OpenEXR-devel php-devel
Download the source
# wget http://www.imagemagick.org/download/ImageMagick.tar.gz
Now for the installation routine
# tar xvf ImageMagick.tar.gz
# cd ImageMagick*
# ./configure
# make
# make install
Verify that the compile and install were successful:
# convert --version
Troubleshooting: if convert command did not show up try logging out and in.
Monday, August 8, 2016
How to Install JBOSS 7 Final on CentOS 6
source: How to Install JBOSS 7.1.1 Step by Step on CentOS
First install JAVA SDK 7
# yum -y groupinstall 'Development Tools'
Then Download Java 7 SDK. I used the rpm release to install it. If you wish to install from source download the tar file. Install it using the rpm command
# rpm -ivh jdk-7u79-linux-x64.rpm
Then execute the following commands
# export JAVA_HOME=/usr/java/jdk1.7.0_79
# export JAVA_HOME
# PATH=$JAVA_HOME/bin:$PATH
# export PATH
Now, ensure the path has been set correctly with below command,
# echo JAVA_HOME
Will shows JAVA_HOME path
To check java Version:
# java -version
Now to install JBOSS after completing the installation of Java SDK.
Download JBOSS 7 Final
# wget http://download.jboss.org/jbossas/7.1/jboss-as-7.1.1.Final/jboss-as-7.1.1.Final.zip
Extract that files and move the folder
# unzip -q jboss-as-7.1.1.Final.zip
# mv jboss-as-7.1.1.Final /usr/share/jboss-as
Create a user jboss
# groupadd jboss
# useradd -s /bin/bash -g jboss jboss
Add this to the .bash_profile of the created jboss user. The command is as below...
# sudo -u jboss vim /home/jboss/.bash_profile
Then add the content before "export PATH" line
export JAVA_HOME=/usr/java/jdk1.7.0_79
export JAVA_HOME
PATH=$JAVA_HOME/bin:$PATH
Symlink the config file for JBoss.
# mkdir /etc/jboss-as
# ln -s /etc/jboss-as/jboss-as.conf /usr/share/jboss-as/bin/init.d/jboss-as.conf
Then edit the config. Set it like below...
# General configuration for the init.d scripts,
# not necessarily for JBoss AS itself.
# The username who should own the process.
#
JBOSS_USER=jboss
# The amount of time to wait for startup
#
# STARTUP_WAIT=30
# The amount of time to wait for shutdown
#
# SHUTDOWN_WAIT=30
# Location to keep the console log
#
JBOSS_CONSOLE_LOG=/home/jboss/log/console.log
Symlink the start/stop/restart script for JBoss.
ln -s /etc/init.d/jboss /usr/share/jboss-as/bin/init.d/jboss-as-standalone.sh
To start JBOSS run from command line
# /etc/init.d/jboss start
To check if running...
# netstat -anp | grep 8080
tcp 0 0 127.0.0.1:8080 0.0.0.0:* LISTEN 12710/java
Using "top" command the JAVA service should be ran by jboss user, not root.
Now to make it run on boot
# chkconfig --add jboss
# chkconfig --level 234 jboss on
First install JAVA SDK 7
# yum -y groupinstall 'Development Tools'
Then Download Java 7 SDK. I used the rpm release to install it. If you wish to install from source download the tar file. Install it using the rpm command
# rpm -ivh jdk-7u79-linux-x64.rpm
Then execute the following commands
# export JAVA_HOME=/usr/java/jdk1.7.0_79
# export JAVA_HOME
# PATH=$JAVA_HOME/bin:$PATH
# export PATH
Now, ensure the path has been set correctly with below command,
# echo JAVA_HOME
Will shows JAVA_HOME path
To check java Version:
# java -version
Now to install JBOSS after completing the installation of Java SDK.
Download JBOSS 7 Final
# wget http://download.jboss.org/jbossas/7.1/jboss-as-7.1.1.Final/jboss-as-7.1.1.Final.zip
Extract that files and move the folder
# unzip -q jboss-as-7.1.1.Final.zip
# mv jboss-as-7.1.1.Final /usr/share/jboss-as
Create a user jboss
# groupadd jboss
# useradd -s /bin/bash -g jboss jboss
Add this to the .bash_profile of the created jboss user. The command is as below...
# sudo -u jboss vim /home/jboss/.bash_profile
Then add the content before "export PATH" line
export JAVA_HOME=/usr/java/jdk1.7.0_79
export JAVA_HOME
PATH=$JAVA_HOME/bin:$PATH
Symlink the config file for JBoss.
# mkdir /etc/jboss-as
# ln -s /etc/jboss-as/jboss-as.conf /usr/share/jboss-as/bin/init.d/jboss-as.conf
Then edit the config. Set it like below...
# General configuration for the init.d scripts,
# not necessarily for JBoss AS itself.
# The username who should own the process.
#
JBOSS_USER=jboss
# The amount of time to wait for startup
#
# STARTUP_WAIT=30
# The amount of time to wait for shutdown
#
# SHUTDOWN_WAIT=30
# Location to keep the console log
#
JBOSS_CONSOLE_LOG=/home/jboss/log/console.log
Symlink the start/stop/restart script for JBoss.
ln -s /etc/init.d/jboss /usr/share/jboss-as/bin/init.d/jboss-as-standalone.sh
To start JBOSS run from command line
# /etc/init.d/jboss start
To check if running...
# netstat -anp | grep 8080
tcp 0 0 127.0.0.1:8080 0.0.0.0:* LISTEN 12710/java
Using "top" command the JAVA service should be ran by jboss user, not root.
Now to make it run on boot
# chkconfig --add jboss
# chkconfig --level 234 jboss on
Tuesday, August 18, 2015
Setting up a Bootable EFI
In my setup I continued on my old post Multi-Boot PE using Grub4Dos. I did not re-formatted my HDD in GPT, it is still in MBR.
But before going to setup best to know what you are against.
What is EFI or Extensible Firmware Interface?
According to Wikipedia, the EFI System partition (ESP) is a partition on a data storage device (usually a hard disk drive or solid-state drive) that is used by computers adhering to the Unified Extensible Firmware Interface (UEFI).
When a computer is powered up and booted, UEFI firmware loads files stored on the ESP to start installed operating systems and various utilities. An ESP needs to be formatted with a file system whose specification is based on the FAT file system and maintained as part of the UEFI specification; therefore, the file system specification is independent from the original FAT specification.
ESP contains the boot loader programs for all installed operating systems (which are contained in other partitions on the same or other storage device), device driver files for devices present in a computer that are used by the firmware at boot time, system utility programs that are intended to be run before an operating system is booted, and data files such as error logs.
Also making the story short if you will read the Wikipedia UEFI can boot on MBR (thru CSM) and GPT. Also from my short study I found that to be able to boot on UEFI your primary partition needs the following file & folder structure...
(From rodsbooks)
The default/fallback boot loader, EFI/BOOT/bootx64.efi
The Windows boot loader, EFI/Microsoft/Boot/bootmgfw.efi
The OS X boot loader, System/Library/CoreServices/boot.efi (typically stored on the OS X system partition)
An EFI shell program, shellx64.efi, if it's stored in the root of the ESP
Also see "www.uefi.org/registry"
What is MBR?
MBR standards for Master Boot Record. It was introduced with IBM PC DOS 2.0 in 1983.
It’s called Master Boot Record because the MBR is a special boot sector located at the beginning of a drive. This sector contains a boot loader for the installed operating system and information about the drive’s logical partitions. The boot loader is a small bit of code that generally loads the larger boot loader from another partition on a drive. If you have Windows installed, the initial bits of the Windows boot loader reside here — that’s why you may have to repair your MBR if it’s overwritten and Windows won’t boot. If you have Linux installed, the GRUB boot loader will typically be located in the MBR.
MBR works with disks up to 2 TB in size, but it can’t handle disks with more than 2 TB of space. MBR also only supports up to four primary partitions — if you want more, you have to make one of your primary partitions an “extended partition” and create logical partitions inside it. This is a silly little hack and shouldn’t be necessary.
Hello GPT!
GPT stands for GUID Partition Table. It’s a new standard that’s gradually replacing MBR. It’s associated with UEFI — UEFI replaces the clunky old BIOS with something more modern, and GPT replaces the clunky old MBR partitioning system with something more modern. It’s called GUID Partition Table because every partition on your drive has a “globally unique identifier,” or GUID — a random string so long that every GPT partition on earth likely has its own unique identifier.
This system doesn’t have MBR’s limits. Drives can be much, much larger and size limits will depend on the operating system and its file systems. GPT allows for a nearly unlimited amount of partitions, and the limit here will be your operating system — Windows allows up to 128 partitions on a GPT drive, and you don’t have to create an extended partition.
On an MBR disk, the partitioning and boot data is stored in one place. If this data is overwritten or corrupted, you’re in trouble. In contrast, GPT stores multiple copies of this data across the disk, so it’s much more robust and can recover if the data is correupted. GPT also stores cyclic redundancy check (CRC) values to check that its data is intact — if the data is corrupted, GPT can notice the problem and attempt to recover the damaged data from another location on the disk. MBR had no way of knowing if its data was corrupted — you’d only see there was a problem when the boot process failed or your drive’s partitions vanished.
source: http://www.howtogeek.com/193669/whats-the-difference-between-gpt-and-mbr-when-partitioning-a-drive/
Now on to the main topic!!!
Now on my setup I used the Ubuntu 15.04 x64 LiveCD and I extracted the ISO to my HDD first partition. It uses Grub2 to boot. Note that I did not remove my Grub4DOS in the MBR and don't worry as UEFI will not use MBR if you configured BIOS to boot UEFI.
Here's the folder where UEFI will search into as said above "/EFI/BOOT/" and files bootx64.efi & grubx64.efi is present in that folder.
On folder /boot/grub/ is where the menu is located and the files it needs. If you want to modify the menu like me find the file "grub.cfg".
I modified it to my liking and here is the new content. You may compare it to the original after you downloaded your own Ubuntu 15.04 ISO.
=====
if loadfont /boot/grub/font.pf2 ; then
set gfxmode=800x600
insmod efi_gop
insmod efi_uga
insmod gfxterm
insmod vbe
insmod jpeg
terminal_output gfxterm
fi
background_image /boot/grub/BootLogo.jpg < --- I created my own boot logo
set menu_color_normal=brown/black
set menu_color_highlight=black/light-gray
menuentry "Boot Ubuntu GNOME 15.04 X64" {
set gfxpayload=keep
linux /casper/vmlinuz.efi file=/cdrom/preseed/ubuntu-gnome.seed boot=casper quiet splash ---
initrd /casper/initrd.lz
}
menuentry "Boot Microsoft Windows x64" { < --- I added this for my Windows boot
insmod part_gpt
insmod fat
insmod search_fs_uuid
insmod chain
search --fs-uuid --no-floppy --set=root CHAN-GEME < --- set the volume serial of the second partition
chainloader /efi/boot/bootx64.efi
}
=====
My HDD has 3 partitions actually. They are:
1. Boot partition (8GB Fat32) - Named as GrubEFI or "Grub & EFI" as it boots Grub4DOS & Grub2 EFI
2. Scratch parition (8GB Fat32) - This is my second partition where I can change to any OS I want. I just delete and copy the new OS installer here.
3. Data Parition (the rest of the space & NTFS) - as it says just "Data". Also it stores my OS backup for SCRATCH partition.
That's all! I just laid out the files on the primary partition and Ubuntu 15.04 Grub2 works out of the box. The menu entry for Windows is optional. Note that you don't need Grub2 to boot windows, I just want to have a control or a boot menu rather than just it booting directly to only 1 OS. You could copy your Windows x64 installer (note that the EFI files needs to be placed if not yet set for example Win7) starting Win8 and higher EFI is already default set so you can copy it directly to the primary partition.
But before going to setup best to know what you are against.
What is EFI or Extensible Firmware Interface?
According to Wikipedia, the EFI System partition (ESP) is a partition on a data storage device (usually a hard disk drive or solid-state drive) that is used by computers adhering to the Unified Extensible Firmware Interface (UEFI).
When a computer is powered up and booted, UEFI firmware loads files stored on the ESP to start installed operating systems and various utilities. An ESP needs to be formatted with a file system whose specification is based on the FAT file system and maintained as part of the UEFI specification; therefore, the file system specification is independent from the original FAT specification.
ESP contains the boot loader programs for all installed operating systems (which are contained in other partitions on the same or other storage device), device driver files for devices present in a computer that are used by the firmware at boot time, system utility programs that are intended to be run before an operating system is booted, and data files such as error logs.
Also making the story short if you will read the Wikipedia UEFI can boot on MBR (thru CSM) and GPT. Also from my short study I found that to be able to boot on UEFI your primary partition needs the following file & folder structure...
(From rodsbooks)
The default/fallback boot loader, EFI/BOOT/bootx64.efi
The Windows boot loader, EFI/Microsoft/Boot/bootmgfw.efi
The OS X boot loader, System/Library/CoreServices/boot.efi (typically stored on the OS X system partition)
An EFI shell program, shellx64.efi, if it's stored in the root of the ESP
Also see "www.uefi.org/registry"
What is MBR?
MBR standards for Master Boot Record. It was introduced with IBM PC DOS 2.0 in 1983.
It’s called Master Boot Record because the MBR is a special boot sector located at the beginning of a drive. This sector contains a boot loader for the installed operating system and information about the drive’s logical partitions. The boot loader is a small bit of code that generally loads the larger boot loader from another partition on a drive. If you have Windows installed, the initial bits of the Windows boot loader reside here — that’s why you may have to repair your MBR if it’s overwritten and Windows won’t boot. If you have Linux installed, the GRUB boot loader will typically be located in the MBR.
MBR works with disks up to 2 TB in size, but it can’t handle disks with more than 2 TB of space. MBR also only supports up to four primary partitions — if you want more, you have to make one of your primary partitions an “extended partition” and create logical partitions inside it. This is a silly little hack and shouldn’t be necessary.
Hello GPT!
GPT stands for GUID Partition Table. It’s a new standard that’s gradually replacing MBR. It’s associated with UEFI — UEFI replaces the clunky old BIOS with something more modern, and GPT replaces the clunky old MBR partitioning system with something more modern. It’s called GUID Partition Table because every partition on your drive has a “globally unique identifier,” or GUID — a random string so long that every GPT partition on earth likely has its own unique identifier.
This system doesn’t have MBR’s limits. Drives can be much, much larger and size limits will depend on the operating system and its file systems. GPT allows for a nearly unlimited amount of partitions, and the limit here will be your operating system — Windows allows up to 128 partitions on a GPT drive, and you don’t have to create an extended partition.
On an MBR disk, the partitioning and boot data is stored in one place. If this data is overwritten or corrupted, you’re in trouble. In contrast, GPT stores multiple copies of this data across the disk, so it’s much more robust and can recover if the data is correupted. GPT also stores cyclic redundancy check (CRC) values to check that its data is intact — if the data is corrupted, GPT can notice the problem and attempt to recover the damaged data from another location on the disk. MBR had no way of knowing if its data was corrupted — you’d only see there was a problem when the boot process failed or your drive’s partitions vanished.
source: http://www.howtogeek.com/193669/whats-the-difference-between-gpt-and-mbr-when-partitioning-a-drive/
Now on to the main topic!!!
Now on my setup I used the Ubuntu 15.04 x64 LiveCD and I extracted the ISO to my HDD first partition. It uses Grub2 to boot. Note that I did not remove my Grub4DOS in the MBR and don't worry as UEFI will not use MBR if you configured BIOS to boot UEFI.
Here's the folder where UEFI will search into as said above "/EFI/BOOT/" and files bootx64.efi & grubx64.efi is present in that folder.
On folder /boot/grub/ is where the menu is located and the files it needs. If you want to modify the menu like me find the file "grub.cfg".
I modified it to my liking and here is the new content. You may compare it to the original after you downloaded your own Ubuntu 15.04 ISO.
=====
if loadfont /boot/grub/font.pf2 ; then
set gfxmode=800x600
insmod efi_gop
insmod efi_uga
insmod gfxterm
insmod vbe
insmod jpeg
terminal_output gfxterm
fi
background_image /boot/grub/BootLogo.jpg < --- I created my own boot logo
set menu_color_normal=brown/black
set menu_color_highlight=black/light-gray
menuentry "Boot Ubuntu GNOME 15.04 X64" {
set gfxpayload=keep
linux /casper/vmlinuz.efi file=/cdrom/preseed/ubuntu-gnome.seed boot=casper quiet splash ---
initrd /casper/initrd.lz
}
menuentry "Boot Microsoft Windows x64" { < --- I added this for my Windows boot
insmod part_gpt
insmod fat
insmod search_fs_uuid
insmod chain
search --fs-uuid --no-floppy --set=root CHAN-GEME < --- set the volume serial of the second partition
chainloader /efi/boot/bootx64.efi
}
=====
My HDD has 3 partitions actually. They are:
1. Boot partition (8GB Fat32) - Named as GrubEFI or "Grub & EFI" as it boots Grub4DOS & Grub2 EFI
2. Scratch parition (8GB Fat32) - This is my second partition where I can change to any OS I want. I just delete and copy the new OS installer here.
3. Data Parition (the rest of the space & NTFS) - as it says just "Data". Also it stores my OS backup for SCRATCH partition.
That's all! I just laid out the files on the primary partition and Ubuntu 15.04 Grub2 works out of the box. The menu entry for Windows is optional. Note that you don't need Grub2 to boot windows, I just want to have a control or a boot menu rather than just it booting directly to only 1 OS. You could copy your Windows x64 installer (note that the EFI files needs to be placed if not yet set for example Win7) starting Win8 and higher EFI is already default set so you can copy it directly to the primary partition.
Tuesday, June 23, 2015
Restarting network interface in Ubuntu starting 14.04 and up
After Ubuntu 12.04 the /etc/init.d/networking restart command will not work. So it is advised to create a restart script to be able to restart the network interface.
here are the steps done in creating the network restart script.
# vim nrestart.sh
This will create a new file. Then insert the following
ifdown eth0 && ifup eth0
Save after. Note replace the interface to suit your needs.
# chmod a+x nrestart.sh
This will make our script executable
# ./nrestart.sh
This is how to execute the command if you are in the same path.
here are the steps done in creating the network restart script.
# vim nrestart.sh
This will create a new file. Then insert the following
ifdown eth0 && ifup eth0
Save after. Note replace the interface to suit your needs.
# chmod a+x nrestart.sh
This will make our script executable
# ./nrestart.sh
This is how to execute the command if you are in the same path.
Tuesday, March 31, 2015
Squid 3 Basic configuration
This is just an update from my old Squid installation tutorial. Below is some minor changes on the configuration. Tested on Ubuntu 14.04 using Squid 3.3.8
visible_hostname verZionSQD3
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
#Recommended minimum configuration:
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 5242 # for Viber
acl Safe_ports port 4244 # for Viber
acl Safe_ports port 5243 # for Viber
acl Safe_ports port 9785 # for Viber
acl CONNECT method CONNECT
#http_access deny !Safe_ports
#http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
http_access allow localhost
http_port 3128
hierarchy_stoplist cgi-bin ?
access_log /var/log/squid3/access.log squid
cache_dir ufs /var/spool/squid3 3000 16 256
#We recommend you to use the following two lines.
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
cache deny SSL_ports
#Suggested default:
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
# Leave coredumps in the first cache dir
coredump_dir /var/spool/squid3
# not to be cached sites place here
acl websitesNC dstdomain www.bir.gov.ph
acl websitesNC dstdomain www.sss.gov.ph
always_direct allow websitesNC
########## Block List ###############
#block sample
acl blocked01 dstdomain www.yahoo.com
acl blocked01 dstdomain www.friendster.com
http_access deny blocked01
###############
# blacklisted #
###############
acl macblock arp 00:1b:b1:5b:f9:17
http_access deny macblock
##### users with restrictions set #######
#Allow your subnet
acl PChosts src 192.168.1.0/24
http_access allow PChosts
#allow all subnet
#http_access allow all
Enjoy!
visible_hostname verZionSQD3
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
#Recommended minimum configuration:
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 5242 # for Viber
acl Safe_ports port 4244 # for Viber
acl Safe_ports port 5243 # for Viber
acl Safe_ports port 9785 # for Viber
acl CONNECT method CONNECT
#http_access deny !Safe_ports
#http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
http_access allow localhost
http_port 3128
hierarchy_stoplist cgi-bin ?
access_log /var/log/squid3/access.log squid
cache_dir ufs /var/spool/squid3 3000 16 256
#We recommend you to use the following two lines.
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
cache deny SSL_ports
#Suggested default:
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
# Leave coredumps in the first cache dir
coredump_dir /var/spool/squid3
# not to be cached sites place here
acl websitesNC dstdomain www.bir.gov.ph
acl websitesNC dstdomain www.sss.gov.ph
always_direct allow websitesNC
########## Block List ###############
#block sample
acl blocked01 dstdomain www.yahoo.com
acl blocked01 dstdomain www.friendster.com
http_access deny blocked01
###############
# blacklisted #
###############
acl macblock arp 00:1b:b1:5b:f9:17
http_access deny macblock
##### users with restrictions set #######
#Allow your subnet
acl PChosts src 192.168.1.0/24
http_access allow PChosts
#allow all subnet
#http_access allow all
Enjoy!
Subscribe to:
Posts (Atom)