Manual - LinuxCentOS - 5-การพิสูจนตัวตน - Authentication -

(Authentication)
Secure Socket Layer

(SSL) Internet Security (IPsec)
..

..
" .. "

""
()

()
""

.
" "

""
..

()

. (Telecommunication and
Broadcast Carrier) .
. (Access Service Provider)
.
. (Host Service Provider)
.
. .
() () (Content Service Provider)
(Application Service Provider)
.
.

() () .
.
() () .
.
() () .
.
() () .
.
() ()
.

() (Media) (Integrity) (Identification)
()
()

Centralized Log Server Data Archiving Data Hashing

(IT Auditor)
()
..
() (Identification and
Authentication) Proxy Server, Network Address Translation (NAT) Proxy Cache
Cache Engine Free Internet 1222 Wi-Fi Amnat-EDv2
()

(Identification and Authentication)

(Stratum 0)

() () .
() () . (ISP)

() ()
..

Linux CentOS

.. OS
CentOS 5.5 Linux Distribution
Intranet Internet Server
Windows Server (Windows Server 2003, Windows
Server 2008), Linux Server (RedHat, Fedora, CentOS, Ubuntu, Debian, Slackware, SuSE,
Mandriva, OpenNA, IPCop, Linux-SIS), BSD Server (FreeBSD, OpenBSD, NetBSD), Solaris
(Sun Solaris, OpenSolaris)
Admin
Linux

Admin

Google Admin
CentOS Community ENTerprise Operating System

RedHat Enterprise Linux (RHEL) CentOS RedHat
Open Source GNU General Public
License CentOS Linux Web Hosting
RedHat ( )
RPM, TAR, APT YUM
CentOS

1. CentOS
(
Google.com)
2. CentOS
Web Server(Apache), FTP
Server(ProFTPd/VSFTPd),MailServer(Sendmail/Postfix/Dovecot),Database Server(MySQL/P ostgreSQL), File and
Printer Server(Samba), Proxy Server(Squid), DNS Server(BIND), DHCP Server(DHCPd), Antivirus
Server(ClamAV), Streaming Server, RADIUS Server(FreeRADIUS), Control Panel(ISPConfig)
3. (Private IP Address)
Log Files
2550
CentOS
CD CentOS
CD
CD 6
http://mirror.unl.edu/centos/5.2/isos/i386/CentOS-5.2-i386-bin-1of6.iso
link http://mirror.unl.edu/centos/5.2/isos/i386/
Mirror : http://mirror1.ku.ac.th/centos-dvd/

Admin

http://www.linuxthai.org/forum/index.php?topic=197
39.0

Authentication + LOG
1. SPEC COMPUTER
CPU 1.5 GHz
HDD 160 GB
RAM 512 MB
DVD-ROM ( CentOS 5.5 DVD)
VGA ONBOARD
( TextMode)
SOUND USB
2. NETWORK
LAN CARD 2 CARD ONBOARD CentOS 5.5
Real Tek SMC Zyxel 3COM D-Link
3. UTP 2
1 Computer Switch HUB Internet 2 Computer
Computer Client Config
4. OS Linux CentOS 5.5 DVD - I386
5. Computer Client Config ( NoteBook
)
6. DOS Network ()
(Install)
Linux CentOS 5.5
1. BIOS Computer DVD-ROM
2. CentOS 5.5 I386 DVD ()
3. Boot CentOS 5.5
linux text ENTER CentOS 5.5 Text MODE

Graphic MODE
DVD
Skip ( DVD
CentOS Installation OK
English OK
Keyboard us OK
Partition
Yes Enter
Partition CentOS Partition

Remove all partition on selected drives and create default layout OK
Partition Yes Enter
Partition
Yes Partition
Harddisk Partition
TAB OK Enter
Memory RAM Spec

() Yes Enter
Boot Loader
Use GRUB Boot Loader TAB OK Enter
Boot Loader Configuration OK Enter
GRUB Boot Loader TAB OK Enter
Boot Loader Partition TAB OK Enter
Boot Loader Sector

Master Boot Record (MBR) TAB OK Enter
Network Configuration eth0 : UNCONFIGURED

Internet Server TAB Edit Enter
eth0 Activate on boot Boot

Enable IPv4 support Protocal TCP/IP TCP/IPv4
TAB OK Enter
IP Address eth0 Manual address configuration

IP Address Prefix (Netmask)
IP Address : 192.168.1.100 ==> IP Router Internet

Prefix (Netmask) : 255.255.255.0 ==> TAB OK Enter
Config eth0 TAB OK Enter
GateWay DNS
Gateway : 192.168.1.1 ==> Gateway Router

Primary DNS : 192.168.1.1 ==> DNS Router
TAB OK Enter
HostName localhost
TAB OK Enter
Server Asia/Bangkok
TAB OK Enter
Root Login
rootadmin TAB OK Enter
Package (
Customize Software Selection) Spacebar TAB OK Enter
[*] Administration Tools <- X-Window

[*] Base
[*] DNS Name Server
Spacebar TAB OK Enter
[*] DNS Name Server

[*] Dialup Networking Support
[*] Editor
Spacebar TAB OK Enter
[*] FTP Server TAB OK Enter
[*] Java
[*] Java Development
TAB OK Enter
[*] Legacy Network Server TAB OK Enter
[*] Mail Server

[*] MySQL Database
[*] Network Servers
[*] New Servers
TAB OK Enter
[*] Printing Support TAB OK Enter
[*] Text-based Internet

[*] Web Server
TAB OK Enter
[*] [*] Customize software selection

[*] Administration Tools
<- X-Window
[*] Base
[*] DNS Name Server
[*] Dialup Networking Support
[*] Editor
[*] FTP Server
[*] Graphicel Internet
<- X-Window
[*] Graphice
<- X-Window
[*] Java
[*] Java Development
[*] Legacy Network Server
[*] Mail Server
[*] MySQL Database
[*] Network Servers
[*] New Servers
[*] Printing Support
[*] Text-based Internet
[*] Web Server
Spacebar Arrow Package

TAB OK Enter
Check Packages
Package
OK Enter
Format Harddisk
Copy
Copy
Copy
Enter (Reboot)
Check .
firewall firewall config file server package

server (...) terminal setup
# setup
Firewall configuration Disable TAB OK enter
TAB Quite enter setup
Firewall configuration ==> Disable
TAB OK ==> enter

TAB Quite ==> enter setup
Lan Card 2 1 ADSL 2

.....
1
Eth0 Link encap:Ethernet HWaddr E0:CB:4E:C3:0C:6D
inet addr:192.168.1.100 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::e2cb:4eff:fec3:c6d/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:412 errors:0 dropped:917188827 overruns:0 frame:0 TX
packets:460 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:35686 (34.8 KiB) TX bytes:227945 (222.6 KiB)
Interrupt:177 Base address:0x4000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:8 errors:0 dropped:0 overruns:0 frame:0
TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
RX bytes:560 (560.0 b) TX bytes:560 (560.0 b)
2
Eth1 Link encap:Ethernet HWaddr 00:06:29:89:E5:9C
inet6 addr: fe80::206:29ff:fe89:e59c/64 Scope:Link
config network card terminal

/etc/sysconfig/network-scripts/ifcfg-eth 1 eth0 ==>
ADSL Modem
# nano /etc/sysconfig/network-scripts/ifcfg-eth0
# Realtek Semiconductor Co., Ltd. RTL8111/8168B PCI Express Gigabit Ethernet controller
DEVICE=eth0
HOSTNAME=localhost
BOOTPROTO=static
BROADCAST=192.168.1.255
HWADDR=E0:CB:4E:C3:0C:6D
IPADDR=192.168.1.100
NETMASK=255.255.255.0
NETWORK=192.168.1.0
ONBOOT=yes
GATEWAY=192.168.1.1
TYPE=Ethernet
DNS=192.168.1.1
2 eth1 ==> ...
# Intel Corporation 82557/8/9/0/1 Ethernet Pro 100
DEVICE=eth1
BOOTPROTO=none
#BROADCAST=10.0.0.255
HWADDR=00:06:29:89:E5:9C
#IPADDR=10.0.0.1
#NETMASK=255.255.255.0
#NETWORK=10.0.0.0
ONBOOT=yes
ChilliSpot
chillispot dhcp server dhcp server
# service dhcpd stop
Class IP ChilliSpot Class DHCP Server Class
DHCP Authen
# Intel Corporation 82557/8/9/0/1 Ethernet Pro 100 DEVICE=eth1
HWADDR=00:06:29:89:E5:9C
ONBOOT=yes
BOOTPROTO=none
server dhcp
! chillispot dhcp 2
# cat /etc/resolv.conf
search localhost
nameserver 192.168.1.1
DNS Server ADSL modem ISP
bios update
delete --
-- login server package server update Internet
package
SSH Server
server port ssh port 22 remote
# nano /etc/ssh/ssh_config
# Port 22
# Protocol 2,1
Port 22
Protocol 2,1
# chkconfig sshd on
sshd (start auto) boot
# /etc/init.d/sshd start
Starting sshd: [ OK ]
Grub
# nano /boot/grub/grub.conf
# grub.conf generated by anaconda
#
# Note that you do not have to rerun grub after making changes to this file
# NOTICE: You have a /boot partition. This means that
# all kernel and initrd paths are relative to /boot/, eg.
# root (hd0,0)
# kernel /vmlinuz-version ro root=/dev/VolGroup01/LogVol00
# initrd /initrd-version.img
#boot=/dev/hda
default=0
timeout=1
#splashimage=(hd0,0)/grub/splash.xpm.gz
#hiddenmenu
title CentOS 5.2 Server (2.6.18-92.el5)
root (hd0,0)
kernel /vmlinuz-2.6.18-92.el5 ro root=/dev/VolGroup01/LogVol00 rhgb quiet
initrd /initrd-2.6.18-92.el5.img
* list download
server
package package
package download download
Download Package Upload
Server FTP SSH server
Package Server update (--)

# yum -y install ntp
Dependencies Resolved
Package Arch Version Repository Size
Updating:
ntp i386 4.2.2p1-9.el5.centos.2.1 base 1.3 M
Transaction Summary
Install 0 Package(s)
Update 1 Package(s)
Remove 0 Package(s)
Total download size: 1.3 M
Is this ok [y/N]: y
Downloading Packages:
(1/1): ntp-4.2.2p1-9.el5. 100% |=========================| 1.3 MB 00:02
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Updating : ntp ######################### [1/2]
Cleanup : ntp ######################### [2/2]
Updated: ntp.i386 0:4.2.2p1-9.el5.centos.2.1
Complete!
# nano /etc/rc.local
/usr/sbin/ntpdate -u pool.ntp.org
# /usr/sbin/ntpdate -u pool.ntp.org
30 Sep 05:02:55 ntpdate[3778]: adjust time server 158.108.212.149 offset 0.017045 sec
Update (--) 10
package crontab version
# rpm -aq | grep cron
crontabs-1.10-8
anacron-2.3-45.el5.centos
vixie-cron-4.1-72.el5
# nano /etc/crontab
*/10 * * * * /usr/sbin/ntpdate -u pool.ntp.org
crontab run-time
# crontab -e
*/10 * * * * /usr/sbin/ntpdate -u pool.ntp.org
Editor vi
Insert I
copy
Esc
Shift : w q !
==>
:wq! ==>
Enter !
* crontab 1 1 run-time
# nano /etc/crontab
==>
# crontab -e ==> Run-time
restart service reload
# /etc/rc.d/init.d/crond restart
Stopping crond: [ OK ]
Starting crond: [ OK ]
# /sbin/chkconfig crond on
Installing Apache2
# yum -y install httpd httpd-manual mod_ssl mod_perl

Updating:
httpd i386 2.2.3-43.el5.centos.3 updates 1.2 M
httpd-manual i386 2.2.3-43.el5.centos.3 updates 814 k
mod_perl i386 2.0.4-6.el5 base 4.0 M
mod_ssl i386 1:2.2.3-43.el5.centos.3 updates 91 k
openssl i686 0.9.8e-12.el5_4.6 base 1.4 M
Transaction Summary
Update 5 Package(s)
Remove 0 Package(s)
Is this ok [y/N]: y
(1/5): mod_ssl-2.2.3-43.e 100% |=========================| 91 kB 00:00
(2/5): openssl-0.9.8e-12. 100% |=========================| 1.4 MB 00:02
(3/5): httpd-2.2.3-43.el5 100% |=========================| 1.2 MB 00:02
(4/5): mod_perl-2.0.4-6.e 100% |=========================| 4.0 MB 00:07
(5/5): httpd-manual-2.2.3 100% |=========================| 814 kB 00:02
Running Transaction
Updating : openssl ####################### [ 1/10]
Updating : httpd ####################### [ 2/10]
Updating : mod_perl ####################### [ 3/10]
Updating : httpd-manual ####################### [ 4/10]
Updating : mod_ssl ####################### [ 5/10]
Cleanup : httpd-manual ####################### [ 6/10]
Cleanup : mod_perl ####################### [ 7/10]
Cleanup : httpd ####################### [ 8/10]
Cleanup : openssl ####################### [ 9/10]
Cleanup : mod_ssl ####################### [10/10]
Updated: httpd.i386 0:2.2.3-43.el5.centos.3 httpd-manual.i386 0:2.2.3-43.el5.centos.3 mod_perl.i386 0:2.0.4-6.el5 mod_ssl.i386 1:2.2.3-43.el5.centos.3 openssl.i686 0:0.9.8e-12.el5_4.6
Complete!
# /etc/rc.d/init.d/httpd restart
OR
# /etc/init.d/httpd start
Starting httpd: httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName [ OK ]
# /sbin/chkconfig httpd on
Open web browser 2 -> http https

http://ip-server/ ==> http://192.168.1.100/
https://ip-server/ ==> https://192.168.1.100/
Apache's default document root is /var/www/html
And the configuration file is /etc/httpd/conf/httpd.conf
Additional configurations are stored in the /etc/httpd/conf.d/ directory.
http
https
# nano +355 /etc/httpd/conf/httpd.conf
UserDir disable
# UserDir public_html
#UserDir disable
UserDir public_html
<Directory /home/*/public_html>
AllowOverride FileInfo AuthConfig Limit
Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec <Limit GET POST OPTIONS>
Order allow,deny
Allow from all
</Limit>
<LimitExcept GET POST OPTIONS>
Order deny,allow
Deny from all
</LimitExcept>
</Directory>
#AddHandler cgi-script .cgi
AddHandler cgi-script .cgi

User apache
Group apache
apache apache default
#
# ServerName www.example.com:80
# ServerName www.example.com:80
ServerName localhost:80
DirectoryIndex index.html index.html.var
DirectoryIndex index.html index.html.var index.htm index.php

Stopping httpd: [ OK ]
Starting httpd: [ OK ]
index.html
# cd /var/www/html/
#wget http://img376.rockyou.com/imagehost/15/15522/15522555/15522555_1fded04d1243655781.jpg
# mv 15522555_1fded04d1243655781.jpg index.jpg
# nano index.html
<html>
<head><title>My test hompage html</title></head> <body
bgcolor="FFDEAD">
<center>
My test hompage html 
<img src="index.jpg"/>
</body>
</html>
Open web browser
http://ip-server/
==> http://192.168.1.100
Installing MySQL 5.0

# yum -y install mysql mysql-server
Installing:
mysql-server i386 5.0.77-4.el5_5.3 updates 9.8 M
Updating:
mysql i386 5.0.77-4.el5_5.3 updates 4.8 M
Installing for dependencies:
perl-DBD-MySQL i386 3.0007-2.el5 base 148 k
Transaction Summary
Update 1 Package(s)
Remove 0 Package(s)
Total download size: 15 M
Is this ok [y/N]: y
(1/3): perl-DBD-MySQL-3.0 100% |=========================| 148 kB 00:00
(2/3): mysql-server-5.0.7 100% |=========================| 9.8 MB 00:17
(3/3): mysql-5.0.77-4.el5 100% |=========================| 4.8 MB 00:08
Running Transaction
Updating : mysql ######################### [1/4]
Installing: perl-DBD-MySQL ######################### [2/4]
Installing: mysql-server ######################### [3/4]
Cleanup : mysql ######################### [4/4]
Installed: mysql-server.i386 0:5.0.77-4.el5_5.3
Dependency Installed: perl-DBD-MySQL.i386 0:3.0007-2.el5
Updated: mysql.i386 0:5.0.77-4.el5_5.3
Complete!
# /etc/rc.d/init.d/mysqld start
http://www.mysql.com
Support MySQL by buying support/licenses at http://shop.mysql.com [ OK ]
Starting MySQL: [ OK ]
# /sbin/chkconfig mysqld on
# mysqladmin -u root password rootadmin
( MySQL rootadmin )
OR
# mysqladmin -h localhost -u root password rootadmin
# /usr/bin/mysql -u root prootadmin
Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 3
Server version: 5.0.77 Source distribution
Type 'help;' or '\h' for help. Type '\c' to clear the buffer. mysql>
show databases;
mysql> exit
Bye
**Installing PHP5 And Getting MySQL Support In PHP5 All Extended
# yum -y install php php-mysql php-gd php-imap php-ldap php-mcrypt php-mbstring php-odbc php-pear php-xml php-xmlrpc
Is this ok [y/N]: y
(1/21): php-pear-1.4.9-6. 100% |=========================| 344 kB 00:29
(2/21): php-mysql-5.1.6-2 100% |=========================| 86 kB 00:07
(3/21): php-xmlrpc-5.1.6- 100% |=========================| 57 kB 00:06
(4/21): php-ldap-5.1.6-27 100% |=========================| 37 kB 00:04
(5/21): php-xml-5.1.6-27. 100% |=========================| 96 kB 00:07
(6/21): libc-client-2004g 100% |=========================| 516 kB 00:28
(7/21): unixODBC-2.2.11-7 100% |=========================| 832 kB 00:43
(8/21): php-gd-5.1.6-27.e 100% |=========================| 117 kB 00:09
(9/21): php-5.1.6-27.el5. 100% |=========================| 2.3 MB 01:26
(10/21): libmcrypt-2.5.8- 100% |=========================| 116 kB 00:00
(11/21): php-devel-5.1.6- 100% |=========================| 503 kB 00:53
(12/21): php-mbstring-5.1 100% |=========================| 995 kB 01:07
(13/21): php-imap-5.1.6-2 100% |=========================| 54 kB 00:06
(14/21): automake-1.9.6-2 100% |=========================| 476 kB 00:27
(15/21): php-cli-5.1.6-27 100% |=========================| 2.1 MB 02:26
(16/21): php-odbc-5.1.6-2 100% |=========================| 53 kB 00:06
(17/21): php-mcrypt-5.1.6 100% |=========================| 16 kB 00:00
(18/21): imake-1.0.2-3.i3 100% |=========================| 319 kB 00:21
(19/21): php-common-5.1.6 100% |=========================| 152 kB 00:07
(20/21): php-pdo-5.1.6-27 100% |=========================| 65 kB 00:04
(21/21): autoconf-2.59-12 100% |=========================| 647 kB 00:29
Running Transaction
Updating : php-common #######################[1/25]
Installing: php-pdo ###################### [2/25]
Updating : php-cli ####################### [ 3/25]
Updating : php ####################### [ 4/25]
Installing: libc-client ####################### [ 5/25]
Installing: unixODBC ####################### [ 6/25]
Installing: libmcrypt ####################### [ 7/25]
Installing: imake ####################### [ 8/25]
Installing: autoconf ####################### [ 9/25]
Installing: automake ####################### [10/25]
Installing: php-devel ####################### [11/25]
Installing: php-mcrypt ####################### [12/25]
Installing: php-odbc ####################### [13/25]
Installing: php-imap ####################### [14/25]
Installing: php-mbstring ####################### [15/25]
Installing: php-gd ####################### [16/25]
Installing: php-xml ####################### [17/25]
Updating : php-ldap ####################### [18/25]
Installing: php-xmlrpc ####################### [19/25]
Installing: php-mysql ####################### [20/25]
Installing: php-pear ####################### [21/25]
Cleanup : php-common ####################### [22/25]
Cleanup : php-cli ####################### [23/25]
Cleanup : php ####################### [24/25]
Cleanup : php-ldap ####################### [25/25]
Installed: php-gd.i386 0:5.1.6-27.el5 php-imap.i386 0:5.1.6-27.el5 php-mbstring.i386 0:5.1.6-27.el5
php-mcrypt.i386 0:5.1.6-15.el5.centos.1 php-mysql.i386 0:5.1.6-27.el5 php-odbc.i386 0:5.1.6-27.el5
php-pear.noarch 1:1.4.9-6.el5 php-xml.i386 0:5.1.6-27.el5 php-xmlrpc.i386 0:5.1.6-27.el5
Dependency Installed: autoconf.noarch 0:2.59-12 automake.noarch 0:1.9.6-2.3.el5 imake.i386 0:1.0.2-3 libcclient.i386
0:2004g-2.2.1 libmcrypt.i386 0:2.5.8-4.el5.centos php-devel.i386 0:5.1.6-27.el5
php-pdo.i386 0:5.1.6-27.el5 unixODBC.i386 0:2.2.11-7.1
Updated: php.i386 0:5.1.6-27.el5 php-cli.i386 0:5.1.6-27.el5 php-common.i386 0:5.1.6-27.el5
php-ldap.i386 0:5.1.6-27.el5
Complete!
# nano /var/www/html/phpinfo.php
<? phpinfo(); ?>
Open web browser

http://ip-server/phpinfo.php
==> http://192.168.1.100/phpinfo.php
compile PHP compile *

# mkdir /tmp/temp
# cd /tmp/temp/
# wget http://download916.mediafire.com/av0r0auls8zg/2l5577ow3p1hq7q/ZendOptimizer -3.2.6-linux-glibc21-i386.tar.gz
# tar -zxvf ZendOptimizer-3.2.6-linux-glibc21-i386.tar.gz
# cd ZendOptimizer-3.2.6-linux-glibc21-i386
# chmod +x install.sh
# ./install.sh

/usr/local/Zend/
---- > /usr/local/lib/Zend/
Open web browser

http://ip-server/phpinfo.php ==> http://192.168.1.100/phpinfo.php
/etc/php.ini [Zend]
zend_extension_manager.optimizer=/usr/local/lib/Zend/lib/Optimizer-3.2.6
zend_extension_manager.optimizer_ts=/usr/local/lib/Zend/lib/Optimizer_TS-3.2.6 zend_optimizer.version=3.2.6
zend_extension=/usr/local/lib/Zend/lib/ZendExtensionManager.so
zend_extension_ts=/usr/local/lib/Zend/lib/ZendExtensionManager_TS.so
phpMyAdmin
# cd /tmp/temp/
# wget http://download1082.mediafire.com/dolv36ud144g/ws20473ro89bmvd/phpMyAdmin-2.11.11-all-languages.tar.gz
# tar -zxvf phpMyAdmin-2.11.11-all-languages.tar.gz
# mv phpMyAdmin-2.11.11-all-languages /var/www/html/phpmyadmin/
# cp /var/www/html/phpmyadmin/config.sample.inc.php /var/www/html/phpmyadmin/config.inc.php
# nano +17 /var/www/html/phpmyadmin/config.inc.php
$cfg['blowfish_secret'] = ''; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */

.
$cfg['Servers'][$i]['auth_type'] = 'cookie';
.
// $cfg['Servers'][$i]['controluser'] = 'pma';
// $cfg['Servers'][$i]['controlpass'] = 'pmapass';
.
// $cfg['Servers'][$i]['pmadb'] = 'phpmyadmin';
//
$cfg['blowfish_secret'] = 'cookie'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */
.
$cfg['Servers'][$i]['auth_type'] = 'http';
.
$cfg['Servers'][$i]['controluser'] = 'root';
$cfg['Servers'][$i]['controlpass'] = 'rootadmin';
.
$cfg['Servers'][$i]['pmadb'] = ' ';
User = root
Password = mysql
Open web browser

http://ip-server/phpmyadmin/ ==> http://192.168.1.100/phpmyadmin/
User = root
Password = mysql
phpsysinfo-2.5.4.tar.gz
# cd /tmp/temp/
# wget http://download505.mediafire.com/md19toevco4g/3jqwzvbtq2c63fj/phpsysinfo-2.5.4.tar.gz
# tar -zxvf phpsysinfo-2.5.4.tar.gz
# mv phpsysinfo /var/www/html/
# cp /var/www/html/phpsysinfo/config.php.new /var/www/html/phpsysinfo/config.php
Open web browser
http://ip-server/phpsysinfo/ ==> http://192.168.1.100/phpsysinfo/
forward port rounter package

forward port forward packet
# nano +7 /etc/sysctl.conf
net.ipv4.ip_forward = 0
net.ipv4.ip_forward = 1
# echo "1" > /proc/sys/net/ipv4/ip_forward

forward packet
Authentication 1.0
MySQL php-extension
# cd /tmp/temp/
# wget http://download401.mediafire.com/a827ff24e4fg/e8xcfmcnck0k8rg/phpwifi.tar
download http://www.linuxthai.org/forum/index.php?topic=19739.0
# tar -xvf phpwifi.tar
# mv phpwifi /var/www/html/
# chmod -R 755 /var/www/html/*
# chmod -R 777 /var/www/html/phpwifi/admin/upload/
# chmod -R 777 /var/www/html/phpwifi/admin/ThaiPDF/
# chown -R root:apache /var/www/html/*
# nano /etc/php.ini
memory_limit = 8M
register_globals = Off
register_long_arrays = Off
register_argc_argv = Off
post_max_size = 8M
;default_charset = "iso-8859-1"
upload_max_filesize = 8M
memory_limit = 128M
register_globals = On
register_long_arrays = On
register_argc_argv = On
post_max_size = 32M
default_charset = "utf-8,tis-620"
upload_max_filesize = 100M
# /etc/rc.d/init.d/httpd reload ---- > ..
config php.ini web browser

http://<IP-SERVER>/phpinfo.php Configuration (http://192.168.1.100/phpinfo.php )
portsproDB
phpmyadmin
http://IP-SERVER/phpmyadmin (http://192.168.1.100/phpmyadmin )
portsproDB
Import table backup
Brownse..
( )
()
table 14 table
command Line
# mysql -u root -prootadmin
mysql > create database portsproDB;
Query OK, 1 row affected (0.00 sec)
mysql > show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| portsproDB |
| test |
+--------------------+
4 rows in set (0.00 sec)
mysql > GRANT ALL PRIVILEGES ON portsproDB.* to 'root'@'localhost' IDENTIFIED BY
'rootadmin'; Query OK, 0 rows affected (0.00 sec)
mysql > FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)
mysql > exit
database schema ( table )
# mysql -uroot -prootadmin portsproDB < /var/www/html/phpwifi/admin/backupsql/portsproDB.sql
login Administrator
Config phpwifi MySQL
# nano /var/www/html/phpwifi/admin/include/config.inc.php

<?php
# configuration for database
$_config['database']['hostname'] = "localhost";
$_config['database']['username'] = "root";
$_config['database']['password'] = "rootadmin";
$_config['database']['database'] = "portsproDB";
# connect the database server
$link = new mysqldb();
$link->connect($_config['database']);
$link->selectdb($_config['database']['database']);
$link->query("SET NAMES 'utf8'");
@session_start();
?>
# User MySQL
# Passwd MySQL
# Database Authen
login Administrator
http://IP-SERVER/phpwifi/admin/ ---- > (http://192.168.1.100/phpwifi/admin/)
Defalut
User = admin
Passwd = padmin
* Add Group Users

Windows ... Ascii
PHPwifi
.. ... ...
PHPwifi //
Comment
... comment
windows library list

server
domain name Dream
windows server windows

Ascii I394
server X
... ... ...
add users 1 user
( MySQL /etc/php.ini register_globals = On )
Admin Login Username ,Password
( Admin Login LogOut Session

)
URL Username Password
URL Administrator
<IP-Server>/phpwifi/admin/index2.php
* Admin Redirect Username Password
MySQL + FreeRadius
# yum -y install freeradius

Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* addons: mirrors.163.com
* base: mirrors.digipower.vn *
extras: mirrors.digipower.vn *
updates: mirrors.digipower.vn Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package freeradius.i386 0:1.1.3-1.6.el5 set to be updated
--> Processing Dependency: net-snmp-utils for package: freeradius
--> Processing Dependency: libltdl.so.3 for package: freeradius
--> Running transaction check
---> Package libtool-ltdl.i386 0:1.5.22-7.el5_4 set to be updated
---> Package net-snmp-utils.i386 1:5.3.2.2-9.el5_5.1 set to be updated
--> Finished Dependency Resolution
Installing:
freeradius i386 1.1.3-1.6.el5 base 1.1 M
Installing for dependencies:
libtool-ltdl i386 1.5.22-7.el5_4 base 37 k
net-snmp-utils i386 1:5.3.2.2-9.el5_5.1 updates 186 k Transaction Summary
Upgrade 0 Package(s)
Is this ok [y/N]: y
Installed:
freeradius.i386 0:1.1.3-1.6.el5
Complete!
/etc/raddb/radiusd.conf
FreeRadius /etc/shadow
User-Name, Pass-Word, Group Server
# nano +109 /etc/raddb/radiusd.conf
user = radiusd
group = radiusd
( +109 109 )
#user = radiusd
#group = radiusd
# nano +35 /etc/raddb/clients.conf
client 127.0.0.1 {
#
# The shared secret use to "encrypt" and "sign" packets between
# the NAS and FreeRADIUS. You MUST change this secret from the # default, otherwise it's not a secret any more!
#
# The secret can be any string, up to 31 characters in length.
#
secret = testing123
secret = testing123
# /etc/rc.d/init.d/radiusd start
OR
# /usr/sbin/radiusd start &
Starting RADIUS server: Wed Sep 29 10:38:02 2010 : Info: Starting - reading configuration files ... [ OK ]
[1]+ Done /usr/sbin/radiusd start
# chkconfig radiusd on
freeradius
# radtest Server Server 127.0.0.1 0 testing123 Username

Password Login Server
# radtest root rootadmin localhost 0 testing123

**** Access-Accept ****
Sending Access-Request of id 169 to 127.0.0.1 port 1812 User-Name = "root"
User-Password = "rootadmin"
NAS-IP-Address = 255.255.255.255
NAS-Port = 0
rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=169, length=20
FreeRadius MySQL Server

# yum -y install freeradius-mysql
Installing:
freeradius-mysql i386 1.1.3-1.6.el5 base 16 k Transaction Summary
Upgrade 0 Package(s)
Total download size: 16 k
Is this ok [y/N]: y
freeradius-mysql-1.1.3-1.6.el5.i386.rpm | 16 kB 00:00 Running rpm_check_debug
Running Transaction
Installing : freeradius-mysql 1/1
Installed:
freeradius-mysql.i386 0:1.1.3-1.6.el5
Complete!
# nano +21 /etc/raddb/sql.conf
server = "localhost"
login = "root"
password = "rootpass"
# Database table configuration
radius_db = "radius"
server = "localhost"
login = "root"
==> Username MySQL
password = "rootadmin"
==> Password MySQL
# Database table configuration
radius_db = "portsproDB"
# nano +44 /etc/raddb/sql.conf

usergroup_table = "usergroup"
radius fix
# $INCLUDE ${confdir}/sql.conf
$INCLUDE ${confdir}/sql.conf
# files
( # Username Passwd Server Username , pass Server)

files
# sql
( mirror sql.conf web application databases )

sql
# sql
sql
# sql
Sql
sqlcounter noresetcounter{
counter-name = Max-All-Session-Time
check-name = Max-All-Session
sqlmod-inst = sql
key = User-Name
reset = never
query= "SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='%{%k}'"
}

noresetcounter
dailycounter
monthlycounter
#
authorize {
authorize {
# Add insert function Login PopUp
noresetcounter
dailycounter
monthlycounter
#
# /etc/rc.d/init.d/radiusd stop
Stopping RADIUS server:
[ OK ]
# chmod -R 755 /etc/raddb/*
# chown -R root:apache /etc/raddb/*
sqlcounter dailycounter {
.................
}
Error!
Authen !
# /usr/sbin/radiusd -x
Starting - reading configuration files ...
Using deprecated naslist file. Support for this will go away soon. Module: Loaded exec
rlm_exec: Wait=yes but no output defined. Did you mean output=none? Module: Instantiated exec (exec)
Module: Loaded expr
Module: Instantiated expr (expr)
Module: Loaded PAP
Module: Instantiated pap (pap)
Module: Loaded CHAP
Module: Instantiated chap (chap)
Module: Loaded MS-CHAP
Module: Instantiated mschap (mschap)
Module: Loaded System
Module: Instantiated unix (unix)
Module: Loaded eap
rlm_eap: Loaded and initialized type md5
rlm_eap: Loaded and initialized type leap
rlm_eap: Loaded and initialized type gtc
rlm_eap: Loaded and initialized type mschapv2
Module: Instantiated eap (eap)
Module: Loaded SQL Counter
Module: Instantiated sqlcounter (noresetcounter)
Module: Instantiated sqlcounter (dailycounter)
Module: Instantiated sqlcounter (monthlycounter)
Module: Loaded preprocess
Module: Instantiated preprocess (preprocess)
Module: Loaded realm
Module: Instantiated realm (suffix)
Module: Loaded files
Module: Instantiated files (files)
Module: Loaded SQL
rlm_sql (sql): Driver
rlm_sql_mysql (module rlm_sql_mysql) loaded and linked
rlm_sql (sql): Attempting to connect to root@localhost:/portspro_db
rlm_sql (sql): starting 0
rlm_sql (sql): Attempting to connect rlm_sql_mysql #0
rlm_sql_mysql: Starting connect to MySQL server for #0
rlm_sql (sql): Connected new DB handle, #0
Module: Instantiated sql (sql)
Module: Loaded Acct-Unique-Session-Id
Module: Instantiated acct_unique (acct_unique)
Module: Loaded detail
Module: Instantiated detail (detail)
Module: Loaded radutmp
Module: Instantiated radutmp (radutmp)
Initializing the thread pool...
Listening on authentication *:1812
Listening on accounting *:1813
Ready to process requests.
Free Radiusd MySQL
[ Ctr + C ]
# /etc/rc.d/init.d/radiusd start
Starting RADIUS server: Thu Mar 3 06:48:08 2011 : Info: Starting - reading
configuration files ...
[OK]
user mysql
user passwd user radiusd sql Authentication 1.0
# radtest hhh hhh localhost 0 testing123

Sending Access-Request of id 153 to 127.0.0.1 port 1812
User-Name = "hhh"
User-Password = "hhh"
NAS-IP-Address = 255.255.255.255
NAS-Port = 0
rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=153, length=74
WISPr-Bandwidth-Max-Up = 512000
WISPr-Bandwidth-Max-Down = 2048000 Service-Type = Login-User
Idle-Timeout = 600
Session-Timeout = 14400
Acct-Session-Time = 60
Acct-Interim-Interval = 60
username Mysql full options
Users Web browser Admin Radiusd Apache ,PHP ,MySQL
Perform Test

Apache ,PHP ,MySQL-Server ,Freeradius
==> ChilliSpot
ChilliSpot WiFi Authentication Hospot ,User Login

# cd /tmp/temp/
# wget http://download297.mediafire.com/tq0ajkq0zpfg/5t2akwxe4wo9bsm/chillispot-1.1.0.i386.rpm
# rpm -Uvh chillispot-1.1.0.i386.rpm

Preparing... ###################################### [100%]
1:chillispot ###################################### [100%]
# nano +18 /etc/chilli.conf
#interval 3600
#pidfile /var/run/chilli.pid
interval 3600
pidfile /var/run/chilli.pid
#confusername conf
#confpassword secret
confusername conf
confpassword secret
#net 192.168.182.0/24
net 10.0.0.0/24
#dynip 192.168.182.0/24
dynip 10.0.0.11/24
#dns1 172.16.0.5
#dns2 172.16.0.5
#domain key.chillispot.org
dns1 192.168.1.100
dns2 192.168.1.1
domain localhost
==> Lan Card eth0 ADSL

==> IP gateway ADSL Router
==> domain name Server
#radiuslisten 127.0.0.1
radiuslisten 127.0.0.1
radiusserver1 rad01.chillispot.org
radiusserver2 rad02.chillispot.org
radiusserver1 127.0.0.1
radiusserver2 127.0.0.1
#radiussecret testing123
radiussecret testing123 ==> secret freeradius /etc/raddb/clients.conf

dhcpif eth1
==> eth1 lan card 2 ip
# lease 600
lease 600
uamserver https://radius.chillispot.org/hotspotlogin
uamserver http://10.0.0.1/phpwifi/hotspotlogin.php
#uamsecret ht2eb8ej6s4et3rg1ulp
#uamlisten 192.168.182.1
#uamport 3990
uamsecret ht2eb8ej6s4et3rg1ulp
( hotspotlogin.php)
uamlisten 10.0.0.1
uamport 3990
uamport 3990 kick

# TAG: kick user online
# Example
# /bin/echo User-Name=love| /usr/bin/radclient -x 127.0.0.1:3779 disconnect testing123
coaport 3779
lan card ip
# Intel Corporation 82557/8/9/0/1 Ethernet Pro 100 DEVICE=eth1
HWADDR=00:06:29:89:E5:9C
ONBOOT=yes
BOOTPROTO=none
# /etc/init.d/network restart
Shutting down interface eth0:
Shutting down interface eth1:
Shutting down loopback interface:
Disabling IPv4 packet forwarding: net.ipv4.ip_forward = 0
Bringing up loopback interface:
Bringing up interface eth0:
Bringing up interface eth1:
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
# cp /usr/share/doc/chillispot-1.1.0/firewall.iptables /etc/
# nano +19 /etc/firewall.iptables
IPTABLES="/sbin/iptables"
EXTIF="eth0"
INTIF="eth1"
#Allow releated, established and ssh on $EXTIF. Reject everything else.
$IPTABLES -A INPUT -i $EXTIF -p tcp -m tcp --dport 22 --syn -j ACCEPT
EXTIF="eth0"
INTIF="eth1"

port
tcp web
$IPTABLES -A INPUT -i $EXTIF -j REJECT
#Forward port $EXTIF
$IPTABLES -A FORWARD -i $EXTIF -j ACCEPT
$IPTABLES -A FORWARD -o $EXTIF -j ACCEPT
EXTIF="eth0"
ADSL Modem Router

INTIF="eth1"
login
# /etc/rc.d/init.d/chilli start
Starting chilli: [ OK ]
# chkconfig chilli on
# ps -ef |grep chilli
root 18655 1 0 21:54 ? 00:00:00 /usr/sbin/chilli
root 18668 17414 0 21:55 pts/3 00:00:00 grep chilli
/etc/firewall.iptables
#!/bin/sh
#
# Firewall script for ChilliSpot
# A Wireless LAN Access Point Controller
#
# Uses $EXTIF (eth0) as the external interface (Internet or intranet) and
# $INTIF (eth1) as the internal interface (access points).
#
# * NAT is enabled on the external interface.
EXTIF="eth0"
INTIF="eth1"
#Flush all rules
$IPTABLES -F
$IPTABLES -F -t nat
$IPTABLES -F -t mangle
#Set default behaviour
$IPTABLES -P INPUT DROP
$IPTABLES -P FORWARD ACCEPT
$IPTABLES -P OUTPUT ACCEPT
#Allow related and established on all interfaces (input)
$IPTABLES -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
$ IPTABLES -A INPUT -i $EXTIF -p tcp -m tcp --dport 20 --syn -j ACCEPT
$IPTABLES -A INPUT -i $EXTIF -j REJECT
#Forward port $EXTIF
$IPTABLES -A FORWARD -i $EXTIF -j ACCEPT
$IPTABLES -A FORWARD -o $EXTIF -j ACCEPT
#Allow related and established from
$INTIF. Drop everything else.
$IPTABLES -A INPUT -i $INTIF -j DROP
#Allow http and https on other interfaces (input).
#This is only needed if authentication server is on same server as chilli
$IPTABLES -A INPUT -p tcp -m tcp --dport 22 --syn -j ACCEPT
==> SSH Port22

#Allow 3990 on other interfaces (input).
#Allow ICMP echo on other interfaces (input).
$IPTABLES -A INPUT -p icmp --icmp-type echo-request -j ACCEPT
#Allow everything on loopback interface.
$IPTABLES -A INPUT -i lo -j ACCEPT
#Drop everything to and from $INTIF (forward)
#This means that access points can only be managed from ChilliSpot
$IPTABLES -A FORWARD -i $INTIF -j DROP
$IPTABLES -A FORWARD -o $INTIF -j DROP
#Enable NAT on output device
$IPTABLES -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE

/etc/init.d/sshd restart
/sbin/service httpd status

/sbin/service mysqld status
/sbin/service radiusd status
/sbin/service chilli status
sh /etc/firewall.iptables
/sbin/service chilli reload
# shutdown -r now

IP Address chillispot logfile
# tail -f /var/log/messages

* ip chillispot dhcpd
Oct 7 00:15:54 localhost yum: Installed: net-snmp - 1:5.3.2.2-9.el5_5.1.i386

Oct 7 00:15:55 localhost yum: Installed: net-snmp-utils - 1:5.3.2.2-9.el5_5.1.i386
Oct 7 00:15:55 localhost yum: Installed: libtool-ltdl - 1.5.22-7.el5_4.i386
Oct 7 00:15:57 localhost yum: Installed: freeradius - 1.1.3-1.6.el5.i386
Oct 7 00:21:39 localhost yum: Installed: freeradius-mysql - 1.1.3-1.6.el5.i386
Oct 7 00:41:20 localhost kernel: tun: Universal TUN/TAP device driver, 1.6
Oct 7 00:41:20 localhost kernel: tun: (C) 1999-2004 Max Krasnyansky <maxk@qualcomm.com>
Oct 7 00:41:20 localhost chillispot[16797]: ChilliSpot 1.1.0. Copyright 2002-2005 Mondru AB. Licensed under
GPL. See http://www.chillispot.org for credits.
Oct 7 00:41:20 localhost kernel: ADDRCONF(NETDEV_CHANGE): tun0: link becomes ready
Oct 7 00:41:20 localhost kernel: e100: eth1: e100_watchdog: link up, 100Mbps, full-duplex
* ip chillispot dhcpd
Oct 6 07:21:48 localhost smartd[5688]: Monitoring 1 ATA and 0 SCSI devices
Oct 6 07:21:48 localhost smartd[5690]: smartd has fork()ed into background mode. New PID=5690.
Oct 6 07:24:00 localhost chillispot[5566]: chilli.c: 3759: Successful UAM login from username=test IP=10.0.0.13
Oct 6 07:24:19 localhost chillispot[5566]: chilli.c: 3823: Received UAM logoff from username=test IP=10.0.0.13
Oct 6 07:24:21 localhost chillispot[5566]: chilli.c: 3823: Received UAM logoff from username=test IP= 10.0.0.13
Oct 6 07:26:30 localhost chillispot[5566]: chilli.c: 3823: Received UAM logoff from username=test IP=10.0.0.13
Oct 6 08:21:44 localhost chillispot[5566]: chilli.c: 1086: Rereading configuration file and doing DNS lookup
Oct 6 08:29:58 localhost init: Trying to re-exec init
ip
# ifconfig
Eth0 Link encap:Ethernet HWaddr E0:CB:4E:C3:0C:6D
inet addr:192.168.1.100 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::e2cb:4eff:fec3:c6d/64
Scope:Link
RX packets:51720 errors:0 dropped:2874486993 overruns:0 frame:0 TX packets:32891 errors:0 dropped:0
overruns:0 carrier:0
RX bytes:64781574 (61.7 MiB) TX bytes:3079053 (2.9 MiB) Interrupt:177 Base address:0x2000
Eth1 Link encap:Ethernet HWaddr 00:06:29:89:E5:9C active inet6 addr:
fe80::206:29ff:fe89:e59c/64 Scope:Link
UP BROADCAST RUNNING MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:2 errors:0 dropped:0 overruns:0 carrier:0
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
# tun0 eth1 2
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00

inet addr:10.0.0.1 P-t-P:10.0.0.1 Mask:255.255.255.0
UP POINTOPOINT RUNNING MTU:1500 Metric:1
logout IP Gateway Server

# cd /var/www/html/
# rm -rf index.html
# nano index.html
<META HTTP-EQUIV="Refresh" CONTENT="0;URL=redirect_logoff.php">

# nano redirect_logoff.php
<?php
print "<META HTTP-EQUIV='Refresh'

CONTENT='0;URL=http://".$_SERVER["SERVER_ADDR"].":3990/logoff'>";
?>
copy phpwifi admin

# cp /var/www/html/index.html /var/www/html/phpwifi/
# cp /var/www/html/redirect_logoff.php /var/www/html/phpwifi/

Open web browser
dhcp chillispot server
login Server Squid Proxy Server

Config squid.conf error!
Config Squid Proxy Server ...
Logout Users
User Gateway Server URL WebBrowser Users
Logout
kick
users online
[* kill * ]
kick users coaport 3779 ChilliSpot
-- Redirect Login popup

checkout admin kick users
*
User
0000-00-00 ()
Login
2050-01-01 ( )
kill users users Online Server Restart

Server Kill Users
#clear users radiusd for starting

php /var/www/html/phpwifi/admin/del_user_remain.php
* php Command line

php command line
# php /var/www/html/phpwifi/admin/del_user_remain.php

# php /var/www/html/phpwifi/admin/del_user_remain.php

Failed loading /usr/local/lib/ioncube/ioncube_loader_lin_ 5.0.so:
undefined symbol: _zval_copy_ctor
/usr/local/lib/ioncube/ioncube_loader_lin_ 5.0.so:
module php Page Down

# nano /etc/php.ini
# ( )
#zend_extension=/usr/local/lib/ioncube/ioncube_loader_lin_5.0.so
# shutdown -r now
* + Administrator
Admin Password
Administrator
Users ...
session[username] session[password] index.php login Administrator

Login Administrator password
Administrator Login
Login Users Internet
( Administrator )
session[username] session[password] users password
Administrator
Administrator
... session[username] session[password] users
Username Password Administrator Password
..
... Logout Administrator
* Login Administrator Password
... Administrator Save ...

Administrator
... Users ... ..
.
..
contra
[ ]
* Users Password
Server IP address internet

IP address Server IPaddress
web browser Administrator

IP address Gateway Server

http://<IP-SERVER>/phpwifi/admin/password.php
-:- -:- 
1. . ..2550 
2. 
3. <a href="http://10.0.0.1/phpwifi/admin/password.php">
</a> 
4. <a href="http://10.0.0.1/phpwifi/admin/register.php"></a>

Squid Proxy Server

# yum -y install squid
Updating:
squid i386 7:2.6.STABLE21-6.el5 base 1.3 M Transaction Summary
Update 1 Package(s)
Remove 0 Package(s)
Is this ok [y/N]: y
(1/1): squid-2.6.STABLE21 100% |=========================| 1.3 MB
00:03
Running Transaction
Test Finished Transaction
Test Transaction
Test Succeeded
Running Transaction
Updating : squid ######################### [1/2]
Cleanup : squid ######################### [2/2]
Updated: squid.i386 7:2.6.STABLE21-6.el5
Complete!
* Squid Proxy config random squid

config
config squid proxy
* squid proxy version
.. squid proxy ..
squid
package squid proxy ,Config terminal
# yum -y remove squid
# yum -y install squid
---- > squid
Setup a transparent proxy with Squid

proxy
# cd /tmp/temp
# wget http://download559.mediafire.com/ldbd28rc3mig/ki3gn8rnfrnw4kc/squid.conf
# cd /etc/squid/
# mv squid.conf squid.conf.org
# cp /tmp/temp/squid.conf ./
# chmod 640 squid.conf

# chown root:squid squid.conf
# ls -l squid.conf
-rw-r----- 1 root squid 156692 Mar 6 19:27 squid.conf
#cd /etc/squid/
# nano squid.conf
http_port 3128 transparent

http_port 127.0.0.1:3128 transparent
# nano +15 squid.conf
maximum_object_size 250 MB ==> server

maximum_object_size_in_memory 1 MB
cache_dir ufs /var/spool/squid 2048 16 256

HDD + Ram 2048 ( MB) = 2Gb
Server Server bandwidth
***
2
Authen tun0 eth1 -> 10.0.0.1
DHCP IP Authen eth2 -> 10.10.10.1 Ip subnet
Class Class
acl webconfig_lan src 10.0.0.0/24
10.10.10.0/24
acl webconfig_to_lan dst 10.0.0.0/24
10.10.10.0/24
ip 10.10.10.0/24
firewall.iptable
3 start dhcp service 3
#Allow related and established from $INTIF. Drop everything else.
$IPTABLES -A INPUT -i $eth2 -j DROP
# Drop everything to and from $eth2 (forward)
# This means that access points can only be managed from ChilliSpot
$IPTABLES -A FORWARD -i $eth2 -j DROP
$IPTABLES -A FORWARD -o $eth2 -j DROP
## Squid Proxy Allow transparent
$IPTABLES -t nat -A PREROUTING
proxy for ETH2

-i eth2 -p tcp -m
-i eth2 -p tcp -m
-i eth2 -p tcp -m
-i eth2 -p tcp -m
-i eth2 -p tcp -m
-i eth2 -p tcp -m
tcp
tcp
tcp
tcp
tcp
tcp
--dport 3128 --syn -j DROP

-d 10.10.10.0/24 --dport 80 -j RETURN
-d 10.10.10.0/16 --dport 80 -j RETURN
-d 10.10.10.0/8 --dport 80 -j RETURN
-d 127.0.0.0/8 --dport 80 -j RETURN
--dport 80 -j REDIRECT --to-ports 3128
ifconfig 2
eth0 Link encap:Ethernet
HWaddr 00:E0:4C:00:21:31
inet addr:192.168.1.100 Bcast:192.168.1.255
Mask:255.255.255.0
inet6 addr: fe80::2e0:4cff:fe00:2131/64 Scope:Link

RX bytes:5289076 (5.0 MiB) TX bytes:7289875 (6.9 MiB)
Interrupt:11 Base address:0x8000
eth1 Link encap:Ethernet
HWaddr 00:02:A5:BB:15:49
inet6 addr: fe80::202:a5ff:febb:1549/64 Scope:Link

RX bytes:374039 (365.2 KiB) TX bytes:1730496 (1.6 MiB)
Eth2 Link encap:Ethernet
HWaddr 00:12:F0:06:8A:54

inet6 addr: fe80::212:f0ff:fe06:8a54/64 Scope:Link
RX bytes:1437845 (1.3 MiB) TX bytes:9611559 (9.1 MiB)
Interrupt:11 Base address:0xa000 Memory:40000000-40000fff
Lo Link encap:Local Loopback
inet addr:127.0.0.1
Mask:255.0.0.0

tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.0.0.1 P-t-P:10.0.0.1
Mask:255.255.255.0
UP POINTOPOINT RUNNING MTU:1500 Metric:1

RX bytes:321286 (313.7 KiB) TX bytes:1699711 (1.6 MiB)
# cd /etc/squid/
>>>File Block Ports
acl SSL_ports port "/etc/squid/blockportsSSL.txt"

acl Safe_ports port "/etc/squid/blockports.txt"
acl CONNECT method CONNECT
>>>File Block IP
acl blockip src "/etc/squid/blockip.txt"

acl blockmac arp "/etc/squid/blockmac.txt"
>>>File Block Time to- Time
acl daytime time "/etc/squid/blocktime.txt"

acl blockurl_time url_regex "/etc/squid/blocktime_url.txt"
>>>File Block Time to- Time And GroupIP
acl grouptime time "/etc/squid/blocktime_gip.txt"

acl groupip src "/etc/squid/blocktime_groupip.txt"
>>>File Block Files -to- GroupsIP
acl blockfiles url_regex -i "/etc/squid/blockfiles.txt"

acl fgroupIP src "/etc/squid/blockfiles_groupip.txt"
>>>File Block Time to- GroupUsers
acl groupuserstime time "/etc/squid/phpwifi/blocktmac_time.txt"

acl groupusersip src "/etc/squid/phpwifi/blocktime_ipmac.txt"
>>>File Block Web to- GroupUsers
acl groupusersweb url_regex "/etc/squid/phpwifi/blockweb_group.txt"

acl webgroupusersip src "/etc/squid/phpwifi/blockweb_ipmac.txt"
>>>File Traffic Delay Pools
#Squid Delay Pools

acl localnet url_regex -i "/etc/squid/traffic/flocalnet.txt"
acl download_files url_regex -i "/etc/squid/traffic/fdownload_files.txt"
acl unlimit_bandwidth time "/etc/squid/traffic/funlimit_bandwidth.txt"
acl update_files url_regex -i "/etc/squid/traffic/fupdate_files.txt"

>>>File Traffic Delay Pools
# Delay Pools Setup

delay_pools 3
delay_class 1 2
delay_parameters 1 -1/-1 -1/-1
delay_access 1 allow localnet
delay_access 1 allow !unlimit_bandwidth
delay_access 1 deny unlimit_bandwidth
delay_class 2 2
delay_parameters 2 256000/256000 128000/128000
delay_access 2 allow update_files
delay_class 3 2
delay_parameters 3 256000/256000 128000/128000
delay_access 3 allow download_files
>>>Block Ports
http_access deny Safe_ports

http_access deny CONNECT SSL_ports
>>>Block URL & Files
http_access deny blockx

>>> blockx.txt
http_access deny blacklist_files
>>> blacklist_files files.txt
>>>Block IP
http_access deny blockip

http_access deny blockmac
>>>Block Time to- Time
http_access deny daytime blockurl_time

>>>Block Time to- Time And GroupIP
http_access deny grouptime groupip
http_access deny blockfiles fgroupIP

http_access deny groupuserstime groupusersip

http_access deny groupusersweb webgroupusersip

http_access allow manager LOCALHOST_SAVE

http_access allow LOCALHOST_SAVE
http_access allow LAN_PROXY_SAVE

http_reply_access allow LAN_PROXY_SAVE
access_log /var/log/squid/access.log squid
>>>Block Files -to- GroupsIP
>>>Block Time -to- GroupsUsers
>>>Block Web -to- GroupsUsers
>>>IP Subnet transparent
>>>SaveProxy ,Block Hacked
>>>Access logfile to Harddisk
Squid Proxy Server Config

# touch blockx.txt files.txt
>>>Make File Block URL & Files
# touch fblockhackLAN.txt fblockhackHOST.txt
>>>Make File SaveProxy ,Block Hacked
# touch blockx.txt files.txt
>>>Make File Block URL & Files
# touch blockportsSSL.txt blockports.txt
>>>Make File Block Ports
# touch blockip.txt blockmac.txt
>>>Make File Block IP
# touch blocktime.txt blocktime_url.txt
>>>Make File Block Time
# touch blocktime_gip.txt blocktime_groupip.txt
>>>Make File Block Time GroupIP
# touch blockfiles.txt blockfiles_groupip.txt
>>>Make File Block Files -to- GroupsIP
# mkdir /etc/squid/traffic
>>>Make folder traffic
# touch /etc/squid/traffic/fdownload_files.txt
>>>Make File to folder traffic
# touch /etc/squid/traffic/flocalnet.txt
# touch /etc/squid/traffic/funlimit_bandwidth.txt
# touch /etc/squid/traffic/fupdate_files.txt
# mkdir /etc/squid/phpwifi
>>>Make folder Block Time-to-GroupUsers
# touch /etc/squid/phpwifi/blocktmac_time.txt
>>>Make File Block Time-to-GroupUsers
# touch /etc/squid/phpwifi/blocktime_ipmac.txt
>>>Make File Block Time-to-GroupUsers
# touch /etc/squid/phpwifi/blockweb_group.txt
>>>Make File Block Web-to-GroupUsers
# touch /etc/squid/phpwifi/blockweb_ipmac.txt
>>>Make File Block Web-to-GroupUsers
# chmod 777 /etc/squid/*.txt

# chmod 644 /etc/squid/mib.txt
# chmod 777 /etc/squid/traffic/*.txt
# chmod 777 /etc/squid/phpwifi/*.txt
...
# cd /etc/squid/
# echo "http://www.sex.com" > blockx.txt
# echo "\.Torrent" > files.txt
# echo "\.mp3" >> files.txt
# echo "10.0.0.0/24" > fblockhackLAN.txt
# echo "127.0.0.1" > fblockhackHOST.txt
# echo "442" > blockportsSSL.txt
# echo "15-79" > blockports.txt
# echo "82" >> blockports.txt
# echo "10.0.0.19-10.0.0.55" > blockip.txt
# echo "10.0.0.199" >> blockip.txt
# echo "00:01:03:44:A3:09" > blockmac.txt
# echo "11:00-12:00" > blocktime.txt
# echo "www.msn.com" > blocktime_url.txt
# echo "09:00-11:40" > blocktime_gip.txt
# echo "10.0.0.25-10.0.0.29" > blocktime_groupip.txt
# echo "\.zip" > blockfiles.txt
# echo "10.0.0.11-10.0.0.199" > blockfiles_groupip.txt
# echo "\.exe" > traffic/fdownload_files.txt
# echo "\.rar" >> traffic/fdownload_files.txt
# echo "localhost" > traffic/flocalnet.txt
# echo "127.0.0.1/8" >> traffic/flocalnet.txt
# echo "07:00-18:00" > traffic/funlimit_bandwidth.txt
# echo "\.com" > traffic/fupdate_files.txt
# echo "\.msi" >> traffic/fupdate_files.txt
# echo "\.exe" >> traffic/fupdate_files.txt
# echo "07:00-18:00" > phpwifi/blocktmac_time.txt
# echo "10.0.0.254" > phpwifi/blocktime_ipmac.txt
# echo "http://www.xxx.com" > phpwifi/blockweb_group.txt
# echo "10.0.0.254" > phpwifi/blockweb_ipmac.txt
# touch clearsq.sh
# chmod 4755 clearsq.sh
# ls -l clearsq.sh
-rwsr-xr-x 1 root root 775 Mar 20 16:20 clearsq.sh
# nano clearsq.sh

#!/bin/sh
#
# This script will be executed *after* all the other init scripts.
# You can put your own initialization stuff in here if you don't
# want to do the full Sys V style init stuff.
rm -rf /var/log/squid/access.log
rm -rf /var/log/squid/cache_access.log
rm -rf /var/log/squid/cache.log
rm -rf /var/log/squid/store.log
#rm -rf /var/log/squid/swap.log
touch /var/log/squid/access.log
touch /var/log/squid/cache_access.log
touch /var/log/squid/cache.log
touch /var/log/squid/store.log
#touch /var/log/squid/swap.log
chown squid:squid /var/log/squid/*
chmod 755 /var/log/squid/access.log
chmod 755 /var/log/squid/cache_access.log
chmod 755 /var/log/squid/cache.log
chmod 755 /var/log/squid/store.log
#chmod 755 /var/log/squid/swap.log
/etc/rc.d/init.d/squid reload
logfile squid proxy

( )
# nano /etc/crontab
0 0 * * * /etc/squid/clearsq.sh
crontab run-time
# crontab -e
0 0 * * * /etc/squid/clearsq.sh
logfile Squid Proxy Logfile

Web Application
# touch /var/log/squid/access.log
# touch /var/log/squid/cache_access.log
# touch /var/log/squid/cache.log
# touch /var/log/squid/store.log
# chown -R squid:squid /var/log/squid/
# chmod -R 755 /var/log/squid/
# cd /etc/squid/
#
# redirect_program /usr/bin/squidGuard
# redirect_children 5
# squid -zD
2011/03/11 06:53:40| Creating Swap Directories
start squid error! .. Authen
Config Squid Proxy
# /etc/rc.d/init.d/squid start
Starting squid: .
[ OK ]
# chkconfig squid on
# ps -ef|grep squid
root 12946 1 0 06:53 ? 00:00:00 squid -D
squid 12948 12946 0 06:53 ? 00:00:00 (squid) -D
squid 12949 12948 0 06:53 ? 00:00:00 (unlinkd)
root 13119 7255 0 07:06 pts/2 00:00:00 grep squid
Stopping crond:
Starting crond:
[ OK ]
[ OK ]
FIREWALL IPTABLES SQUID transparent

# nano /etc/firewall.iptables
IP Subnet
127.0.0.0/8 Loopback
## Squid Proxy Allow transparent proxy
## Squid Proxy Allow transparent proxy for Tun0
$IPTABLES -t nat -A PREROUTING -i tun0 -p tcp -m tcp --dport 3128 --syn -j DROP
$IPTABLES -t nat -A PREROUTING -i tun0 -p tcp -m tcp -d 10.0.0.0/24 --dport 80 -j RETURN
$IPTABLES -t nat -A PREROUTING -i tun0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128
*** 2
Authen tun0 eth1 -> 10.0.0.1
DHCP IP Authen eth2 -> 10.10.10.1
Ip subnet Class Class
*
## Squid Proxy Allow transparent proxy DHCP
$IPTABLES -t nat -A PREROUTING -i eth2 -p tcp -m tcp --dport 3128 --syn -j DROP
$IPTABLES -t nat -A PREROUTING -i eth2 -p tcp -m tcp -d 10.10.10.0/24 --dport 80 -j RETURN
$IPTABLES -t nat -A PREROUTING -i eth2 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128
firewall
# sh /etc/firewall.iptables
check squid
# tail -f /var/log/squid/access.log
list
2011-03-11 07:16:11 135 10.0.0.14 TCP_MISS/200 561 GET http://www.thaibsd.com/webboard/pic/cam.gif -DIRECT/203.113.115.161 image/gif
2011-03-11 07:16:11 142 10.0.0.14 TCP_MISS/200 2655 GET http://www.thaibsd.com/webboard/pic/avartar/42.gif -DIRECT/203.113.115.161 image/gif
2011-03-11 07:16:12 663 10.0.0.14 TCP_MISS/200 668 GET http://www.thaibsd.com/webboard/pic/pin_topic.gif -DIRECT/203.113.115.161 image/gif
PHPwifi Squid Proxy Server

Squid Proxy Users PHPwifi

phpwifisquidproxy.php

admin BlockTimeGroupUsers
save!
admin Confirm Cancel
Confirm !
sourcecode
Terminal php
# php /var/www/html/phpwifi/admin/phpwifisquidproxy.php
terminal
----- PHPwifi 1.0 >> phpwifisquidproxy.php ?Process Users Success! ---- ... ..
*

PHP Notice: Trying to get property of non-object in /var/www/html/phpwifi/admin/phpwifisquidproxy.php on line 47
2011/04/26 23:54:43| aclParseAclLine: WARNING: empty ACL: acl webgroupusersip src
"/etc/squid/phpwifi/blockweb_ipmac.txt"
----- PHPwifi 1.0 >> phpwifisquidproxy.php ?Process Users Success! -----[root@wifi ~]#
non-object
SQL Users Users
ipaddr
----- PHPwifi 1.0 >> phpwifisquidproxy.php ?Process Users Success! -----[root@wifi ~]#
BlockTime BlockWEB ..
Timer PHPwifi Squid Proxy 1

Terminal
# nano /etc/crontab
*/1 * * * * php /var/www/html/phpwifi/admin/phpwifisquidproxy.php
Timer Runtime
# crontab -e
*/1 * * * * php /var/www/html/phpwifi/admin/phpwifisquidproxy.php
Esc
:wq!
Timer Squid Reload

Config Admin
.. Squid Proxy CPU Delay
admin
IPaddress
.. IP
*
... Refresh
Shell Script 1

Users
Users .. IP
+
list

* logout

....[ OK ]
Web browser Administrator

Squid

URL www.sex.com
web
Squid
Message
download
download \.mp3
URL
http://www.4shared.com/get/QwmunnRs/0052-__-__.html
web
Chillispot
* ProcessID + Chillispot Balance Proxy Server
+ #
proxylisten 10.0.0.1
-> 10.0.0.1 gateway
+ #
proxyport 3128
-> port squid proxy
+ #
proxyclient 10.0.0.0/24
-> IPsubnet
+ #
proxysecret testing123
-> secret = testing123 /etc/raddb/clients.conf
restart service chilli
# /etc/rc.d/init.d/chilli restart
Error!.......
Root Alias Squid Proxy

Webmin PHPwifi
Re-configuration Graphics
port Admin
port 10000 firewall.iptable
# nano +57 /etc/firewall.iptables
#Allow http and https on other interfaces (input).
#This is only needed if authentication server is on server as chilli

start firewall
# sh /etc/firewall.iptables
Webmin System root alias

# cd /tmp/temp/
# wget http://download1081.mediafire.com/05mb818102og/w48ft3tocb973f5/webmin-1.520-1.noarch.rpm
# rpm -Uvh webmin-1.520-1.noarch.rpm
warning: webmin-1.520-1.noarch.rpm: Header V3 DSA signature: NOKEY, key ID
11f63c51 Preparing... ################################# [100%]
Operating system is CentOS Linux 1:webmin
################################# [100%] Webmin install complete.
You can now login to https://localhost:10000/ as root with your root password.
webmin output https:// apache
ssl
Open web browser
https://ip-server:10000
Username = Server root

Password = Server Login Server
* [ ] Remember login permanently? Keys
*
output Webmin 2
Apache service apache
ssl https:// Port 443
mod_ssl default http
User admin passwd Server
webmin apache
# rpm -Uvh webmin-1.520-1.noarch.rpm
warning: webmin-1.520-1.noarch.rpm: Header V3 DSA signature: NOKEY, key ID
11f63c51 Preparing... ################################# [100%]
Operating system is CentOS Linux 1:webmin
################################# [100%] Webmin install complete.
You can now login to http://localhost:10000/ as root with your root password.
------------------------------User = admin
Password = password root server
https//localhost:10000 PHPwifi HTTPS
Apache SSL Remove webmin Install HTTPS
* Webmin HTTP
HTTP HTTPS
( HTTPS Apache port 443 SSL
HTTPS Apache )
* Config Command line
Terminal
# nano +11 /etc/webmin/miniserv.conf
ssl=0
-> port 80 http
ssl=1
-> port 443 https
# /etc/rc.d/init.d/webmin restart
Stopping Webmin server in /usr/libexec/webmin
Starting Webmin server in /usr/libexec/webmin
Pre-loaded WebminCore
Web URL https://localhost:10000

* Config HTTP HTTPS WebGUI
Web browser Webmin
You can now login to http://localhost:10000/ as root with your root password.
Webmin
--> Webmin Configuration
--> SSL Encryption
Enable SSL if available? --> Yes
Save
Webmin URL HTTPS

port 443 SSL ~!
Webmin port 443 SSL HTTPS
==> Config WEBmin Into Support PHPwifi 1.0

* Balance
Config Webmin web browser
URL address Webmin
Terminal
# nano /etc/webmin/config
referers_none=1
referers_none=0
# /etc/rc.d/init.d/webmin restart
Stopping Webmin server in /usr/libexec/webmin
Starting Webmin server in /usr/libexec/webmin
Pre-loaded WebminCore
***Plugin Webmin + PHPwifi 1.0

pack Java Web browser Function
Web Administrator
*** Plugin JAVA Web Browser
*PHPwifi Web browser Windows Plugin Java Admin

http://www.mediafire.com/?8c1acwh2cd12zb1
download java
https://cds.sun.com/is-bin/INTERSHOP.enfinity/WFS/CDS-CDS_Developer-Site/en_US/-/USD/ViewProductDetailStart?ProductRef=jdk-6u24-oth-JPR@CDS-CDS_Developer
Web browser Administrator

Webmin PHPwifi
Squid proxy reload Index PHPwifi URL
config Squid WebGUI

Webmin WebGUI Webmin
Block web PHPwifi
Webmin squid -k reconfigure
URL www.google.co.th save
URL www.google.co.th
* www.google.co.th
www.google.co.th
* Squid proxy
path
# cd /etc/squid/errors/
# ls -l
* Web page Squid Proxy
ERR_DNS_FAIL
# nano /etc/squid/errors/ERR_DNS_FAIL
* Start Stop service Squid Proxy

Save squid -k reconfigure webmin

webmin
+ Squid proxy
webmin reload .. show

$reload_squid = 'https://'.$_SERVER["SERVER_ADDR"].':10000/squid/restart.cgi"';
?>
<iframe src="<?echo $reload_squid?>" frameborder="0" scrolling="no" width="650" height="0" ></iframe>
<?

error command line squid proxy server
internet
web browser administrator
Systems Root alias
Squid proxy reload
* 2

squid proxy
... !
Squid proxy server
Start Stop Service Squid Proxy
Module Index ( WEB GUI ) Squid proxy server

...
Start service Squid proxy server
Module Index
Index Squid proxy server
Start Squid
Index
Squid proxy server

squid proxy package squid proxy server
...
Squid proxy server

Squid function Delay pools
LOG File ... 2550

Logfile
Lightsquid Users
# cd /tmp/temp
# wget http://download1080.mediafire.com/ptub9upmr0sg/8qd5ez9a3l56qzg/perl-GD-2.30-2.2.el5.rf.i386.rpm
# rpm -Uvh perl-GD-2.30-2.2.el5.rf.i386.rpm
Preparing... ################################ [100%]
1: perl-GD ################################ [100%]
# wget http://download1074.mediafire.com/q48l393kjegg/ity6682g4gpn3vo/lightsquid.tar
# tar -xvf lightsquid.tar
# rm -rf /var/www/html/phpwifi/admin/lightsquid
# mv lightsquid /var/www/html/phpwifi/admin/
# chown -R root:apache /var/www/html/
<Directory "/var/www/cgi-bin">
<Directory "/var/www/html/phpwifi/admin/">
AllowOverride All
Options None
Order allow,deny
Allow from all
</Directory>
# cd /var/www/html/phpwifi/admin/lightsquid/
# chmod +x *.cgi
# chmod +x *.pl
# nano +12 lightsquid.cfg

path Lightsquid
# -------------------- GLOBAL VARIABLES --------------------------#path to additional `cfg` files
$cfgpath
="/var/www/html/phpwifi/admin/lightsquid";
#path to `tpl` folder
$tplpath
="/var/www/html/phpwifi/admin/lightsquid/tpl";
#path to `lang` folder
$langpath
="/var/www/html/phpwifi/admin/lightsquid/lang";
#path to `report` folder
$reportpath
="/var/www/html/phpwifi/admin/lightsquid/report";
#path to access.log
$logpath
="/var/log/squid/";
#path to `ip2name` folder
$ip2namepath ="/var/www/html/phpwifi/admin/lightsquid/ip2name";
# nano realname.cfg
IP ( IP )
10.0.0.1
apache
# ./check-setup.pl
LightSquid Config Checker, (c) 2005-9 Sergey Erokhin GNU GPL
WARNING:Log format Look like CUSTOM log, Lightsquid can't parse this format! Please check documentation !
Invalid access.log format or can't check format type ...
Warning lightsquid
log file Harddisk lightsquid
# ./lightparser.pl &
[1] 13582
/var/www/html/phpwifi/admin/lightsquid/check-setup.pl start
/var/www/html/phpwifi/admin/lightsquid/lightparser.pl start
refresh 55
# crontab -e
Editor vi
Insert I
copy
*/55 * * * * /var/www/html/phpwifi/admin/lightsquid/lightparser.pl today
Esc
Shift : w q ! -
:wq!
Enter !

# nano /etc/crontab
*/55 * * * * /var/www/html/phpwifi/admin/lightsquid/check-setup.pl today

*/55 * * * * /var/www/html/phpwifi/admin/lightsquid/lightparser.pl today
*/55 * * * * /var/www/html/phpwifi/admin/lightsquid/common.pl today
1 squid proxy access log file

harddisk lightsquid harddisk show web browser
Stopping crond:
Starting crond:
[ OK ]
[ OK ]
Web browser Admin Lightsquid Log
SquidGuard
# cd /tmp/temp/
# wget http://download680.mediafire.com/ba3ugrnggghg/it0qhuqiilnpkpc/squidguard-1.2.0-2.2.el5.rf.i386.rpm
# rpm -Uvh squidguard-1.2.0-2.2.el5.rf.i386.rpm
warning: squidguard-1.2.0-2.2.el5.rf.i386.rpm: Header V3 DSA signature: NOKEY, key ID 6b8d79e6
Preparing... ################################### [100%]
1:squidguard #################################### [100%]
# cd /etc/squid/
# ls -l squidguard.conf
squidguard.conf squidguard Squid
-rw-r--r-- 1 root root 1275 Mar 23 21:33 squidguard.conf
#
#redirect_program /usr/bin/squidGuard
#redirect_children 5
redirect_program /usr/bin/squidGuard
redirect_children 5
# mkdir /var/log/squidguard/db
# mkdir /var/log/squidguard/log
# nano +32 squidguard.conf
ip
1.2.3.4 1.2.3.5
ip
127.0.0.1
ip
172.16.2.32-172.16.2.100 172.16.2.100 172.16.2.200
ip
10.0.0.1
ip
172.16.4.0/26
ip
10.0.0.0/24
# /etc/rc.d/init.d/squid restart
Stopping squid: ....
Starting squid: .
[ OK ]
[ OK ]
squidguard squid proxy

# ps -ef |grep squid
root 8046 1 0 21:50 ? 00:00:00 squid -D
squid 8048 8046 0 21:50 ? 00:00:00 (squid) -D
squid 8050 8048 0 21:50 ? 00:00:00 (squidGuard)
squid 8055 8048 0 21:50 ? 00:00:00 (unlinkd)
root 8088 7680 0 21:51 pts/1 00:00:00 grep squid
MAC Allow 2
1
mac address
2
1 2 users
users mac allow 2

Mac allow message 2 step
* users vip mac allow users
link users vip mac allow enjoy!

no! service! Capture
function Cap
register portsproDB 1 15 table
Register 2 package
Squid Proxy Server

squid proxy
script
PHPwifi
firewall.iptable
samba
< >
2

Manual - LinuxCentOS - 5-การพิสูจนตัวตน - Authentication -

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Manual - LinuxCentOS - 5-การพิสูจนตัวตน - Authentication -

Uploaded by

Copyright:

Available Formats

(Authentication)

Secure Socket Layer

CentOS Community ENTerprise Operating System

linux text ENTER CentOS 5.5 Text MODE

Partition CentOS Partition

Partition Yes Enter

Memory RAM Spec

Boot Loader Configuration OK Enter

GRUB Boot Loader TAB OK Enter

Boot Loader Partition TAB OK Enter

Boot Loader Sector

Network Configuration eth0 : UNCONFIGURED

eth0 Activate on boot Boot

IP Address eth0 Manual address configuration

IP Address : 192.168.1.100 ==> IP Router Internet

Config eth0 TAB OK Enter

Gateway : 192.168.1.1 ==> Gateway Router

[*] Administration Tools <- X-Window

[*] DNS Name Server

[*] FTP Server TAB OK Enter

[*] Legacy Network Server TAB OK Enter

[*] Mail Server

[*] Printing Support TAB OK Enter

[*] Text-based Internet

[*] [*] Customize software selection

Spacebar Arrow Package

firewall firewall config file server package

Firewall configuration ==> Disable

TAB OK ==> enter

Lan Card 2 1 ADSL 2

config network card terminal

Package Server update (--)

*/10 * * * * /usr/sbin/ntpdate -u pool.ntp.org

*/10 * * * * /usr/sbin/ntpdate -u pool.ntp.org

# yum -y install httpd httpd-manual mod_ssl mod_perl

Open web browser 2 -> http https

# nano +355 /etc/httpd/conf/httpd.conf

#AddHandler cgi-script .cgi

AddHandler cgi-script .cgi

# nano +265 /etc/httpd/conf/httpd.conf

DirectoryIndex index.html index.html.var

DirectoryIndex index.html index.html.var index.htm index.php

Installing MySQL 5.0

**Installing PHP5 And Getting MySQL Support In PHP5 All Extended

<? phpinfo(); ?>

Open web browser

compile PHP compile *

Open web browser

$cfg['blowfish_secret'] = ''; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */

Open web browser

forward port rounter package

# echo "1" > /proc/sys/net/ipv4/ip_forward

config php.ini web browser

Import table backup

* Add Group Users

windows server windows

( MySQL /etc/php.ini register_globals = On )

Admin Login Username ,Password

( Admin Login LogOut Session

# yum -y install freeradius

# radtest Server Server 127.0.0.1 0 testing123 Username

# radtest root rootadmin localhost 0 testing123

FreeRadius MySQL Server

[] [] Customize software selection

/10 * * * /usr/sbin/ntpdate -u pool.ntp.org

/10 * * * /usr/sbin/ntpdate -u pool.ntp.org