ผู้เขียน หัวข้อ: ปรึกษา Kerio Winrout Firewall กับ การทำ transparent proxy (อ่าน 4208 ครั้ง)

ball_daredevil · « **เมื่อ:** สิงหาคม 20, 2009, 05:38:05 am »

ผมทำ transparent proxy ด้วยโปรแกรม Kerio Winrout Firewall แต่ยังทำไม่ได้ครับ
เพราะว่ามันเก็บรายละเอียดเฉพาะเครื่อง server อย่างเดียวครับและเครื่อง client ไม่สามารถเล่น internet ได้
นอกจาก transparent proxy แล้วผมยังใช้ โปรแกรมนี้ทำ DHCP Server ด้วยครับ

http://i176.photobucket.com/albums/w190/k_toonni/1-2.png
http://i176.photobucket.com/albums/w190/k_toonni/2.png
http://i176.photobucket.com/albums/w190/k_toonni/3.png
http://i176.photobucket.com/albums/w190/k_toonni/4.png
http://i176.photobucket.com/albums/w190/k_toonni/41.png
http://i176.photobucket.com/albums/w190/k_toonni/42.png
http://i176.photobucket.com/albums/w190/k_toonni/43.png
http://i176.photobucket.com/albums/w190/k_toonni/5.png
http://i176.photobucket.com/albums/w190/k_toonni/6.png
http://i176.photobucket.com/albums/w190/k_toonni/7.png
http://i176.photobucket.com/albums/w190/k_toonni/71.png
http://i176.photobucket.com/albums/w190/k_toonni/72.png
http://i176.photobucket.com/albums/w190/k_toonni/73.png
http://i176.photobucket.com/albums/w190/k_toonni/74.png
http://i176.photobucket.com/albums/w190/k_toonni/75.png
http://i176.photobucket.com/albums/w190/k_toonni/8.png

squid.conf

# -------------------------------------------------------------------------------------------------------------------------------------------------------------------- #
# SquidNT 2.5 STABLE12-NT Delay Pools #
# Powerd By MR.Siam@CaFe #
# SquidNT Config By MR.Jasda2003 @ siamcafe #
# -------------------------------------------------------------------------------------------------------------------------------------------------------------------- #
# NETWORK OPTIONS
# -------------------------------------------------------------------------------------------------------------------------------------------------------------------- #

http_port 8080

httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

# -------------------------------------------------------------------------------------------------------------------------------------------------------------------- #
# OPTIONS WHICH AFFECT THE NEIGHBOR SELECTION ALGORITHM
# -------------------------------------------------------------------------------------------------------------------------------------------------------------------- #

cache_peer 192.168.1.224 parent 8080 0 no-query
hierarchy_stoplist cgi-bin ? .pl .cgi .php .php3 .php4 .shtml
acl QUERY urlpath_regex cgi-bin \? .pl .cgi .php .php3 .php4 .shtml
no_cache deny QUERY

# -------------------------------------------------------------------------------------------------------------------------------------------------------------------- #
# OPTIONS WHICH AFFECT THE CACHE SIZE
# -------------------------------------------------------------------------------------------------------------------------------------------------------------------- #

#cache_mem xxx MB
cache_mem 256 MB
cache_swap_low 90
cache_swap_high 95
maximum_object_size 4096 KB
minimum_object_size 0 KB
maximum_object_size_in_memory 8 KB

# -------------------------------------------------------------------------------------------------------------------------------------------------------------------- #
# LOGFILE PATHNAMES AND CACHE DIRECTORIES
# -------------------------------------------------------------------------------------------------------------------------------------------------------------------- #

cache_dir ufs C:/squid/var/cache/cache1 512 24 256
cache_dir ufs C:/squid/var/cache/cache2 512 24 256
cache_access_log none
cache_log none
cache_store_log none
mime_table c:/squid/etc/mime.conf
referer_log C:/squid/var/logs/http.log
pid_filename none

# -------------------------------------------------------------------------------------------------------------------------------------------------------------------- #
# OPTIONS FOR EXTERNAL SUPPORT PROGRAMS
# -------------------------------------------------------------------------------------------------------------------------------------------------------------------- #

#auth_param basic program C:/squid/libexec/ncsa_auth.exe C:/squid/etc/passwd
#auth_param basic children 3
#auth_param basic realm SquidNT Proxy Server
#auth_param basic credentialsttl 2 hours
#auth_param basic casesensitive off
#authenticate_ttl 1 hour

# -------------------------------------------------------------------------------------------------------------------------------------------------------------------- #
# OPTIONS FOR TUNING THE CACHE
# -------------------------------------------------------------------------------------------------------------------------------------------------------------------- #

refresh_pattern -i .(class|pdf|rtf|doc|wp|wp5|ps|prn)$ 1440 90% 1440 override-lastmod override-expire reload-into-ims ignore-reload
refresh_pattern -i .(mov|avi|mpg|wav|au|mid|mp3)$ 1440 100% 1440 override-lastmod override-expire reload-into-ims ignore-reload
refresh_pattern -i .(zip|gz|arj|lha|lzh|rar|tgz|tar|Z)$ 1440 80% 1440 override-lastmod override-expire reload-into-ims ignore-reload
refresh_pattern -i .(jpg|gif|jpeg|png|css|js)$ 1440 19000% 1440 override-lastmod override-expire reload-into-ims ignore-reload
refresh_pattern -i .(bmp|tif|tiff|xbm)$ 1440 17000% 1440 override-lastmod override-expire reload-into-ims ignore-reload
refresh_pattern -i .(png|swf)$ 1440 18000% 1440 override-lastmod override-expire reload-into-ims ignore-reload
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320

# -------------------------------------------------------------------------------------------------------------------------------------------------------------------- #
# ACCESS CONTROLS
# -------------------------------------------------------------------------------------------------------------------------------------------------------------------- #

#######################################################################################################################
#acl password proxy_auth REQUIRED
#######################################################################################################################
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 192.168.1.224/255.255.255.0
acl localnet src 192.168.1.1/255.255.255.0
acl SSL_ports port 443 563
acl Safe_ports port 21 70 80 210 280 443 563 488 591 777 1025-65535
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
#######################################################################################################################
#################################### acl daytime time [day-abbrevs] [h1:m1-h2:m2] ########################################
#################################### S-Sunday 08:00-17:00 ########################################
#################################### M-Monday ########################################
#################################### T-Tuesday ########################################
#################################### W-Wednesday ########################################
#################################### H-Thursday ########################################
#################################### F-Friday ########################################
#################################### A-Saturday ########################################
#######################################################################################################################
#acl daytime time M-Monday 08:00-17:00
#######################################################################################################################
#acl download urlpath_regex -i "C:/squid/block/block_file_download.conf"
#acl bandwidfile urlpath_regex -i "C:/squid/etc/file_bandwid.conf"
#acl domains dstdomain "C:/squid/block/block_domains.conf"
#acl full_download src "C:/squid/etc/ip_full_download.conf"
#acl words url_regex "C:/squid/block/block_words.conf"
#acl blocktime src 'C:/squid/block/block_ip_time.conf'
#acl sites url_regex "C:/squid/block/block_sites.conf"
#acl blockclient src "C:/squid/block/block_ip.conf"
#acl urlip dst "C:/squid/block/block_url_ip.conf"
#http_access deny download all !full_download
#######################################################################################################################
#http_access deny daytime blocktime
#######################################################################################################################
#http_access deny blockclient
#http_access deny domains
#http_access deny words
#http_access deny urlip
#http_access deny sites
http_access allow localhost
#######################################################################################################################
#http_access allow password
#######################################################################################################################
http_access allow localnet
http_access deny all

# -------------------------------------------------------------------------------------------------------------------------------------------------------------------- #
# ADMINISTRATIVE PARAMETERS
# -------------------------------------------------------------------------------------------------------------------------------------------------------------------- #

cache_mgr Administrator
cache_effective_user squid
cache_effective_group squid
visible_hostname Siamcafe@net

# -------------------------------------------------------------------------------------------------------------------------------------------------------------------- #
# MISCELLANEOUS
# -------------------------------------------------------------------------------------------------------------------------------------------------------------------- #

reload_into_ims on

# -------------------------------------------------------------------------------------------------------------------------------------------------------------------- #
# DELAY POOL PARAMETERS
# -------------------------------------------------------------------------------------------------------------------------------------------------------------------- #

#delay_pools 2
#delay_class 1 2
#delay_class 2 2
#delay_access 1 allow bandwidfile localnet
#delay_access 1 deny all
#delay_access 2 allow localnet
#delay_access 2 deny all
#delay_parameters 1 -1/-1 20000/20000
#delay_parameters 2 51200/51200 25000/25000
ie_refresh on

# -------------------------------------------------------------------------------------------------------------------------------------------------------------------- #
# Copyright 2006 Siamcafe@net co.ltd All Rights Reserved
# -------------------------------------------------------------------------------------------------------------------------------------------------------------------- #
------------------------

leroi

Because printing at home for consumers is potentially time consuming, costly, or low quality, a number of providers offer the ability to create high quality prints from digital photos, 70-272 exam printed digitally on photographic paper. Typically the customer uploads their digital photos to the site and then orders prints and gifts which are then delivered by mail.MB2-633 exam To facilitate the sale of prints and gifts to family and friends, these sites typically offer a limited form of photo sharing. Because the primary revenue model is to sell the consumer back their digital information in the form of prints and gifts, the online albums typically do not allow friends and family to download the full size original images, 1z0-047 exam and the images may be deleted if no purchases are made. Nevertheless, because the primary revenue model of the printing sites is to sell prints and gifts, the photo sharing service is free and hence attractive to many consumers.

ผู้เขียน หัวข้อ: ปรึกษา Kerio Winrout Firewall กับ การทำ transparent proxy (อ่าน 4208 ครั้ง)

ball_daredevil

ปรึกษา Kerio Winrout Firewall กับ การทำ transparent proxy

leroi

Re: ปรึกษา Kerio Winrout Firewall กับ การทำ transparent proxy