Updated my template

Just made a few changes in the design of my Blog UI by using the available templates here in google blogs and also reposted my transparent squid article.

Hope you people liked it! Cheers!!!

DHCP for transparent Squid

And last but not the least the DHCP server

# aptitude install dhcp3-server

Then to edit the configuration file...

# vim /etc/dhcp3/dhcpd.conf

here are the content:

ddns-update-style none;
# option definitions common to all supported networks...
option domain-name "verZion.com";

option domain-name-servers 8.8.8.8, 8.8.4.4;

default-lease-time 600; max-lease-time 7200;

# If this DHCP server is the official DHCP server for the local 

# network, the authoritative directive should be uncommented.
authoritative;
# Use this to send dhcp log messages to a different log file

log-facility local7;

# gateway on your internal interface

option routers 192.168.1.1;

# This is a very basic subnet declaration.
subnet 192.168.1.0 netmask 255.255.255.0 { 

range 192.168.1.150 192.168.1.250;

}

=== End of file

After placing all the basic setting now let's get it on!!!

# /etc/init.d/dhcp3-server restart

And that's it! All client PC will have their own IP assigned by the server and they should be able use the invisible proxy on your server without any need to configure every PC.

IPTABLES for transparent Squid

In this post I created an iptables script and I name the file as fw.sh 

here's the sample content:
#!/bin/bash
#
#iptables ko... by verzion

# init string
ipt="/sbin/iptables"
SQUID_SERVER="ip_addr of your squid server"
WAN="eth0"
LAN="eth1"
SQUID_PORT="3128"

# how to use:
# $ipt -F
# rather than...
# /sbin/iptables -F

# Flush all config
$ipt -t filter -F
$ipt -t nat -F

# Policy settings
$ipt -P INPUT ACCEPT
$ipt -P FORWARD DROP
$ipt -P OUTPUT DROP

# Enabling IP forwarding.
echo "1" > /proc/sys/net/ipv4/ip_forward

# no firewall for LAN
$ipt -A INPUT -i $LAN -p all -j ACCEPT
$ipt -A OUTPUT -o $LAN -p all -j ACCEPT

# Allow SSH. Uncomment if you wish to use SSH
$ipt -A INPUT -p tcp --dport 22 -j ACCEPT

# Allow ICMP. Zero (0) is for echo-reply. Eight (8) is for echo-request.
$ipt -A INPUT -p icmp --icmp-type 8 -j ACCEPT

# Allow internet connection to this PC.
$ipt -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

# set this system as a router for Rest of LAN
$ipt --table nat --append POSTROUTING --out-interface eth1 -j MASQUERADE
$ipt --append FORWARD --in-interface $LAN -j ACCEPT
$ipt -t nat -A POSTROUTING -o eth1 -j MASQUERADE

# DNAT port 80 request comming from LAN systems to squid 3128 ($SQUID_PORT) aka transparent proxy
iptables -t nat -A PREROUTING -i $LAN -p tcp --dport 80 -j DNAT --to $SQUID_SERVER:$SQUID_PORT
# if it is same system
iptables -t nat -A PREROUTING -i $WAN -p tcp --dport 80 -j REDIRECT --to-port $SQUID_PORT

# save settings to iptables (uncomment either of the two lines below to save the firewall settings)
#$ipt -L
#iptables-save

=== End of file

then make the script executable

# chmod a+x fw.sh

then to execute the script

# ./fw,sh

This ends the IPTABLES to forward the port 80 (www) requests to 3128 (squid). Now to automatically set the client PC's to have their own network IP by using DHCP

There is an update for this post. see http://linuxverzion.blogspot.com/2013/09/update-for-my-iptables-for-transparent.html
Cheers!

Transparent SQUID proxy setup

Just got transparent proxy to work in Ubuntu and here's the basic configuration of what I did...

Squid Setup

1. Download and Install The Squid Package.
# aptitude install squid

2. Configure the /etc/squid/squid.conf file.
# vim etc/squid/squid.conf

Here's the contents:

visible_hostname SQDverZion

http_port 3128 transparent

hierarchy_stoplist cgi-bin ?

acl QUERY urlpath_regex cgi-bin \?

cache deny QUERY

acl apache rep_header Server ^Apache

broken_vary_encoding allow apache

access_log /var/log/squid/access.log squid

#logformat Squid %>h

# Input here your DNS server

dns_nameservers 8.8.8.8

refresh_pattern ^ftp:           1440    20%     10080

refresh_pattern ^gopher:        1440    0%      1440

refresh_pattern .               0       20%     4320

#Recommended minimum configuration:

acl all src 0.0.0.0/0.0.0.0

acl manager proto cache_object

acl localhost src 127.0.0.1/255.255.255.255

acl to_localhost dst 127.0.0.0/8

acl SSL_ports port 443

acl Safe_ports port 80          # http

acl Safe_ports port 21          # ftp

acl Safe_ports port 443         # https

acl Safe_ports port 70          # gopher

acl Safe_ports port 210         # wais

acl Safe_ports port 1025-65535  # unregistered ports

acl Safe_ports port 280         # http-mgmt

acl Safe_ports port 488         # gss-http

acl Safe_ports port 591         # filemaker

acl Safe_ports port 777         # multiling http

acl CONNECT method CONNECT

# restriction list

#acl GoodSites dstdomain "/etc/squid/allowed-sites.squid"

#acl BadSites dstdomain "/etc/squid/blocked-sites.squid"

# blocking a site

acl facebooksite dstdomain .facebook.com

http_access deny facebooksite

# if you wish the site is not to be cached #

#acl site01 dstdomain google.com

#always_direct allow site01

# globaly allowed sites #

acl yahoosite dstdomain www.yahoo.com

# No Limit users by range #

#acl nolimitusers src 192.168.1.1-192.168.1.20

#http_access allow nolimitusers

# users with restrictions set #

# Below is sample how to use restriction list to users

#acl user01 src 192.168.1.100

#http_access deny user01 BadSites

#http_access allow user01 GoodSites

=== End of Squid.conf file

to start the squid just type:
# /etc/init.d/squid start

other commands that can be used is "stop" and "restart" with the command above.
Also to reconfigure squid without restarting just issue...
# squid -k reconfigure

See the next post regarding IPTABLES to redirect port 80 requests to 3128

Virtual Drive from a Folder

Today we are going to tell you about a secret DOS command "subst" which can be used to create a virtual drive in Windows Explorer for any of your desired folder.
For example, if you frequently use a folder "E:\Wallpapers", then you can create a virtual drive in Explorer which will directly go to this folder whenever you double click on it or access it from RUN or Command Prompt. It'll save a lot of time.
Here is how to do it:
Open Command Prompt and provide following command:

subst drive_letter: folder_path

for example, if you want to create a virtual drive letter H: for a folder "E:\Wallpapers", then use following command:

subst H: E:\Wallpapers

 If you want to delete this virtual drive, then provide following command:

subst drive_letter: /D

NOTE:
A. Remember! You can't use existing drive letters for creating virtual drives, e.g. if you have 2 partitions C: and D:, then you can't use them for subst command.
B. You should not use chkdsk, diskcomp, diskcopy, format, label and recover commands on virtual drives created using subst command as these virtual drives are not real and these commands either will not work or can cause problems for the actual drives where the folders reside.

source: Tweaking with Vishal

sK1 vector graphics editor Installation

sK1 is an open source vector graphics editor similar to CorelDRAW, Adobe Illustrator, or Freehand. First of all sK1 is oriented for "prepress ready" PostScript & PDF output.

for updated source copy click here.

Now for the installation...
Prerequisites:
1. Install the ff:

• Python2.6-dev
• liblcms
• libxcursor-dev
• tcl 8.5 & dev
• tk 8.5 & dev

2. Install the sK1 library

• sk1libs
• sk1sdk

Either directly compile and install them or build a .deb file. See the README on the commands on how to compile them.

3. Install sK1
Either directly compile and install them or build a .deb file. See the README on the commands on how to compile.

Install Python 2.6 on Ubuntu 8.04 LTS

Add to /etc/apt/sources.list

deb http://ppa.launchpad.net/python-dev/ppa/ubuntu hardy main
deb-srchttp://ppa.launchpad.net/python-dev/ppa/ubuntu hardy main

Import the pub key sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys D81367B9


Install python2.6sudo apt-get install python2.6

(ext. source: Irimia'S Blog)