Welcome to Scribd!

Skip carousel

Quid + WCCP Https HTTP Transparent Proxy

Uploaded by

UNBK support

0% found this document useful (0 votes)

67 views4 pages

quid + wccp = https http transparent proxy

Original Title

quid + wccp = https http transparent proxy

Copyright

Available Formats

PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Report this Document

quid + wccp = https http transparent proxy

Copyright:

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

0% found this document useful (0 votes)

67 views4 pages

Quid + WCCP Https HTTP Transparent Proxy

Uploaded by

UNBK support

quid + wccp = https http transparent proxy

Copyright:

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

Jump to Page

You are on page 1of 4

Search inside document

.

/configure --prefix=/usr/local/squid --enable-wccpv2 --enable-ssl --enable-delay-pools --enable-

snmp --enable-err-language=Traditional_Chinese --enable-gnuregex --enable-cache-digests --
enable-async-io=40 --enable-poll --enable-kill-parent-hack --disable-ident-lookups --enable-removal-
policies='lru heap' --enable-storeio='ufs aufs diskd' --enable-auth --enable-basic-auth-helpers=LDAP
--enable-ntlm-auth-helpers=SMB --enable-useragent-log --enable-referer-log --enable-linux-netfilter -
-enable-ssl-crtd --with-default-user=squid

make all

make install

useradd squid

chown -R squid:squid /usr/local/squid/var/logs

/usr/local/squid/sbin/squid -z

cd /usr/local/squid

mkdir ssl_cert

cd ssl_cert

openssl req -new -newkey rsa:1024 -days 36500 -nodes -x509 -keyout proxyCA.pem -out
proxyCA.pem

echo "1" into /proc/sys/net/ipv4/ip_forward

mkdir /usr/local/squid/var/lib

/usr/local/squid/libexec/ssl_crtd -c -s /usr/local/squid/var/lib/ssl_db -M 400MB

chown -R squid:squid /usr/local/squid/var/lib/ssl_db/

------------------------------------------------------------------
# in squid.conf - ACL

acl fileupload req_mime_type -i multipart/form-data

acl mailupload req_header Content-Disposition -i attachment
acl dropbox_webupload req_mime_type -i application/octet-stream

acl ssl_broken_sites dstdomain "/usr/local/squid/etc/sslbrokensites"

http_access deny fileupload

http_access deny dropbox_webupload

http_access deny mailupload

http_port 8128

https_port 3127 intercept ssl-bump generate-host-certificates=on

dynamic_cert_mem_cache_size=4MB cert=/usr/local/squid/ssl_cert/proxyCA.pem

http_port 3128 intercept

sslproxy_flags DONT_VERIFY_PEER
sslproxy_cert_error allow ssl_broken_sites
sslproxy_cert_error deny all
ssl_bump none localhost
ssl_bump server-first all

sslcrtd_program /usr/local/squid/libexec/ssl_crtd -s /usr/local/squid/var/lib/ssl_db -M 400MB

sslcrtd_children 25
sslproxy_cafile /etc/pki/tls/certs/ca-bundle.crt

wccp2_router 172.31.4.251
wccp_version 4
wccp2_forwarding_method 1
wccp2_return_method 1
wccp2_assignment_method hash

wccp2_service standard 0
wccp2_service dynamic 70
wccp2_service_info 70 protocol=tcp flags=dst_ip_hash priority=240 ports=443,80
always_direct allow all

access_log stdio:/usr/local/squid/var/logs/access.log
cache_log /usr/local/squid/var/logs/cache.log
logfile_rotate 60
#debug_options ALL,2 ## for debug http traffic

debug_options ALL,1
url_rewrite_children 20

## 3.3+ need it for handle https proxy

## if you donot set it, you will see the re-direct loop error in the browser
request_header_access Via deny all

## squid.conf END

------------------------------------------------------------------
# Save following script to /etc/rc.local

killall -9 squid

/sbin/modprobe ip_gre
/sbin/iptunnel add wccp0 mode gre remote 172.31.8.251 local 172.31.4.2 dev eth0
/sbin/ifconfig wccp0 172.31.4.2 up
/sbin/iptables -t nat -A PREROUTING -i wccp0 -p tcp -m tcp —dport 80 -j REDIRECT —to-ports
3128
/sbin/iptables -t nat -A PREROUTING -i wccp0 -p tcp -m tcp —dport 443 -j REDIRECT —to-ports
3127
ulimit -n 10240
/usr/local/squid/sbin/squid &
------------------------------------------------------------------
# My router is Cisco 2811

en
conf t
ip wccp 70 redirect-list wccp
int f0/0

ip wccp 70 redirect out

exit
ip access-list extended wccp
permit tcp 172.31.0.0 0.0.255.255 any

deny tcp any any

exit
exit

# Router debug
sh ip wccp 70
show ip wccp 70 detail
------------------------------------------------------------------

# linux server debug

tcpdump -i wccp0
tail -f /usr/local/squid/var/logs/cache.log
tail -f /usr/local/squid/var/logs/access.log

iptables -nvL -t nat

OSCP Notes
Document78 pages
OSCP Notes
ralikdgp
100% (3)
Linux PDF
Document48 pages
Linux PDF
Marina Molina Moreno
No ratings yet
Dell Networking Breakout Cable Guide
Document1 page
Dell Networking Breakout Cable Guide
azerty21 Coin
No ratings yet
OSCP Notes
Document78 pages
OSCP Notes
RocKet
100% (1)
Az 500
Document238 pages
Az 500
Anh Nguyễn Thanh
No ratings yet
CISCO PACKET TRACER LABS: Best practice of configuring or troubleshooting Network
From Everand
CISCO PACKET TRACER LABS: Best practice of configuring or troubleshooting Network
Mulayam Singh
No ratings yet
Overview of Some Windows and Linux Intrusion Detection Tools
From Everand
Overview of Some Windows and Linux Intrusion Detection Tools
Dr. Hidaia Mahmood Alassouli
No ratings yet
Marvel Demo
Document11 pages
Marvel Demo
gomathisankar.v1978
100% (1)
Full Ipa Server Client Setup
Document13 pages
Full Ipa Server Client Setup
Sri Waste
No ratings yet
Install Raptor
Document12 pages
Install Raptor
Robert Scott
No ratings yet
Introductn To Ansible
Document21 pages
Introductn To Ansible
Padam Dhami
No ratings yet
EX300 Redhat Exam Prep Cheat Sheet
Document13 pages
EX300 Redhat Exam Prep Cheat Sheet
btkk zztb
No ratings yet
GSM Interference Analysis Huawei
Document35 pages
GSM Interference Analysis Huawei
Maria Luna
100% (1)
Samba4 Comandos 1e2
Document8 pages
Samba4 Comandos 1e2
Theresa Tucker
No ratings yet
High Performance Lusca Squid Proxy Server Ubuntu
Document2 pages
High Performance Lusca Squid Proxy Server Ubuntu
niken29
No ratings yet
Rhel Notes For Rh253
Document27 pages
Rhel Notes For Rh253
jayaraj5382
100% (1)
Squid4 PDF
Document4 pages
Squid4 PDF
smendes30
No ratings yet
Cara Install Lusca - Head r14809 Ubuntu 11.10-Ok
Document13 pages
Cara Install Lusca - Head r14809 Ubuntu 11.10-Ok
Hos Net
No ratings yet
Cara Install Lusca - Head r14809 Ubuntu 11.10-Ok
Document13 pages
Cara Install Lusca - Head r14809 Ubuntu 11.10-Ok
victricia
No ratings yet
Instalacao Server Ubuntu 18 04
Document5 pages
Instalacao Server Ubuntu 18 04
Melhor CS
No ratings yet
INSTALL UBUNTU 20.04.sh
Document4 pages
INSTALL UBUNTU 20.04.sh
Donatien LEBON
No ratings yet
c01804533 2016
Document28 pages
c01804533 2016
GiovaMugnai
No ratings yet
Modul Squid Proxy Server 2
Document20 pages
Modul Squid Proxy Server 2
nasrunmc
No ratings yet
Squid Proxy
Document11 pages
Squid Proxy
War Tzoe Net
No ratings yet
Configuring Transparent Web Proxy Using Squid 2
Document4 pages
Configuring Transparent Web Proxy Using Squid 2
agunggumilar
No ratings yet
Anil Dollor - Install Kannel On Ubuntu v18
Document10 pages
Anil Dollor - Install Kannel On Ubuntu v18
zakaria abbadi
No ratings yet
Proxy Transparente 111
Document2 pages
Proxy Transparente 111
Carlos Ruiz
No ratings yet
Navicli Commands
Document3 pages
Navicli Commands
taichiguan
No ratings yet
Bismillah 1
Document2 pages
Bismillah 1
Zaskyah Yasin
No ratings yet
Linux SAN Related Commands
Document7 pages
Linux SAN Related Commands
Shashi Kanth
No ratings yet
Configuration
Document7 pages
Configuration
Pratik Sanas
No ratings yet
Setting Up Squid For NTLM Auth
Document12 pages
Setting Up Squid For NTLM Auth
Davila Reyes Kendall Aurelio
No ratings yet
Ubuntuserver
Document3 pages
Ubuntuserver
Nurul Muhlisin
No ratings yet
Attachment 0001
Document9 pages
Attachment 0001
naresh chowdary
No ratings yet
Compilando Squid 4.6
Document21 pages
Compilando Squid 4.6
Javier
No ratings yet
Super Proxy Lusca Squid Ubuntu v3
Document4 pages
Super Proxy Lusca Squid Ubuntu v3
Aris Munadi
No ratings yet
Accel PPP
Document46 pages
Accel PPP
raphaelrrl
No ratings yet
Freeradius Server PDF
Document11 pages
Freeradius Server PDF
Serco
No ratings yet
Admin2 Day7
Document2 pages
Admin2 Day7
MOFEED AFANDI
No ratings yet
Datastage Unixcommonds
Document9 pages
Datastage Unixcommonds
brightfulindia3
No ratings yet
Node Reset&Add
Document3 pages
Node Reset&Add
NAGARJUNA
No ratings yet
Guide
Document14 pages
Guide
durga selva
No ratings yet
Steps
Document5 pages
Steps
kologeros123 kologeros123
No ratings yet
Instalación Centos 7 Linode: Documentroot /Var/Www/Html/ Servername Qollanahotel - Pe Sslengine On
Document28 pages
Instalación Centos 7 Linode: Documentroot /Var/Www/Html/ Servername Qollanahotel - Pe Sslengine On
Andres Sosa
No ratings yet
Conta
Document5 pages
Conta
test
No ratings yet
Install Squid3 Untuk Transparent Proxy
Document4 pages
Install Squid3 Untuk Transparent Proxy
Nursalim S kom
No ratings yet
4LPIC AxelCampana Amaury Ford
Document29 pages
4LPIC AxelCampana Amaury Ford
edeniaytb
No ratings yet
Mkdir /downloads CD /downloads Tar ZXVF Qmailrocks - Tar.gz
Document14 pages
Mkdir /downloads CD /downloads Tar ZXVF Qmailrocks - Tar.gz
Rohit Sharma
No ratings yet
Tema2 2021 (10-13)
Document3 pages
Tema2 2021 (10-13)
Duta Cosmin
No ratings yet
Configuring Django Enviroment On Server Debian Jessie
Document5 pages
Configuring Django Enviroment On Server Debian Jessie
Egh
No ratings yet
STB After Install
Document4 pages
STB After Install
susantostarcom03
No ratings yet
Linux Router
Document4 pages
Linux Router
RICKY TUALOMBO
No ratings yet
File squid-3.HEAD-20130412-r12755.tar - GZ Dengan Cara Sebagai Berikut
Document4 pages
File squid-3.HEAD-20130412-r12755.tar - GZ Dengan Cara Sebagai Berikut
Yudi Permana
No ratings yet
CentOS 7 & 8 Self Study
Document8 pages
CentOS 7 & 8 Self Study
Lukki Arjuna
No ratings yet
HOW TO INSTALL ASTERISK On Debian 8.1
Document15 pages
HOW TO INSTALL ASTERISK On Debian 8.1
enamul whab
No ratings yet
Centos Repos 3
Document4 pages
Centos Repos 3
Jamil Shaikh
No ratings yet
Bismillah
Document2 pages
Bismillah
Zaskyah Yasin
No ratings yet
WordPress Process
Document30 pages
WordPress Process
robertplant22
No ratings yet
Backuppc: Install V4.3.2
Document13 pages
Backuppc: Install V4.3.2
duven
No ratings yet
Guia Ocs Server
Document3 pages
Guia Ocs Server
maxofficer9
No ratings yet
Configuration of a Simple Samba File Server, Quota and Schedule Backup
From Everand
Configuration of a Simple Samba File Server, Quota and Schedule Backup
Dr. Hedaya Alasooly
No ratings yet
Configuration of a Simple Samba File Server, Quota and Schedule Backup
From Everand
Configuration of a Simple Samba File Server, Quota and Schedule Backup
Dr. Hidaia Mahmood Alassouli
No ratings yet
Evaluation of Some Windows and Linux Intrusion Detection Tools
From Everand
Evaluation of Some Windows and Linux Intrusion Detection Tools
Dr. Hedaya Alasooly
No ratings yet
Evaluation of Some Intrusion Detection and Vulnerability Assessment Tools
From Everand
Evaluation of Some Intrusion Detection and Vulnerability Assessment Tools
Dr. Hedaya Mahmood Alasooly
No ratings yet
CFPBUS003 - Introduction To Information Technology
Document13 pages
CFPBUS003 - Introduction To Information Technology
noreen
No ratings yet
Tip 10 RF
Document4 pages
Tip 10 RF
sepiaaaa
No ratings yet
6.033 Computer System Engineering: Mit Opencourseware
Document7 pages
6.033 Computer System Engineering: Mit Opencourseware
Anwar Kovil
No ratings yet
安裝PALERT手冊 PDF
Document25 pages
安裝PALERT手冊 PDF
Sub Zero
No ratings yet
Lab Exercise 2 - FHRP - HSRP
Document1 page
Lab Exercise 2 - FHRP - HSRP
July Julian
No ratings yet
Mitsubishi GT2000 Catalogue - Contact ASC PH 03 9720 0211
Document108 pages
Mitsubishi GT2000 Catalogue - Contact ASC PH 03 9720 0211
John Forbes Nash
No ratings yet
25 Most Frequently Used Linux IPTables Rules Examples
Document8 pages
25 Most Frequently Used Linux IPTables Rules Examples
ictnew
No ratings yet
DH 3
Document5 pages
DH 3
Andi Sopyan
No ratings yet
5.3.1.3 Lab - Observing DNS Name Resolution
Document3 pages
5.3.1.3 Lab - Observing DNS Name Resolution
Muhammad Musyawir
No ratings yet
AP400 Modem
Document24 pages
AP400 Modem
Pablo Armas
No ratings yet
Performance Tuning An HPC Cluster - FINAL 012009
Document41 pages
Performance Tuning An HPC Cluster - FINAL 012009
Ezio Kuratani
No ratings yet
Cisco Guard Configuration Guide: Software Release 6.1 February 2008
Document318 pages
Cisco Guard Configuration Guide: Software Release 6.1 February 2008
eldjouher
No ratings yet
Kerala Vision Internet
Document1 page
Kerala Vision Internet
pravn
No ratings yet
Assignment 1 Answer Sheet
Document3 pages
Assignment 1 Answer Sheet
mihipa8592
No ratings yet
Unit 1 DC Circuit Analysis PDF 1 8 Meg
Document31 pages
Unit 1 DC Circuit Analysis PDF 1 8 Meg
Joshua Duffy
67% (3)
Fiber Systems Dense Wavelength Division Multiplexing (DWDM)
Document29 pages
Fiber Systems Dense Wavelength Division Multiplexing (DWDM)
Sahil Suneja
No ratings yet
RTU5025 GPRS 3G Gate Opener User Manual V1.7
Document17 pages
RTU5025 GPRS 3G Gate Opener User Manual V1.7
Juan Pablo Moreira Mascari
No ratings yet
A 1-126.x.x.x B 128-191.x.x.x C 192-223.x.x.x: CBT IPV4 Notes
Document1 page
A 1-126.x.x.x B 128-191.x.x.x C 192-223.x.x.x: CBT IPV4 Notes
Dhananjai Singh
No ratings yet
ANR Management Feature Parameter Description (eRAN2.0 - 01)
Document47 pages
ANR Management Feature Parameter Description (eRAN2.0 - 01)
ezze45
100% (1)
DS 2df8336iv Ael PDF
Document4 pages
DS 2df8336iv Ael PDF
Mohan Preeth
No ratings yet
Dell PowerEdge T630 Spec Sheet
Document2 pages
Dell PowerEdge T630 Spec Sheet
PatrickChanCF
No ratings yet
Maximum Ratio Combining For A WCDMA Rake Receiver
Document8 pages
Maximum Ratio Combining For A WCDMA Rake Receiver
tycoona
No ratings yet
Ion 7400
Document218 pages
Ion 7400
jose
No ratings yet
Manuale Commonstore 8.4
Document380 pages
Manuale Commonstore 8.4
Federico Maestà
No ratings yet
Red Hat Enterprise Linux-7-Networking Guide-en-US PDF
Document224 pages
Red Hat Enterprise Linux-7-Networking Guide-en-US PDF
Hitesh Rahangdale
No ratings yet
20a-Esp8266 Rtos SDK Programming Guide en
Document41 pages
20a-Esp8266 Rtos SDK Programming Guide en
kellisgf
No ratings yet