Hi,
Thanks for your advice. Now could you please tell me the stps involved in
squid proxy server.?(I am currently using ipfwadm)
Other problem is , I can not acces files on my linux server from win95
client. I can see the icon of my linux server into network neighbourhood of
win95 machine. whenever I click on the icon, I am prompted to enter
password for
server_name:/ipc$. and as i don't know(or i have not set) password for
ipc$( whats this by the way) , I am not getting access to my files on linux
server form win95 machines in the network. Please send reply.
ARIS.
----------
> From: Binand Raj S. <[EMAIL PROTECTED]>
> To: Linux India <[EMAIL PROTECTED]>
> Subject: Re: [LI] How to record/log events ?
> Date: Tuesday, February 01, 2000 8:55 PM
>
> Oops! sent to aunet.org!
>
> Sorry about that.
>
> Binand
>
> aris unit forced the electrons to say:
> > Sir,
>
> Ah... I will tell you when the queen calls me, not before, please...
>
> > I have enabled squid while installing red hat.
> > After that I have given internet access to the network by using command
> > "IPFWADM".
> > and then I have seen the file access.log as suggested by you. But its
empty.
> > So again answer my original question please.
>
> For your proxy server to log something, someone has to be using it. So
tell
> everyone to set their proxy server as yours - in netscape, it is
> View->Preferences->Advanced->Proxies->Manual Configuration.
>
> ipfwadm is a firewalling tool - it has nothing to do with HTTP proxies.
What
> you have to do is to deny access to the internet directly, by bypassing
the
> proxy server. For that,
>
> 1. You have to enable IP masquerading on your dial out server.
> 2. You have to setup the routing table of this system.
> 3. You have to make this machine the default gateway for all the other
> machines, or at least you have to insist that people use your proxy
server.
> 4. You have to make sure that there is no other route to the internet
(another
> modem, maybe).
> 5. You have to setup a firewalling rule by which forwarding of TCP
packets on
> HTTP port is denied.
>
> Only then, can you reliably check the logs to see what your users are
upto.
>
> Step 1 is done by the command,
> ipfwadm -F -m a <your server ip address>/<your netmask>
>
> The last two can be got from the ifconfig command.
>
> Step 2 is best done automatically by pppd, if you give it the
defaultroute
> option.
>
> Step 3 - For other linux machines, do this via linuxconf, or via
> route add -net default gw <ip address of server> dev eth0
> For windows, it is in Network Neighbourhood->TCP/IP->Properties->Gateway
>
> Step 4 - go around your office, and throw all modems you can find out of
the
> window.
>
> Step 5 - Run
> ipfwadm -F -i deny -S <your ip addr>/<your netmask> -P tcp -D 0.0.0.0/0
http
>
> Step 1 is required if people are going to use other services as well -
like
> telnet or ftp, and your LAN is within the private network IP address
range.
> And of course, I have assumed that your dial out and proxy servers are
one and
> the same.
>
> Check out the man pages for ipfwadm, route, ifconfig, pppd and so on.
Look in
> /usr/doc for more stuff to read.
>
> Binand
>
> --
> #include <stdio.h> | Binand Raj S.
> char *p = "#include <stdio.h>%cchar *p = %c%s%c; | This is a self-
> int main(){printf(p,10,34,p,34,10);return 0;}%c"; | printing program.
> int main(){printf(p,10,34,p,34,10);return 0;} | Try it!!
>
>
> --------------------------------------------------------------------
> The Linux India Mailing List Archives are now available. Please search
> the archive at http://lists.linux-india.org/ before posting your question
> to avoid repetition and save bandwidth.
--------------------------------------------------------------------------
LI is all for free speech, but this list was created for a purpose --
to help popularise Linux in India. If your messages are counterproductive
to that purpose, your privileges to submit messages can and will be revoked.
