Teach you to configure Linux as a proxy firewall
Http://www.lelew.com/ 2004-05-10 13:05:14
Linux itself can be packaged by adding a socket software to the role of a proxy firewall, and this is free. What is a proxy firewall agency firewall that does not allow any direct network streams, and is an intermediate medium between Internet and internal network computers. The firewall handles a variety of network services instead of only let them pass directly. For example, logging in to a computer on the network request an Internet page. The computer does not link to the web page provided by the Internet network service, but connects to your own network's proxy server, proxy server identifies the proxy request, and then passes to the appropriate Internet web server in a suitable manner. The remote network server is considered a normal network request from the firewall server, sends a suitable web page, and the firewall server returns the web page to the computer. In this way, the firewall hides the fact that the Internet has hide your computer, reducing the visibility of the outside on internal network. Install 1, find the SOCKS package in http://www.socks.nec.com/cgi-bin/download.pl Sites, fill in the relevant user information before downloading, then click the [Submit] button, after logging in to With a page with download link, click the link to download the socket package. 2. In the directory of the downloaded SOCKS package, use the tar command until the package. TAR - XZVF SOCK5-VL. 0r11.tar.gz This command creates a SOCK5-VL. 0r11 directory, extracting the software package into this directory, and use the CD command to become this directory. There is a configuration script for editing and installing a package in this directory. Use the su command to become a root user, then run the script under the command prompt. 3. Enter the Make command to compile the SOCKS package. After completion, install the package by entering the make install command. Note: Before using, you must create a socks5.conf file in the / etc directory, SOCKS5 checks the /etc/socks5.conf file knows what protocols and services will be proxy, and which computer will be able to use this proxy service. Creating a SOCKS5.CONF file Socks5.conf file is divided into 6. Each part controls a special item for the SOCKS5 daemon to handle a specific link. When a customer computer is connected to the proxy server, SOCKS5 continuously searches each part of each line, and what action is taken according to the rules encountered, when you find the link with the process The order of the rules is important when matching the rules. 1. The host address flag host address can be a complete host name or IP address, such as gzdd .sjsgz .NET or 10.88.56.4, which may also be a partial host name or address, for example:. Sjsgz .NET or 10.88.56 .4. Note: Some host names (.) Are allowed to allow SOCKS to identify part of the host name to match any host in the SJSGZ .NET domain. 2. Prohibiting the host part prohibits the host part from being used to prohibit proxy services to specify hosts and protocols. A prohibition host is always starting with keyword BAN, then followed by host parameters and one source port parameters. Command format: ban source-host source-ce-port, for example: ban gzdd.sjsgz.net HTTP, indicating that the host GZDD is disabled from accessing network services on the system; Ban 199.170.176.- indicates 199.170.176.x Online host Negable for any proxy service on your system; BAN -, indicating that any host is not accessible to any proxy service of this system.
