Squid + PAM Faʻamaonia i CentOS 7- SMB Networks

Faʻasino lautele o le faʻasologa: Fesootaiga komepiuta mo SMEs: Faatomuaga

Tusitala: Federico Antonio Valdes Toujague
federicotoujague@gmail.com
https://blog.desdelinux.net/author/fico

Talofa uo ma uo!

O le ulutala o le tusitusiga e tatau ona: «MATE + NTP + Dnsmasq + Gateway Service + Apache + Squid ma le PAM Faʻamaonia i le Centos 7 - SME Fesootaiga«. Mo mafuaʻaga tatau tatou faʻapuʻupuʻuina.

Matou te faʻaauau pea ma le faʻamaoniga i tagata faʻaoga i luga o le Linux computer faʻaaogaina PAM, ma o le taimi lenei o le a matou vaʻavaʻai ai pe faʻafefea ona matou saunia le Proxy service ma le Squid mo se tamaʻi fesoʻotaʻiga o komupiuta, e ala i le faʻaaogaina o faʻamaoniga faʻamaonia o loʻo teuina i luga o le komipiuta lava e tasi o loʻo tamoʻe le sapalai Squid.

E ui lava matou te iloa o se mea taatele masani i aso nei, le faʻamaoniaina o tautua faasaga i le OpenLDAP, Red Hat's Directory Server 389, Microsoft Active Directory, ma isi. Matou te talitonu e tatau ona tatou o atu mai le faigofie i le faigata.

Le

Tulaga

O se tamaʻi faʻalapotopotoga - ma e toʻaititi lava mea tau tupe- faʻapitoa e lagolagoina le faʻaogaina o le Free Software ma na filifilia ai le igoa o MaiLinux.Fan. O i latou eseese OS Tagata fiafia CentOS faʻavasega i le tasi ofisa. Na latou faʻatauina se falefaigaluega - e leʻo se tautua faʻapitoa - latou te tuʻuina atu e galulue o se "auauna."

E leʻo tele se malamalama o tagata faʻafiafia i auala e faʻatino ai se server OpenLDAP poʻo se Samba 4 AD-DC, e le mafai foi ona latou laiseneina se Microsoft Active Directory. Peitai, mo a latou galuega i aso uma latou te manaʻomia le Initaneti ulufale auaunaga ala i le sui -e faʻavavevave browsing - ma se avanoa e sefe ai a latou sili ona taua pepa ma galue o ni kopi faʻamau.

E tele na latou faʻaaogaina faʻatulafonoina Microsoft faʻagaioiga faʻagaioiga, ae manaʻo e suia i latou i le Linux-based Operating Systems, amata i le latou "Server".

Latou te naunau foʻi e fai se latou server meli e tutoʻatasi - sili atu mai le amataga - o tautua e pei o Gmail, Yahoo, HotMail, ma isi, o mea ia o loʻo latou faʻaaogaina nei.

O le Firewall ma Routing Tulafono i luma o le Initaneti o le a faʻatuina ia i le ADSL Router ua uma konekalate.

Latou te le maua se igoa moni igoa ona latou te le manaʻomia le lolomiina soʻo se tautua i luga o le Initaneti.

CentOS 7 o se 'auʻauna e aunoa ma GUI

O loʻo matou amata mai i se faʻafouga fou o se server e aunoa ma se graphic interface, ma naʻo le pau lava le filifiliga matou te filifilia i le taimi o le gaioiga o le «Atinaʻe Eseese»E pei ona tatou vaʻaia i tala ua tuanaʻi o le faasologa.

Faʻasologa muamua

[Root @ linuxbox ~] # pusi / etc / igoa ole igoa 
pusa linux

[Root @ linuxbox ~] # pusi / etc / au
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 :: 1 localhost localhost.localdomain localhost6 localhost6.localdomain6 192.168.10.5 linuxbox.fromlinux.fan linuxbox

[root @ linuxbox ~] # igoa faʻaigoa
pusa linux

[root @ linuxbox ~] # igoa faʻaigoa -f
linuxbox.fromlinux.fan

[root @ linuxbox ~] # ip addr lisi
[root @ linuxbox ~] # ifconfig -a
[root @ linuxbox ~] # ls / sys / vasega / upega /
ens32 ens34 ai

Matou te faʻaleaogaina le Network Manager

[root @ linuxbox ~] # systemctl taofi NetworkManager

[root @ linuxbox ~] # systemctl faʻaleaogaina NetworkManager

[root @ linuxbox ~] # systemctl tulaga NetworkManager
● NetworkManager.service - Network Manager Loaded: utaina (/usr/lib/systemd/system/NetworkManager.service; ua le atoatoa; tagata faʻatau preset: mafai) Faʻagaoioia: le toaga (maliu) Docs: man: NetworkManager (8)

[root @ linuxbox ~] # ifconfig -a

Matou te configure le network interface

Conn32 fesoʻotaʻiga fesoʻotaʻi LAN i le Totonu Fesootaiga

[root @ linuxbox ~] # nano / etc / sysconfig / network-scripts / ifcfg-ens32
DEVICE=ens32
ONBOOT=yes
BOOTPROTO=static
HWADDR=00:0c:29:da:a3:e7
NM_CONTROLLED=no
IPADDR=192.168.10.5
NETMASK=255.255.255.0
GATEWAY=192.168.10.1
DOMAIN=desdelinux.fan
DNS1=127.0.0.1
ZONE = lautele

[root @ linuxbox ~] # ifdown ens32 && ifup ens32

Fesoʻotaʻi fesoʻotaʻi ma le34 WAN i le Initaneti

[root @ linuxbox ~] # nano / etc / sysconfig / network-scripts / ifcfg-ens34
TUSI = ens34 ONBOOT = ioe BOOTPROTO = tumau HWADDR = 00: 0c: 29: da: a3: e7 NM_CONTROLLED = leai IPADDR = 172.16.10.10 NETMASK = 255.255.255.0 # O le ADSL router e fesoʻotaʻi i # lenei fesoʻotaʻiga ma # le tuatusi lenei IP GATEWAY = 172.16.10.1 DOMAIN = desdelinux.fan DNS1 = 127.0.0.1
ZONE = fafo

[root @ linuxbox ~] # ifdown ens34 && ifup ens34

Faʻaleleia nofoaga

[root @ linuxbox ~] # cd /etc/yum.repos.d/
[root @ linuxbox ~] # original mkdir
[root @ linuxbox ~] # mv Centos- * original /

[root @ linuxbox ~] # nano centos.repo
[Base-Repo]
name=CentOS-$releasever
baseurl=http://192.168.10.1/repos/centos/7/base/x86_64/
gpgcheck=0
enabled=1

[CentosPlus-Repo]
name=CentOS-$releasever
baseurl=http://192.168.10.1/repos/centos/7/centosplus/x86_64/
gpgcheck=0
enabled=1

[Epel-Repo]
name=CentOS-$releasever
baseurl=http://192.168.10.1/repos/centos/7/epel/x86_64/
gpgcheck=0
enabled=1

[Updates-Repo]
name=CentOS-$releasever
baseurl=http://192.168.10.1/repos/centos/7/updates/x86_64/
gpgcheck=0
enabled=1

[root @ linuxbox yum.repos.d] # yum mama uma
Polokalama na utaina: televave, faʻamamaina o ato faʻamamaina: Base-Repo CentosPlus-Repo Epel-Repo Media-Repo: Updates-Repo O le faʻamamaina o mea uma o loʻo faʻamamaina le lisi o faʻata televave
[root @ linuxbox yum.repos.d] # yum faafouga
Load Plugins: sili ona televave, langpacks Base-Repo | 3.6 kB 00:00 CentosPlus-Repo | 3.4 kB 00:00 Epel-Repo | 4.3 kB 00:00 Faʻasalalauga-Repo | 3.6 kB 00:00 Faʻaleleia-Repo | 3.4 kB 00:00 (1/9): Base-Repo / group_gz | 155 kB 00:00 (2/9): Epel-Repo / group_gz | 170 kB 00:00 (3/9): Faasalalauga-Repo / kulupu_gz | 155 kB 00:00 (4/9): Epel-Repo / updateinfo | 734 kB 00:00 (5/9): Ala o Faasalalauga-Repo / primary_db | 5.3 MB 00:00 (6/9): CentosPlus-Repo / primary_db | 1.1 MB 00:00 (7/9): Faʻafouga-Repo / primary_db | 2.2 MB 00:00 (8/9): Epel-Repo / primary_db | 4.5 MB 00:01 (9/9): Base-Repo / primary_db | 5.6 MB 00:01 Fuafuaina vave faʻata leai ni afifi faʻailogaina mo le faʻafouga

O le feau "Leai ni afifi faʻailogaina mo le faʻafouga»Ua faʻaalia talu ai i le taimi na faʻapipiʻi ai matou na faʻalauiloaina lava fale teuoloa e tasi na matou mauaina.

Centos 7 ma le MATE siʻosiʻomaga siosiomaga

Ina ia faʻaaoga meafaigaluega sili ona lelei mo le pulega faʻatasi ai ma se ata e maua mai i le CentOS / Red Hat, ma talu ai e ma te misia lava le GNOME2, na matou filifili ai e faʻapipiʻi le MATE o se siosiomaga faʻataʻitaʻi.

[root @ linuxbox ~] # yum groupinstall "X Window system"
[root @ linuxbox ~] # yum groupinstall "MATE Desktop"

Ina ia siakiina le MATE utaina lelei, matou te faʻatinoina le faʻatonuga lea i se faʻamafanafana -local pe mamao-:

[root @ linuxbox ~] # systemctl vavaeʻese graphic.target

ma e tatau ona utaina le siosiomaga desktop -i le au a le lotoifale- sologa lelei, faʻaali le uila pei o se kalafi login. Matou te taina le igoa o le tagata faʻaoga ma lana password, ma o le a matou ulufale i le MATE.

E taʻu atu i le faatulagaga o le tulaga le faʻamau tulaga o le 5 -faʻamatalaina siʻosiʻomaga- matou te faia le faʻailoga faʻatusa lenei:

[root @ linuxbox ~] # ln -sf /lib/systemd/system/runlevel5.target /etc/systemd/system/default.target

Matou te toefausia le polokalama ma e lelei mea uma.

Matou te faʻapipiʻiina le Taimi Taimi mo Fesootaiga

[root @ linuxbox ~] # yum faatuina ntp

I le taimi o le faapipiiina tatou configure o le i le lotoifale uati o le a faʻatasia ma le taimi tautua o masini sysadmin.fromlinux.fan ma le IP 192.168.10.1. Ma, matou te sefeina le faila ntp.conf muamua e:

[root @ linuxbox ~] # cp /etc/ntp.conf /etc/ntp.conf.original

Lenei, matou te fausiaina se fou ma mea nei:

[root @ linuxbox ~] # nano /etc/ntp.conf # Servers configured i le taimi o le faʻapipiʻiina: server 192.168.10.1 iburst # Mo nisi faʻamatalaga, vaʻai i le itulau a aliʻi o: # ntp.conf (5), ntp_acc (5) , ntp_auth (5), ntp_clock (5), ntp_misc (5), ntp_mon (5). driftfile / var / lib / ntp / drift # Faʻatagaina le faʻasologa faʻatasi ma le punavai o le taimi, ae aua le # faʻatagaina le mafuaʻaga e faʻafesoʻotaʻi pe suia lenei tautua tapulaʻa le faʻamau nomodify notrap nopeer noquery # Faʻatagaina uma auala i le interface Loopback faʻatapulaaina 127.0.0.1 faʻatapulaʻa :: 1 # Faʻagata laititi ifo i komupiuta ile upega tafailagi. faʻatapulaʻa 192.168.10.0 mask 255.255.255.0 nomodify notrap # Faʻaaoga le lautele o le poloketi pool.ntp.org # Afai e te manaʻo e auai i le poloketi asiasi # (http://www.pool.ntp.org/join.html). #broadcast 192.168.10.255 autokey # broadcast server broadcastclient # broadcast client #broadcast 224.0.1.1 autokey # multicast server #multicastclient 224.0.1.1 # multicast client #manycastserver 239.255.254.254 # manycast server #manycastclient 239.255.254.254 client 192.168.10.255ey broadcastclient 4 client 8ey broadcastclient 42 client 8ey broadcastclient 8 # Faʻagaoioi i tagata lautele cryptography. #crypto aofia ai / etc / ntp / crypto / pw # Faila autu e iai ki ma faʻailoga autu # faʻaaogaina a o faʻagaioia ma symmetric ki cryptography ki / etc / ntp / ki # Faʻamaonia le talitonuina ki faʻailoa. #trustedkey 2013 5211 XNUMX # Faʻamaonia le faʻailoga autu e faʻaaoga ma le ntpdc aoga. #requestkey XNUMX # Faʻamaonia le faʻailoga autu e faʻaaoga ma le ntpq aoga. #controlkey XNUMX # Faʻaola tusitusiga o fuainumera lesitala. #statistics clockstats cryptostats loopstats peertats # Faʻamuta le vaʻavaʻaia o puipuiga e puipuia ai le faʻateleina o # osofaʻiga i le faʻaogaina o le ntpdc monlist command, pe a le aofia ai le # constraint e le aofia ai le fuʻa a le taua. Faitau le CVE-XNUMX-XNUMX # mo nisi faʻamatalaga. # Faʻaliga: O le Monitor e le o le atoatoa ma le tapulaʻa tapulaʻa fuʻa. faʻapipiʻi le mataitu

Matou te faʻatagaina, amata ma siaki le tautua NTP

[root @ linuxbox ~] # systemctl tulaga ntpd
● ntpd.service - Network Time Service Loaded: utaina (/usr/lib/systemd/system/ntpd.service; le atoatoa; faleoloa faʻatonu: le atoatoa) Toaga: le toaga (maliu)

[root @ linuxbox ~] # systemctl faʻatagaina ntpd
Fausia symlink mai /etc/systemd/system/multi-user.target.wants/ntpd.service i le /usr/lib/systemd/system/ntpd.service.

[root @ linuxbox ~] # systemctl amata ntpd
[root @ linuxbox ~] # systemctl tulaga ntpd

[root @ linuxbox ~] # systemctl tulaga ntpdntpd.service - Auaunaga Taimi Network
   Utaina: utaina (/usr/lib/systemd/system/ntpd.service; mafai; tagata faʻatau preset: le atoatoa) Toaga: toaga (tamoʻe) talu mai Fri 2017-04-14 15:51:08 EDT; 1s talu ai Faʻagasologa: 1307 ExecStart = / usr / sbin / ntpd -u ntp: ntp $ OPTIONS (code = exited, status = 0 / SUCCESS) Autu PID: 1308 (ntpd) CGroup: /system.slice/ntpd.service └─ 1308 / usr / sbin / ntpd -u ntp: ntp -g

Ntp ma le Afi Afi

[root @ linuxbox ~] # firewall-cmd --get-active-sone
ese
  vaʻaiga: ens34
lautele
  vaʻaiga: ens32

[root @ linuxbox ~] # firewall-cmd --zone = lautele --add-port = 123 / udp --permanent
manuia
[root @ linuxbox ~] # firewall-cmd - toe uta
manuia

Matou te faʻatagaina ma faʻatulaga le Dnsmasq

E pei ona matou vaʻaia i le mataupu muamua i le Small Business Networks series, Dnsamasq ua faʻapipiʻi e ala i le CentOS 7 Infrastructure Server.

[root @ linuxbox ~] # systemctl tulaga dnsmasq
● dnsmasq.service - DNS caching server. Uta: utaina (/usr/lib/systemd/system/dnsmasq.service; le atoatoa; tagata faʻatau preset: le atoatoa) Toʻaga: le toaga

[root @ linuxbox ~] # systemctl faʻatagaina dnsmasq
Fausia symlink mai /etc/systemd/system/multi-user.target.wants/dnsmasq.service i le /usr/lib/systemd/system/dnsmasq.service.

[Root @ linuxbox ~] # systemctl amata dnsmasq
[root @ linuxbox ~] # systemctl tulaga dnsmasq
● dnsmasq.service - DNS caching server. Utaina: utaina (/usr/lib/systemd/system/dnsmasq.service; mafai; tagata faʻatau preset: le atoatoa) Toaga: toaga (tamoʻe) talu mai Fri 2017-04-14 16:21:18 EDT; 4s talu ai PID Autu: 33611 (dnsmasq) CGroup: /system.slice/dnsmasq.service └─33611 / usr / sbin / dnsmasq -k

[root @ linuxbox ~] # mv /etc/dnsmasq.conf /etc/dnsmasq.conf.original

[root @ linuxbox ~] # nano /etc/dnsmasq.conf
# ----------------- ---------------- * # AOTELEGA AOAO # ----------------------------- ------------------------------------ domain-manaomia # Aua le pasi igoa e aunoa ma le vaega vaega bogus-priv # Aua le pasi tuatusi i le avanoa unrouted avanoa-host # Otometi faʻaopopo le vaega i le talimalo talimalo = ens32 # Interface LAN faʻatonu-okaina # Polokalama e fesili ai i le /etc/resolv.conf file conf-dir = / etc /dnsmasq.d domain = desdelinux.fan # Domain name address = / time.windows.com / 192.168.10.5 # Auina se avanoa avanoa o le tau aoga WPAD. Manaʻomia mo # Windos 7 ma mulimuli ane tagata faʻatau e amio lelei. ;-) dhcp-options = 252, "\ n" # Faila o le a matou faʻailoaina ai le HOSTS o le a "faʻasaina" addn-host = / etc / banner_add_hosts local = / desdelinux.fan / # ---------- ------------- ------- # REGISTROSCNAMEMXTXT # ----------------- --------------------------- # Lenei ituaiga o lesitala manaʻomia se ulufale # i le / etc / 'au faila # eg: 192.168.10.5 linuxbox.fromlinux.fan linuxbox # cname = ALIAS, REAL_NAME cname = mail.fromlinux.fan, linuxbox.fromlinux.fan # MX Faʻamaumauga # Faʻafoʻi mai se faamaumauga MX ma le igoa "desdelinux.fan" fuafuaina # mo le mail.desdelinux computer. ili ma le faʻamuamua o le 10 mx-host = desdelinux.fan, mail.desdelinux.fan, 10 # O le taunuʻuga taunuʻu mo MX faamaumauga na faia # faʻaaogaina le localmx filifiliga o le: mx-target = mail.desdelinux.fan # Returns se faamaumauga MX tusi i le mx-taulaʻi mo UMA # masini i le lotoifale localmx # TXT faamaumauga. E mafai foi ona matou faʻalauiloa se faʻamaumauga a le SPF txt-record = desdelinux.fan, "v = spf1 a -all" txt-record = desdelinux.fan, "DesdeLinux, your Blog dedicated to Free Software" # --------- ------------- -------- # FUA MA USOPTIONS # ----------------- ---------------------------- # IPv4 tele ma lisi lisi # 1 i le 29 e mo Servers ma isi dhcp manaʻoga -Range = 192.168.10.30,192.168.10.250,8h dhcp-lease-max = 222 # Le aofai o numera o tuatusi e lisiina # i le le masani ai e 150 # IPV6 tele # dhcp-range = 1234 ::, ra-only # Filifiliga mo le FUAFUA # FILIFILIGA dhcp-filifiliga = 1,255.255.255.0 # NETMASK dhcp-filifiliga = 3,192.168.10.5 # ROUTER GATEWAY dhcp-filifiliga = 6,192.168.10.5 # DNS Servers dhcp-options = 15, desdelinux.fan # DNS Domain Name dhcp-filifiliga = 19,1 , 28,192.168.10.255 # filifiliga ip-lafo I luga o dhcp-filifiliga = 42,192.168.10.5 # BROADCAST dhcp-filifiliga = XNUMX # NTP dhcp-aloaʻia # Faʻatonutonu DHCP i luga o laina lalo # ---------------- ---------------- ----------------------------------- # Afai e te manaʻo e teu i / var / log / savali le ogalaau o le fesili # faʻavasega le laina i lalo # ----------------- ----------------------------
# log-fesili
# FAʻAIUGA o faila /etc/dnsmasq.conf # ----------------- ----------------------------

Matou te faia le faila / etc / banner_add_hosts

[root @ linuxbox ~] # nano / etc / banner_add_hosts
192.168.10.5 windowsupdate.com 192.168.10.5 ctldl.windowsupdate.com 192.168.10.5 ocsp.verisign.com 192.168.10.5 csc3-2010-crl.verisign.com 192.168.10.5 www.msftncsi.com 192.168.10.5 ipv6.msftncsi.com 192.168.10.5 teredo.ipv6.microsoft.com 192.168.10.5 ds.download.windowsupdate.com 192.168.10.5 download.microsoft.com 192.168.10.5 fe2.update.microsoft.com 192.168.10.5 crl.microsoft.com 192.168.10.5 www .download.windowsupdate.com 192.168.10.5 win8.ipv6.microsoft.com 192.168.10.5 spynet.microsoft.com 192.168.10.5 spynet1.microsoft.com 192.168.10.5 spynet2.microsoft.com 192.168.10.5 spynet3.microsoft.com 192.168.10.5. 4 spynet192.168.10.5.microsoft.com 5 spynet192.168.10.5.microsoft.com 15 office192.168.10.5client.microsoft.com 192.168.10.5 addons.mozilla.org XNUMX crl.verisign.com

Faʻamau IP tuatusi

[root @ linuxbox ~] # nano / etc / au
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 :: 1 localhost localhost.localdomain localhost6 localhost6.localdomain6 192.168.10.5 linuxbox.fromlinux.fan linuxbox 192.168.10.1 sysadmin.fromlinux.fan sysadmin

Matou te faʻatulagaina le faila /etc/resolv.conf - fofo

[root @ linuxbox ~] # nano /etc/resolv.conf
suʻe le desdelinux.fan nameserver 127.0.0.1 # Mo fesili i fafo pe le o le domain DNS fesili # desdelinux.fan # local = / desdelinux.fan / nameserver 8.8.8.8

Matou te siaki faila faʻamatalaga dnsmasq.conf, matou amata ma siaki le tulaga o le tautua

[root @ linuxbox ~] # dnsmasq --test
dnsmasq: syntax siaki OK.
[root @ linuxbox ~] # systemctl toe amata le dnsmasq
[root @ linuxbox ~] # systemctl tulaga dnsmasq

Dnsmasq ma le Uila

[root @ linuxbox ~] # firewall-cmd --get-active-sone
ese
  vaʻaiga: ens34
lautele
  vaʻaiga: ens32

Auaunaga DOMAIN o Domain Name Server (dns). Tulafono Faʻavae swipe «IP ma Encryption«

[root @ linuxbox ~] # firewall-cmd --zone = lautele --add-port = 53 / tcp --permanent
manuia
[root @ linuxbox ~] # firewall-cmd --zone = lautele --add-port = 53 / udp --permanent
manuia

Dnsmasq fesili i fafo DNS tautua

[root @ linuxbox ~] # firewall-cmd --zone = fafo --add-port = 53 / tcp --permanent
manuia
[root @ linuxbox ~] # firewall-cmd --zone = fafo --add-port = 53 / udp --permanent
manuia

Auaunaga ato faʻamau o BOOTP tautua (dhcp). Tulafono Faʻavae ippc «Initaneti Pluribus Packet Core«

[root @ linuxbox ~] # firewall-cmd --zone = lautele --add-port = 67 / tcp --permanent
manuia
[root @ linuxbox ~] # firewall-cmd --zone = lautele --add-port = 67 / udp --permanent
manuia

[root @ linuxbox ~] # firewall-cmd - toe uta
manuia

[root @ linuxbox ~] # firewall-cmd --info-sone lautele lautele (toaga)
  taulaiga: faaletonu icmp-poloka-inversion: leai interfaces: ens32 punavai: tautua: dhcp dns ntp ssh ports: 67 / tcp 53 / udp 123 / udp 67 / udp 53 / tcp aiaiga: masquerade: leai agai i luma-taulaga: sourceports: icmp -blocks: mauoa tulafono:

[root @ linuxbox ~] # firewall-cmd --info-sone i fafo atu i fafo (toaga)
  taulaʻiga: faaletonu icmp-poloka-inversion: leai interfaces: ens34 mafuaʻaga: auaunaga: dns taulaga: 53 / udp 53 / tcp aiaiga: masquerade: ioe agai i luma-taulaga: punavai: icmp-poloka: parakalafa-faʻafitauli router-faʻasalalauga router- solicitation punavai-tineia tulafono mauoa:

Afai matou te mananaʻo e faʻaaoga se vaaiga faʻafanua e configure le Firewall i le CentOS 7, matou te tilotilo i le lisi lautele - o le a faʻamoemoe i luga o le desktop siʻosiʻomaga o loʻo aliali mai ai - o le apalai «Firewall», matou te faʻatinoina ma pe a uma ona ulufale i le faʻaupuga a le tagata aʻa, o le a tatou faʻaaogaina le polokalame faʻapitoa e pei o lea. I le MATE o loʻo aliali mai i le lisi lisi «System »->" Administration "->" Firewall ".

Matou te filifilia le Eria «lautele»Ma matou te faʻatagaina Auaunaga matou te mananaʻo e lolomiina i luga o le LAN, lea e oʻo mai nei dhcp, dns, ntp ma ssh. A maeʻa ona filifilia le tautua, faʻamaonia o mea uma lava e saʻo, e tatau ona tatou faia suiga i le Runtime i le Tumau. Ina ia faia lenei mea matou te o i le Filifiliga lisi ma filifili le filifiliga «Tamoe taimi e tumau".

Mulimuli ane matou filifilia le Eria «ese»Ma matou te siakiina uafu e manaʻomia e fesoʻotaʻi ai ma le Initaneti ua matala. AUA le lolomiina Auaunaga i lenei Sone vagana ua tatou iloa lelei le mea o tatou faia!.

Aua neʻi galo ona tatou faia suiga tumau e ala i le filifiliga «Tamoe taimi e tumau»Ma toefafa le temoni FaauluuluD, taimi uma matou te faʻaaogaina ai lenei meafaigaluega mana tele.

NTP ma Dnsmasq mai le Windows 7 tagata faʻatau

Faʻatasia ma NTP

ese

Lisi IP tuatusi

Microsoft Windows [Faʻamatalaga 6.1.7601] Pule Tau Fatuga (c) 2009 Microsoft Corporation. Ua taofia aia tatau uma. C: \ Tagata faʻaaoga \ buzz> ipconfig / uma Windows IP Configuration Host Igoa. . . . . . . . . . . . : FITUGA
   Peraimeri Dns Suffix. . . . . . . :
   Node Ituaiga . . . . . . . . . . . : Hybrid IP Routing Faʻaaogaina. . . . . . . . : Leai se WINS sui e mafai. . . . . . . . : Leai se Lisi Suffix Suʻesuʻega Suffix. . . . . . : desdelinux.fan Ethernet adapter Local Area Connection: Fesoʻotaʻiga-faʻapitoa DNS Suffix. : desdelinux.fan Faʻamatalaga. . . . . . . . . . . : Intel (R) PRO / 1000 MT Fesoʻotaʻiga Fesoʻotaʻiga Tino Tuatusi. . . . . . . . . : 00-0C-29-D6-14-36 DHCP Faʻagaioia. . . . . . . . . . . : Ioe Autoconfiguration Faʻagaioia. . . . : Ma o le
   IPv4 Tuatusi. . . . . . . . . . . : 192.168.10.115 (Sili)
   Ufimata Subnet. . . . . . . . . . . : 255.255.255.0 Lisi Mauaina. . . . . . . . . . : Aso Faraile, Aperila 14, 2017 5:12:53 PM Totogi Lisi. . . . . . . . . . : Aso Toonaʻi, Aperila 15, 2017 1:12:53 AM Le Faitotoʻa. . . . . . . . . : 192.168.10.1 DHCP Tūmau. . . . . . . . . . . : 192.168.10.5 DNS Servers. . . . . . . . . . . : 192.168.10.5 NetBIOS i luga o le Tcpip. . . . . . . . : Faʻaaogaina Tunnel adapter Local Area Connection * 9: Media State. . . . . . . . . . . : Faʻasalalau tuʻufaʻatasia Fesoʻotaʻiga-faʻapitoa Suffix DNS. : Faʻamatalaga. . . . . . . . . . . : Microsoft Teredo Tunneling Adapter Faʻamatalaga Tino. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Faʻaogaina. . . . . . . . . . . : Leai se faʻataʻitaʻiga otometi e mafai. . . . : Ioe Tunnel adapter isatap.fromlinux.fan: Ala o Faasalalauga Itumalo. . . . . . . . . . . : Faʻasalalau tuʻufaʻatasia Fesoʻotaʻiga-faʻapitoa Suffix DNS. : desdelinux.fan Faʻamatalaga. . . . . . . . . . . : Microsoft ISATAP Adapter # 2 Faʻamatalaga Tino. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Faʻaogaina. . . . . . . . . . . : Leai se faʻataʻitaʻiga otometi e mafai. . . . : Ioe C: \ Tagata faʻaaoga \ buzz>

meaalofa tupe

O se taua taua i Windows tagata faʻatau o le "Peraimeri Dns Suffix" poʻo le "Autu fesoʻotaʻiga faʻatumu". A le faʻaaogaina le Microsoft Domain Controller, e le tuʻuina atu i ai e le faʻagaioiga ni mea taua. Afai o matou feagai ma se mataupu pei o le tasi na faʻamatalaina i le amataga o le tusitusiga ma matou te mananaʻo e faʻailoa manino atu lena taua, e tatau ona tatou alualu i luma e tusa ma le mea o loʻo faʻaalia i le ata lenei, talia suiga ma toe amata le tagata o tausia.

 

Afai tatou te toe tamoʻe CMD -> ipconfig / uma o le a matou mauaina mea nei:

Microsoft Windows [Faʻamatalaga 6.1.7601] Pule Tau Fatuga (c) 2009 Microsoft Corporation. Ua taofia aia tatau uma. C: \ Tagata faʻaaoga \ buzz> ipconfig / uma Windows IP Configuration Host Igoa. . . . . . . . . . . . : FITUGA
   Peraimeri Dns Suffix. . . . . . . : desdelinux.fan
   Node Ituaiga . . . . . . . . . . . : Hybrid IP Routing Faʻaaogaina. . . . . . . . : Leai se WINS sui e mafai. . . . . . . . : Leai se Lisi Suffix Suʻesuʻega Suffix. . . . . . : desdelinux.fan

O totoe o tau aoga tumau pea le suia

DNS siaki

buzz @ sysadmin: ~ $ talimalo spynet.microsoft.com
spynet.microsoft.com ei ai le tuatusi 127.0.0.1 Host spynet.microsoft.com e le maua: 5 (REFUSED) spynet.microsoft.com meli o loʻo tagofia e le 1 mail.fromlinux.fan.

buzz @ sysadmin: ~ $ talimalo linuxbox
linuxbox.desdelinux.fan ei ai le tuatusi 192.168.10.5 linuxbox.desdelinux.fan meli o loʻo tagofia e le 1 mail.desdelinux.fan.

buzz @ sysadmin: ~ $ talimalo sysadmin
sysadmin.desdelinux.fan ei ai le tuatusi 192.168.10.1 sysadmin.desdelinux.fan meli o loʻo tagofia e le 1 mail.desdelinux.fan.

buzz @ sysadmin: ~ $ talimalo talimalo
mail.desdelinux.fan o se igoa faʻaigoa mo linuxbox.desdelinux.fan. linuxbox.desdelinux.fan ei ai le tuatusi 192.168.10.5 linuxbox.desdelinux.fan meli o loʻo tagofia e le 1 mail.desdelinux.fan.

Matou te faʻapipiʻi -mo naʻo suʻega- o se Pule DNS mana NSD i totonu sysadmin.fromlinux.fan, ma matou te aofia ai le tuatusi IP 172.16.10.1 i le fale teu /etc/resolv.conf o le 'au linuxbox.fromlinux.fan, ia faʻamaonia o Dnsmasq o loʻo faʻatinoina lelei lana galuega o le Forwarder. Sandboxes i luga o le NSD tautua o favt.org y toujague.org. O IP uma o ni tala faʻatupu poʻo ni fesoʻotaʻiga tumaoti.

Afai matou te faʻaleaogaina le WAN interface ens34 faʻaaogaina ole poloaʻiga ifdown ens34, Dnsmasq o le a le mafai ona fesili atu fafo DNS tautua.

[buzz @ linuxbox ~] $ sudo ifdown ens34 [buzz @ linuxbox ~] $ talimalo - mx toujague.org
Host toujague.org le maua: 3 (NXDOMAIN)

[buzz @ linuxbox ~] $ talimalo pizzapie.favt.org
Host pizzapie.favt.org le maua: 3 (NXDOMAIN)

Sei o tatou faʻatagaina le ens34 interface ma toe siaki:

[buzz @ linuxbox ~] $ sudo pe a fai o le34
buzz @ linuxbox ~] $ host pizzapie.favt.org
pizzapie.favt.org o se igoa faʻaigoa mo paisano.favt.org. paisano.favt.org ei ai le tuatusi 172.16.10.4

[buzz @ linuxbox ~] $ talimalo pizzapie.toujague.org
Host pizzas.toujague.org le maua: 3 (NXDOMAIN)

[buzz @ linuxbox ~] $ talimalo poblacion.toujague.org
poblacion.toujague.org ei ai le tuatusi 169.18.10.18

[buzz @ linuxbox ~] $ talimalo -t NS favt.org
favt.org igoa tautua ns1.favt.org. favt.org igoa tautua ns2.favt.org.

[buzz @ linuxbox ~] $ talimalo - NS toujague.org
toujague.org igoa tautua ns1.toujague.org. toujague.org igoa tautua ns2.toujague.org.

[buzz @ linuxbox ~] $ talimalo - MX toujague.org
toujague.org meli o loʻo tagofia e 10 mail.toujague.org.

Seʻi tatou talanoa mai sysadmin.fromlinux.fan:

buzz @ sysadmin: ~ $ cat /etc/resolv.conf 
saili mai linux.fan nameserver 192.168.10.5

xeon @ sysadmin: ~ $ talimalo meli.toujague.org
meli.toujague.org ei ai le tuatusi 169.18.10.19

O le Dnsmasq o galue pei I luma saʻo

Squid

I le tusi i le PDF format «Linux Server Configuration»Faʻailogaina Iulai 25, 2016, e le Tusitala Joel Barrios Duenas (darkshram@gmail.com - http://www.alcancelibre.org/), tusitusiga na ou taʻua i tala muamua, o loʻo iai se mataupu atoa e tuʻuina atu i le Filifili Faʻavae Suʻega autu.

Ona o le taua o le Upega Tafaʻilagi - Auaunaga sui, ua matou toe gaosia ai le Faʻatomuaga na faia e uiga i le Squid i le tusi ua taua muamua:

105.1. Faatomuaga.

105.1.1. O le a le Intermediary Server (Proxy)?

O le faaupuga i le Igilisi "Sui" ei ai lona lautele lautele ma i le taimi lava e tasi le mautonu uiga, e ui lava
e masani ona manatu o se uiga tutusa o le manatu o "Fautua". E masani ona faʻaliliuina, i le uiga saʻo, pei sui o faʻamalosia (o le tasi e i ai le paoa i luga o le isi).

Un Tafaʻilagi Ofisa Ua faʻauigaina o se komupiuta poʻo se masini e ofaina se 'auʻaunaga tautua e aofia ai le faʻatagaina o tagata faʻatau e faia tuʻufaʻatasia fesoʻotaʻiga fesoʻotaʻiga i isi' auʻaunaga tautua. I le taimi o le gaioiga e tupu ai mea nei:

  • Faʻafesoʻotaʻi le tagata i le a Sui sui.
  • Ole tagata faatau e manaʻomia se fesoʻotaʻiga, faila, poʻo seisi punaʻoa avanoa i luga o se 'auʻaunaga eseʻese.
  • O loʻo tuʻuina atu e le 'auʻaunaga faufautua le punaoa a le ala i le fesoʻotaʻi atu i le' auʻaunaga ua faʻamaotiina
    pe tautuaina mai se pusa teu.
  • I nisi tulaga o le Tafaʻilagi Ofisa mafai ona suia le manaoga ole tagata o tausia poʻo le
    tali a le 'auʻaunaga mo faʻamoemoe eseese.

le Sui Servers e masani ona faia e galulue faʻatasi o se afi afi o loʻo faʻatautaia i le Laʻasaga tulaga, avea o se taga afifi, pei o le tulaga o iptables pe faʻagaioia i le Talosaga tulaga, faʻatonutonuina o 'eseʻese tautua, pei o le tulaga o Afifi TCP. Faʻamoemoe i le mataupu, o le afi puipui e taʻua foi o BPD o BPoloaiga Pfeauauaʻii Device pe naʻo taga afifi.

O se faʻaaoga masani o Sui Servers o le galue o se cache o fesoʻotaʻiga mataupu (tele HTTP), saunia i le vavalalata o tagata o tausia se cache o itulau ma faila avanoa e ala i le upega tafailagi i luga o mamao HTTP tautua, faʻatagaina tagata o le lotoifale upega tafaʻilagi e ulufale ia latou i totonu o le vave ma sili atu faʻatuatuaina.

A maua se talosaga mo se faʻapitoa fesoʻotaiga punaoa i le URL (Ufa'ailoga Rpuna'oa Lfeʻe) le Tafaʻilagi Ofisa vaavaai mo le iʻuga o URL totonu o le cache. Afai e maua, o le Tafaʻilagi Ofisa Tali atu i le tagata faʻatau ile saunia vave o mea na talosagaina. Afai e le o iai le mea na talosagaina i totonu o le cache, o le Tafaʻilagi Ofisa o le a aumaia mai se taumamao server, tuʻuina atu i le tagata o tausia na talosagaina ia ma teuina se kopi i le cache. O mea i totonu o le cache ua aveʻese e ala i le faʻamutaina algorithm e tusa ai ma le tausaga, tele ma le talafaʻasolopito o tali i talosaga (hits) (faʻataʻitaʻiga: LRU, LFUDA y GDSF).

Proxy Servers mo Network content (Upega Tafaʻilagi Proxies) mafai foi ona avea o ni faamama o le anotusi tautua, faʻaogaina o tulafono mo faʻasalaga e tusa ai ma le faʻatulafonoina aiaiga..

O le Squid version o le a matou faʻapipiʻiina o 3.5.20-2.el7_3.2 mai le fale teu oloa faafouga.

Faʻatulagaga

[Root @ linuxbox ~] # yum install squid

[Root @ linuxbox ~] # ls / etc / squid /
cachemgr.conf errorpage.css.default  squid.conf
cachemgr.conf.default mime.conf              squid.conf.default
errorpage.css mime.conf.default

[Root @ linuxbox ~] # systemctl faʻafaigofie ai le heʻe

Taua

  • O le autu autu o lenei tusitusiga o le Faʻatagaina tagata faʻaoga i le lotoifale e fesoʻotaʻi ma Squid mai isi komipiuta fesoʻotaʻi i le LAN. I se faʻaopopoga, faʻatino le autu o se 'auʻaunaga o le a faʻaopopoina isi tautua. E leʻo se tusitusiga faʻapitoa i le Squid faʻapea.
  • Ina ia maua se aitia o filifiliga filifiliga a le Squid, faitau le /usr/share/doc/squid-3.5.20/squid.conf.documented faila, o loʻo i ai laina 7915.

SELinux ma Squid

[root @ linuxbox ~] # getebool -a | grep squid
squid_connect_any -> luga ole squid_use_tproxy -> tapē

[root @ linuxbox ~] # setebool -P squid_connect_any = on

Seti

[root @ linuxbox ~] # nano /etc/squid/squid.conf
# LAN acl localnet src 192.168.10.0/24 acl SSL_ports taulaga 443 21
acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # porte lesitala acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filmaker acl Safe_ports port 777 # multiling http acl CONNECT metotia CONNECT # Matou te faafitia fesili mo ua le saogalemu puipuiga http_access deny! Safe_ports # Matou te faafitia le CONNECT metotia mo le saogalemu puipuiga uafu http_access faafesootaʻi! SSL_ports # Avanoa i Naʻo le pule ole cache mai le localhost http_access faʻatagaina le localhost manager http_access deny manager # Matou te matua fautuaina le mea lea e le faʻamalieina e puipui ai le mama le aoga # upega tafailagi o loʻo tamoʻe i luga o le sui sui o loʻo manatu e naʻo le # tasi e mafai ona faʻaaoga tautua i luga o le "localhost" o se nofoaga tagata faʻaoga http_access faafitia le_localhost # # FAI SAU LAVA TUPULU LAVA (S) IINI E FAʻAFIA AI LE TALI MAI LAʻU FUAFUAGA # # PAM faʻatagaina
auth_param polokalame autu / usr / lib64 / squid / basic_pam_auth
auth_param basic fanau 5 auth_param basic malo mai linux.fan auth_param basic credentialsttl 2 itula auth_param basic caseensitive off # Acl authentication e manaʻomia e ulufale ai i le Squid Enthusiasts proxy_auth FAʻAILOINA # Matou te faʻatagaina le ulufale atu i faʻamaonia tagata faʻaoga # ala i le PAM http_access faafitia acl ftp proto FTP http_access faʻatagaina ftp http_access faʻatagaina localnet http_access faʻatagaina localhost # Matou te faʻafitia seisi auala i le sui http_access faʻafitia uma # Squid masani faʻalogo i luga o le taulaga 3128 http_port 3128 # Matou te tuua le "coredumps" i le muamua cache faʻasinoala coredump_dir / var / spool / squid # # Faʻaopopo ni au oe lava tusiga faʻamamafa i luga atu o mea ia. # refresh_pattern ^ ftp: 1440 20% 10080 refresh_pattern ^ gopher: 1440 0% 1440 refresh_pattern -i (/ cgi-bin / | \?) 0 0% 0 refresh_pattern. 0 20% 4320 cache_mem 64 MB # Cache memory memory_replacement_policy lru cache_replacement_policy heap LFUDA cache_dir aufs / var / spool / squid 4096 16 256 maximum_object_size 4 MB cache_swap_low 85 cache_swap_highux 90 cache_mgr buzz@desuxinxname.info

Matou te siakiina le faʻamatalaga o le faila /etc/squid/squid.conf

[root @ linuxbox ~] # squid -k parse
2017/04/16 15: 45: 10 | Amataina: Faʻailoaina o Polokalame Faʻamaonia muamua ...
 2017/04/16 15: 45: 10 | Amataina: Polokalame Faʻamaonia Amua 'amata' 2017/04/16 15: 45: 10 | Amataina: Initialized Authentication Scheme 'digest' 2017/04/16 15: 45: 10 | Amataina: Polokalame Faʻamaonia muamua 'feutanaʻi' 2017/04/16 15: 45: 10 | Amataina: Polokalame Faʻamaonia Atoa 'ntlm' 2017/04/16 15: 45: 10 | Amataina: Faʻamaoniaina Faʻapitoa.
 2017/04/16 15: 45: 10 | Faʻagasologa o Faʻatulagaina Faila: /etc/squid/squid.conf (loloto 0) 2017/04/16 15: 45: 10 | Faʻagasologa: acl localnet src 192.168.10.0/24 2017/04/16 15: 45: 10 | Faʻagasologa: acl SSL_ports taulaga 443 21 2017/04/16 15: 45: 10 | Faʻagasologa: acl Safe_ports port 80 # http 2017/04/16 15: 45: 10 | Faʻagasologa: acl Safe_ports port 21 # ftp 2017/04/16 15: 45: 10 | Faʻagasologa: acl Safe_ports taulaga 443 # https 2017/04/16 15: 45: 10 | Faʻagasologa: acl Safe_ports port 70 # gopher 2017/04/16 15: 45: 10 | Faʻagasologa: acl Safe_ports port 210 # wais 2017/04/16 15: 45: 10 | Faʻagasologa: acl Safe_ports taulaga 1025-65535 # uafu le faamauina 2017/04/16 15: 45: 10 | Faʻagasologa: acl Safe_ports port 280 # http-mgmt 2017/04/16 15: 45: 10 | Faʻagasologa: acl Safe_ports taulaga 488 # gss-http 2017/04/16 15: 45: 10 | Faʻagasologa: acl Safe_ports port 591 # filmaker 2017/04/16 15: 45: 10 | Faʻagasologa: acl Safe_ports port 777 # multiling http 2017/04/16 15: 45: 10 | Faʻagasologa: acl CONNECT metotia Fesoʻotaʻi 2017/04/16 15: 45: 10 | Faʻagasologa: http_access deny! Safe_ports 2017/04/16 15: 45: 10 | Faʻagasologa: http_access deny CONNECT! SSL_ports 2017/04/16 15: 45: 10 | Faʻagasologa: http_access faʻatonu localhost pule 2017/04/16 15: 45: 10 | Faʻagasologa: http_access deny manager 2017/04/16 15: 45: 10 | Faʻagasologa: http_access faafitia le_localhost 2017/04/16 15: 45: 10 | Faʻagasologa: auth_param basic program / usr / lib64 / squid / basic_pam_auth 2017/04/16 15: 45: 10 | Faʻagasologa: auth_param masani tamaiti 5 2017/04/16 15: 45: 10 | Faʻagasologa: auth_param faavae malo mai linux.fan 2017/04/16 15: 45: 10 | Faʻagasologa: auth_param basic credentialsttl 2 itula 2017/04/16 15: 45: 10 | Faʻagasologa: auth_param basic caseensitive off 2017/04/16 15: 45: 10 | Faʻagasologa: acl Tagata fiafia proxy_auth MANAʻO 2017/04/16 15: 45: 10 | Faʻagasologa: http_access deny! Tagata fiafia 2017/04/16 15: 45: 10 | Faʻagasologa: acl ftp proto FTP 2017/04/16 15: 45: 10 | Faʻagasologa: http_access faʻatagaina ftp 2017/04/16 15: 45: 10 | Faʻagasologa: http_access faʻatonu localnet 2017/04/16 15: 45: 10 | Faʻagasologa: http_access faʻatonu localhost 2017/04/16 15: 45: 10 | Faʻagasologa: http_access faafitia uma 2017/04/16 15: 45: 10 | Faʻagasologa: http_port 3128 2017/04/16 15: 45: 10 | Faʻagasologa: coredump_dir / var / spool / squid 2017/04/16 15: 45: 10 | Faʻagasologa: refresh_pattern ^ ftp: 1440 20% 10080 2017/04/16 15: 45: 10 | Faʻagasologa: refresh_pattern ^ gopher: 1440 0% 1440 2017/04/16 15: 45: 10 | Faʻagasologa: refresh_pattern -i (/ cgi-bin / | \?) 0 0% 0 2017/04/16 15: 45: 10 | Faʻagasologa: refresh_pattern. 

Matou te faʻatagaina faʻatagaina i totonu / usr / lib64 / squid / basic_pam_auth

[root @ linuxbox ~] # chmod u + s / usr / lib64 / squid / basic_pam_auth

Matou te fausiaina le pusa tusi

# Na o le mea lava ... [root @ linuxbox ~] # tautua sikoa taofi
Faʻatonutonu i le / lapisi / systemctl taofi leʻu.service

[root @ linuxbox ~] # squid -z
[Root @ linuxbox ~] # 2017/04/16 15:48:28 kid1 | Seti Nei Lisi Faʻasinoga i / var / spool / squid 2017/04/16 15:48:28 kid1 | Fausiaina o lesitala fesuiaʻiga o fesuiaiga 2017/04/16 15:48:28 kid1 | / var / spool / squid loʻo iai 2017/04/16 15:48:28 kid1 | Faia tusi faʻasino i / var / spool / squid / 00 2017/04/16 15:48:28 kid1 | Faia tusi faʻasino i / var / spool / squid / 01 2017/04/16 15:48:28 kid1 | Faia tusi faʻasino i / var / spool / squid / 02 2017/04/16 15:48:28 kid1 | Faia tusi faʻasino i / var / spool / squid / 03 2017/04/16 15:48:28 kid1 | Faia tusi faʻasino i / var / spool / squid / 04 2017/04/16 15:48:28 kid1 | Faia o faʻasino i / var / spool / squid / 05 2017/04/16 15:48:28 kid1 | Faia tusi faʻasino i / var / spool / squid / 06 2017/04/16 15:48:28 kid1 | Faia tusi faʻasino i / var / spool / squid / 07 2017/04/16 15:48:28 kid1 | Faia tusi faʻasino i / var / spool / squid / 08 2017/04/16 15:48:28 kid1 | Faia tusi faʻasino i / var / spool / squid / 09 2017/04/16 15:48:28 kid1 | Faia o faʻasino i / var / spool / squid / 0A 2017/04/16 15:48:28 kid1 | Faia o faʻasino i / var / spool / squid / 0B 2017/04/16 15:48:28 kid1 | Faia tusi faʻasino i / var / spool / squid / 0C 2017/04/16 15:48:29 tamaititi1 | Faia tusi faʻasino i / var / spool / squid / 0D 2017/04/16 15:48:29 tamaititi1 | Faia tusi faʻasino i / var / spool / squid / 0E 2017/04/16 15:48:29 tamaititi1 | Faia o faʻasino i / var / spool / squid / 0F

Ile taimi nei, a fai e fai sina umi e toe faʻafoʻi le faʻatonuga vave - lea e le i toe foʻi mai ia te aʻu - oomi le Enter.

[root @ linuxbox ~] # amata le suʻe suʻe
[root @ linuxbox ~] # toe maua le squid tautua
[Root @ linuxbox ~] # tautua tulaga squid
Faʻatonutonu i le / bin / systemctl tulaga squid.service ● squid.service - Squid caching sui sui Avega: utaina (/usr/lib/systemd/system/squid.service; ua le atoatoa; tagata faʻatau preset: le atoatoa) Toaga: malosi (tamoʻe) talu dom 2017-04-16 15:57:27 EDT; 1s talu ai Faʻagasologa: 2844 ExecStop = / usr / sbin / squid -k shutdown -f $ SQUID_CONF (code = exited, status = 0 / SUCCESS) Faʻagasologa: 2873 ExecStart = / usr / sbin / squid $ SQUID_OPTS -f $ SQUID_CONF (code = exited, status = 0 / SUCCESS) Faʻagasologa: 2868 ExecStartPre = / usr / libexec / squid / cache_swap.sh (code = exited, status = 0 / SUCCESS) Autu PID: 2876 (squid) CGroup: /system.slice/squid .service └─2876 / usr / sbin / squid -f /etc/squid/squid.conf Apr 16 15:57:27 linuxbox systemd [1]: Amataina Squid caching sui ... Apr 16 15:57:27 linuxbox systemd [1]: Amata le suʻe sikipi sui. Ape 16 15:57:27 linuxbox squid [2876]: Squid Matua: o le a amata 1 tamaiti Ape 16 15:57:27 linuxbox squid [2876]: Squid Matua: (squid-1) gaioiga 2878 ... ed Apr 16 15 : 57: 27 linuxbox squid [2876]: Squid Matua: (squid-1) gaioiga 2878 ... 1 Fautuaga: O nisi laina na ellipsized, faaaoga -l e faʻaalia atoa

[root @ linuxbox ~] # pusi / var / log / savali | grep squid

Faʻaputuga afi

E tatau foi ona tatou tatala i le Sone «ese"uafu 80HTTP y 443 HTTPS o lea e mafai e le Squid fesoʻotaʻi ma le Initaneti.

[root @ linuxbox ~] # firewall-cmd --zone = fafo --add-port = 80 / tcp --permanent
manuia
[root @ linuxbox ~] # firewall-cmd --zone = fafo --add-port = 443 / tcp --permanent
manuia
[root @ linuxbox ~] # firewall-cmd - toe uta
manuia
[root @ linuxbox ~] # firewall-cmd --info-sone i fafo
fafo (toaga) taulaiga: faaletonu icmp-poloka-inversion: leai interfaces: ens34 punavai: auaunaga: dns taulaga: 443 / tcp 53 / udp 80 / tcp 53 / tcp
  aiaiga: masquerade: ioe luma-taulaga: punavai: icmp-poloka: parakalafa-faʻafitauli router-faʻasalalauga router-solicitation punavai-tineia tulafono mauoa:
  • E le paie alu i le tusi ata «Tulaga afi»Ma siaki poʻo vaʻa 443 tcp, 80 tcp, 53 tcp, ma le 53 udp e avanoa mo le sone«ese«, Ma matou te LEʻi faʻasalalauina se tautua mo ia.

Faʻaliga i luga o le basic_pam_auth fesoasoani fesoasoani

Afai matou te talanoa i le tusi lesona o lenei aoga e ala i tamaloa faʻavae_pam_auth O le a tatou faitau o le tusitala lava ia na faia se malosi fautuaga ina ia ave le polokalame i se tusi faʻasinoala e le lava ai faʻatagaina a tagata faʻaoga e faʻaaoga ai mea faigaluega.

I leisi itu, ua iloa o lenei faʻatagaina polokalama, o le faʻamaoniga malaga i tusitusiga faigofie ma e le saogalemu mo siʻosiʻomaga le fiafia, faitau tatala upega.

Jeff Yestrumskas faapaia le tala «Faʻafefea-i: Seti se saogalemu uepisaʻi sui faʻaaogaina le SSL faʻailogaina, Squid Caching Proxy ma le PAM faʻamaonia»I le mataupu o le faʻateleina o le saogalemu i lenei polokalame faʻamaonia ina ia mafai ai ona faʻaaogaina i ni fili teteʻe atu i fesoʻotaʻiga.

Matou te faʻapipiʻi httpd

I le avea ai o se auala e siaki ai le faʻagaioiga o Squid -ma faʻapea foi o Dnsmasq- o le a matou faʻapipiʻiina le tautua httpd -Apache 'upega tafaʻilagi faila- e le manaʻomia e faia. I le faila e faʻatatau i le Dnsmasq / etc / banner_add_hosts Matou te taʻutino atu o upega tafaʻilagi matou te mananaʻo e faʻasaina, ma matou te tuʻuina atu ma le manino ia latou tuatusi IP lava e tasi na latou mauaina pusa linux. Afai o lea, afai matou te talosagaina le ulufale i se tasi o nei 'upega tafaʻilagi, o le fale itulau o le httpd.

[root @ linuxbox ~] # yum install httpd [root @ linuxbox ~] # systemctl mafai ai httpd
Fausia symlink mai /etc/systemd/system/multi-user.target.wants/httpd.service i le /usr/lib/systemd/system/httpd.service.

[Root @ linuxbox ~] # systemctl amata httpd

[Root @ linuxbox ~] # systemctl tulaga httpd
● httpd.service - O le Apache HTTP Server Avega: utaina (/usr/lib/systemd/system/httpd.service; mafai; tagata faʻatau preset: le atoatoa) Galue: toaga (tamoʻe) talu mai le Sun 2017-04-16 16:41: 35 EDT; 5s talu ai Docs: tamaloa: httpd (8) tamaloa: apachectl (8) Autu PID: 2275 (httpd) Tulaga: "Faʻagasologa o talosaga ..." CGroup: /system.slice/httpd.service ├─2275 / usr / sbin / httpd -DFOREGROUND ├─2276 / usr / sbin / httpd -DFOREGROUND ├─2277 / usr / sbin / httpd -DFOREGROUND ├─2278 / usr / sbin / httpd -DFOREGROUND ├─2279 / usr / sbin / httpd -DFOREGROUND └─2280 / usr / sbin / httpd -DFOREGROUND Apr 16 16:41:35 linuxbox systemd [1]: Amata Le Apache HTTP Server ... Apr 16 16:41:35 linuxbox systemd [1]: Amata Le Apache HTTP Server.

SELinux ma Apache

Apache e tele ana tulafono faʻavae e faʻatulaga ai totonu o le SELinux matalalaga.

[root @ linuxbox ~] # getebool -a | grep httpd
httpd_anon_write -> off httpd_builtin_scripting -> luga httpd_can_check_spam -> off httpd_can_connect_ftp -> off httpd_can_connect_ldap -> off httpd_can_connect_mythtv -> off httpd_can_connect off_zdbi_bwork_bb_bj_bj_bj httpd_can_network_memcache -> off httpd_can_network_relay -> off httpd_can_sendmail -> off httpd_dbus_avahi -> off httpd_dbus_sssd -> off httpd_dontaudit_search_dirs -> off httpd_enable_cgi -> httpd_enable_offen off_demain httpd_graceful_shutdown -> i luga o httpd_manage_ipa -> off httpd_mod_auth_ntlm_winbind -> off httpd_mod_auth_pam -> off httpd_read_user_content -> off httpd_run_ipa -> off httpd_run_preupgrade -> off httpd_robs httpd_ssi_exec -> off httpd_sys_script_anon_write -> off httpd_tmp_exec -> off httpd_tty_comm - > off httpd_unified -> off httpd_use_cifs -> off httpd_use_fusefs -> off httpd_use_gpg -> off httpd_use_nfs -> off httpd_use_openstack -> off httpd_use_sasl -> off httpd_verify_dns -> off

O le a matou faʻatulagaina mea nei:

Lafo imeli e ala ia Apache

aa @ linuxbox ~] # setebool -P httpd_can_sendmail 1

Faʻatagaina Apache e faitau mea o loʻo i totonu o tusi fale o tagata faʻaoga

aa @ linuxbox ~] # setebool -P httpd_read_user_content 1

Faʻatagaina e faʻatautaia e ala i le FTP poʻo le FTPS soʻo se tusi faʻatonutonu e pulea e
Apache pe faʻatagaina Apache e galue o se FTP server faʻalogo mo talosaga e ala i le FTP port

[root @ linuxbox ~] # setebool -P httpd_enable_ftp_server 1

Mo nisi faʻamatalaga, faʻamolemole faitau Linux Server Configuration.

Matou te siakiina le Faʻamaoniga

E naʻo le tumau lava e tatala se browser luga o se nofoaga faigaluega ma faʻasino, mo se faʻataʻitaʻiga, i http://windowsupdate.com. O le a matou siakiina pe o le talosaga e saʻo ona toe faʻafoʻi atu i le Apache home page i le linuxbox. O le mea moni, soʻo se igoa o le 'upega tafaʻilagi ua faʻailoa mai i le faila / etc / banner_add_hosts o le a toe tuʻuina atu oe i le itulau e tasi.

O ata i le faaiuga o le tusitusiga faʻamaonia.

Tagata e Faʻatonutonu Pulega

Matou te faia e faʻaaogaina ai le mea faigaluega kalafi «Manaoga a le tagata»Lea tatou te faʻaaogaina e ala i le lisi o mea System -> Pulega -> Faʻatautaia pulega. Soʻo se taimi matou te faʻaopopoina ai se tagata fou, o lona faila e faia / fale / tagata faʻaaoga otometi.

 

Faʻasologa o kopi

Linux aufaʻatau

E naʻo lou manaʻomia le faila faila masani ma taʻu atu e te manaʻo e fesoʻotaʻi, mo se faʻataʻitaʻiga: ssh: // buzz @ linuxbox / home / buzz ma a maeʻa ona ulufale le password, o le faʻasino o le a faʻaalia aiga o le faʻaaogaina uʻamea.

Faamalama Tagata Faʻatau

I Windows tagata faʻatau, matou te faʻaaogaina le mea faigaluega WinSCP. A maeʻa ona faʻapipiʻi, matou te faʻaaogaina i le auala lea:

 

 

Faigofie, a ea?

Aotelega

Ua matou vaʻaia e mafai ona faʻaaogaina le PAM e faʻamaonia ai tautua i se tamaʻi fesoʻotaʻiga ma i se siʻosiʻomaga puleaina e matua tuʻu ese lava mai lima o hackers. E mafua ona o le mea moni o le faʻamaoniga agavaʻa femalagaaʻi i tusitusiga manino ma o lea e le o se faʻamaoniaina polokalame e faʻaaogaina i matala fesoʻotaʻiga e pei o malae vaʻalele, Wi-Fi fesoʻotaʻiga, ma isi. Peitai, o se faigofie faʻatagaina auala, faigofie e faʻatino ma configure.

Punaoa faʻatalanoa

Lomiga PDF

Lalotoso i le vaega PDF iinei.

Seia oʻo i leisi mataupu!


O mataupu o le tusitusiga e tausisi ia tatou mataupu silisili o amio lelei faʻatonu. E lipotia se mea sese kiliki iinei.

9 manatu, tuʻu lau

Tuʻu lau faamatalaga

o le a le lomia lou tuatusi imeli.

*

*

  1. E tali atu mo faʻamatalaga: Miguel Ángel Gatón
  2. Faamoemoega o faʻamatalaga: Pulea le SPAM, faʻamatalaga pulega.
  3. Tulaga faʻatulafonoina: Lau maliega
  4. Fesoʻotaʻiga o faʻamatalaga: O faʻamatalaga o le a le fesoʻotaʻi atu i isi vaega vagana i tulafono faʻatulafonoina.
  5. Teuina o faʻamatalaga: Faʻamaumauga tuʻufaʻatasia e Occentus Networks (EU)
  6. Aia Tatau: I soo se taimi e mafai ai ona e faʻatapulaʻaina, toe maua ma aveʻese au faʻamatalaga.

  1.   NauTiluS malo

    Ua maeʻa ona faamaloloina le susuga Fico. Faʻafetai mo le faʻasoaina atu o lou poto.

  2.   pili malo

    Ou te iloa le faigata o le tuʻufaʻatasia o se tusitusiga ma se tulaga o auiliiliga, ma matua manino suʻega ma sili atu i mea uma ma manatu ma metotia faʻafetauina i tulaga faʻatulagaina. Na ona ou ave loʻu pulou i lenei maataua o saofaga, faʻafetai tele ia Fico mo se lelei galuega.

    Ou te leʻi tuʻufaʻatasia lava le squid ma le faʻamaoniga a le pam, ae ou te alu i le mea e gata ai le mafai e fai ai lenei faiga i laʻu fale suesue ... Sini fusi ma matou faʻaauau !!

  3.   Feterika malo

    NaTiluS: Faʻafetai tele lava mo lau faamatalaga ma le iloiloga.
    Lise: Ia te oe foi, faafetai tele lava mo lau faamatalaga ma le iloiloga.

    O le taimi ma le taumafaiga e tuʻuina atu i le faia o tusitusiga pei o lenei tasi e naʻo le tauia i le faitau ma manatu mai ia i latou e asiasi i le FromLinux 'aʻai. Ou te faamoemoe e aoga ia te oe i au galuega i aso uma.
    Tatou te o pea!

  4.   Faalilolilo malo

    Mafaʻatauaʻi tagatanuu saofaga !!!! Ou te faitau i au tusitusiga uma ma e mafai ona ou fai atu e oʻo foʻi i se tagata e le lava lona malamalama i le Free Software (pei o aʻu) e mafai ona mulimulitaʻi i lenei tala matagofie i lea laʻasaga. Manuia !!!!

  5.   IWO malo

    Faʻafetai Fico mo lenei isi tusitusiga sili; Peiseai e le lava na mea ma pou uma ua maeʻa faʻasalalauina, i lenei mea e i ai le matou tautua e leʻi muaʻi ufiufiina e le PYMES Series ma e matua taua lava: le "SQUID" poʻo le sui o le LAN. E leai se mea mo matou le aiga o latou e manatu o matou o "sysadmins" o loʻo i ai iinei isi mea lelei e suʻesuʻe ma faʻalauteleina ai lo tatou malamalama.

  6.   Feterika malo

    Faafetai lava mo a outou finagalo faaalia. O le mataupu o loʻo sosoʻo mai o le a fefaʻasoaaʻi ma le Prosody chat server ma le faʻamaoniga e faʻasaga i tusi faʻamaonia i le lotoifale (PAM) e ala atu ia Cyrus-SASL, ma o lena tautua o le a faʻaaogaina i lenei lava tautua.

  7.   KenpachiRo17 malo

    I le taimi lelei tagatanuu !!!! Sili saofaga e oo lava mo i latou e pei o aʻu e le o tele le malamalama e uiga i Free Polokalama ma e naunau e aʻoaʻoina ma tala sili ona matagofie pei o lenei tasi. Sa ou mulimuli i au saofaga ma ou te fia iloa poʻo le a le tusitusiga e te fautuaina ai aʻu e amata i luga o lenei faʻasologa o SME Networks, talu ai sa ou faitau i se le faʻaletonu auala ma ou te manatu e tele naua aoga mea e misia soʻo se auiliiliga. A aunoa ma nisi mea, faʻafeiloaʻi ma talosia ia fefaʻasoaaʻi le poto faʻapea foʻi ma le Polokalama tumau tumau !!

    1.    Feterika malo

      Talofa le atunuʻu !!!. Ou te fautua atu ia te oe e amata i le amataga, e ui lava e foliga mai o se auala umi, o le auala sili ona puʻupuʻu ina ia aua neʻi leiloa. I le faasino igoa -lea e le faʻafouina i tusitusiga mulimuli e lua- https://blog.desdelinux.net/redes-computadoras-las-pymes-introduccion/, matou faʻavaeina le fautuaina faitauga faʻasologa o le Series, lea e amata i le faʻafefea ona fai laʻu Fale faigaluega, faaauau pea ma le tele o pou tuuto i le mataupu Faʻamaoniga, mulimuli ma ni teutusi BIND, Isc-Dhcp-Server, ma Dnsmasq, ma faʻasolosolo ai lava seʻia oʻo i le vaega e faʻatino ai le tautua mo le SME network, o iina o loʻo tatou i ai nei. Talosia e fesoasoani ia te oe.

      1.    KenpachiRo17 malo

        Ia o le a avea !!!! O le taimi nei ou te amata i le faasologa mai le amataga ma ou te tulimatai atu i tala fou. Manuia !!!!