Professional Documents
Culture Documents
-R
-R
-R
-R
-R
-R
proxy:proxy
proxy:proxy
proxy:proxy
proxy:proxy
proxy:proxy
proxy:proxy
/etc/squid/squid.conf
/etc/squid/storeid.pl
/cache1
/cache2
/cache3
/cache4
777
777
777
777
777
644
/cache1
/cache2
/cache3
/cache4
/etc/squid/storeid.pl
/etc/squid/squid.conf
cd ssl_cert
openssl req -new -newkey rsa:2048 -days 365 -nodes -x509 -keyout myCA.pem -out
myCA.pem
openssl x509 -in myCA.pem -outform DER -out myCA.der
mkdir /var/squid
cd /var/squid
mkdir ssl_db
cd
chown -R nobody /var/squid/ssl_db/
/usr/lib/squid/ssl_crtd -c -s /var/squid/ssl_db/certs
chown -R proxy:proxy /var/squid/ssl_db/
squid -z
tambahkan file dibawah in pada /etc/rc.local
modprobe
modprobe
modprobe
modprobe
modprobe
modprobe
modprobe
modprobe
modprobe
modprobe
xt_TPROXY
xt_socket
nf_tproxy_core
xt_mark
nf_nat
nf_conntrack_ipv4
nf_conntrack
nf_defrag_ipv4
ipt_REDIRECT
iptable_nat
iptables -t mangle -F
iptables -t mangle -X
iptables -t mangle -N DIVERT
iptables -t mangle -A DIVERT -j MARK --set-mark 1
iptables -t mangle -A DIVERT -j ACCEPT
iptables -t mangle -A INPUT -j ACCEPT
iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT
iptables -t mangle -A PREROUTING ! -d 192.168.3.2/32 -p tcp --dport 80 -j TPROXY
--tproxy-mark 0x1/0x1 --on-port 3129
iptables -t mangle -A PREROUTING ! -d 192.168.3.2/32 -p tcp --dport 443 -j TPROX
Y --tproxy-mark 0x1/0x1 --on-port 3127
/sbin/ip rule add fwmark 1 lookup 100
/sbin/ip route add local 0.0.0.0/0 dev lo table 100
echo 0 > /proc/sys/net/ipv4/conf/lo/rp_filter
echo 1 > /proc/sys/net/ipv4/ip_forward
exit 0
mangle pada mikrotik
/ip firewall mangle
add action=mark-routing chain=prerouting comment="TPROXY ROUTING" disabled=no ds
t-port=80,443 in-interface=ether4-lan new-routing-mark=tproxy_rm passthrough=no
\
protocol=tcp
add action=mark-connection chain=prerouting disabled=no dst-port=80,443 in-inter