what is a good proxy server
umar
umar99 at yahoo.com
Mon May 27 11:10:23 EDT 2002
offcourse my internet is working and i have two NIC.
Here are the outputs. They are different from what
mandrake generated for me since a friend of mine came
yesterday and he reconfigured the iptables, but I
havent got a chance yet to test it on client
computers.
------------------------------------
[root at siddiqi umar]# ifconfig -a
eth0 Link encap:Ethernet HWaddr
00:01:03:CE:8E:29
inet addr:68.65.8.57 Bcast:68.65.9.255
Mask:255.255.254.0
UP BROADCAST NOTRAILERS RUNNING MTU:1500
Metric:1
RX packets:305110 errors:3 dropped:0
overruns:0 frame:3
TX packets:19449 errors:0 dropped:0
overruns:0 carrier:1
collisions:266 txqueuelen:100
RX bytes:76774520 (73.2 Mb) TX
bytes:2781753 (2.6 Mb)
Interrupt:3 Base address:0xdc00
eth1 Link encap:Ethernet HWaddr
00:04:5A:45:B6:5E
inet addr:192.168.0.1 Bcast:192.168.0.255
Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500
Metric:1
RX packets:935 errors:0 dropped:0 overruns:0
frame:0
TX packets:16 errors:0 dropped:0 overruns:0
carrier:0
collisions:0 txqueuelen:100
RX bytes:109885 (107.3 Kb) TX bytes:2772
(2.7 Kb)
Interrupt:11 Base address:0xd800
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:1081 errors:0 dropped:0
overruns:0 frame:0
TX packets:1081 errors:0 dropped:0
overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:73024 (71.3 Kb) TX bytes:73024
(71.3 Kb)
-----------------------------------------
[root at siddiqi umar]# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags
MSS Window irtt Iface
255.255.255.255 0.0.0.0 255.255.255.255 UH
40 0 0 eth1
192.168.0.0 0.0.0.0 255.255.255.0 U
40 0 0 eth1
68.65.8.0 0.0.0.0 255.255.254.0 U
40 0 0 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U
40 0 0 lo
0.0.0.0 68.65.8.1 0.0.0.0 UG
40 0 0 eth0
-------------------------------------------
nameserver 24.48.33.2
nameserver 24.48.33.3
search buf.adelphia.net.
-----------------------------------------
cat /proc/sys/net/ipv4/ip_forward
1[root at siddiqi umar]# ipchains -L
ipchains: Incompatible with this kernel
[root at siddiqi umar]# iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT udp -- anywhere anywhere
udp spt:bootpc dpt:bootps
ACCEPT tcp -- anywhere anywhere
tcp spt:bootpc dpt:bootps
ACCEPT udp -- anywhere anywhere
udp spt:bootps dpt:bootpc
ACCEPT tcp -- anywhere anywhere
tcp spt:bootps dpt:bootpc
ACCEPT udp -- anywhere anywhere
udp dpt:domain
ACCEPT tcp -- anywhere anywhere
tcp dpt:domain
DROP tcp -- anywhere 127.0.0.0/8
ACCEPT all -- anywhere anywhere
state RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
DROP all -- BASE-ADDRESS.MCAST.NET/4 anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
DROP all -- anywhere anywhere
Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT all -- 192.168.0.0/24 anywhere
ACCEPT all -- anywhere anywhere
state RELATED,ESTABLISHED
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere
Chain INT_IN (0 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
DROP all -- anywhere anywhere
Chain INT_OUT (0 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere
Chain PUB_IN (3 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
icmp destination-unreachable
ACCEPT icmp -- anywhere anywhere
icmp echo-reply
ACCEPT icmp -- anywhere anywhere
icmp time-exceeded
ACCEPT tcp -- anywhere anywhere
tcp dpt:domain
ACCEPT tcp -- anywhere anywhere
tcp dpt:pop2
ACCEPT tcp -- anywhere anywhere
tcp dpt:imap
ACCEPT tcp -- anywhere anywhere
tcp dpt:http
ACCEPT tcp -- anywhere anywhere
tcp dpt:ftp-data
ACCEPT tcp -- anywhere anywhere
tcp dpt:ftp
ACCEPT tcp -- anywhere anywhere
tcp dpt:pop3
ACCEPT tcp -- anywhere anywhere
tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere
tcp dpt:telnet
ACCEPT tcp -- anywhere anywhere
tcp dpt:https
ACCEPT tcp -- anywhere anywhere
tcp dpt:smtp
ACCEPT tcp -- anywhere anywhere
tcp dpt:domain
ACCEPT udp -- anywhere anywhere
udp dpt:domain
ACCEPT udp -- anywhere anywhere
udp dpt:domain
LOG tcp -- anywhere anywhere
tcp dpt:telnet state INVALID,NEW limit: avg 5/sec
burst 8 LOG level warning prefix `audit'
LOG tcp -- anywhere anywhere
tcp dpt:ftp state INVALID,NEW limit: avg 5/sec
burst 8 LOG level warning prefix `audit'
LOG tcp -- anywhere anywhere
tcp dpt:imap state INVALID,NEW limit: avg 5/sec
burst 8 LOG level warning prefix `audit'
LOG tcp -- anywhere anywhere
tcp dpt:pop3 state INVALID,NEW limit: avg 5/sec
burst 8 LOG level warning prefix `audit'
LOG tcp -- anywhere anywhere
tcp dpt:finger state INVALID,NEW limit: avg 5/sec
burst 8 LOG level warning prefix `audit'
LOG tcp -- anywhere anywhere
tcp dpt:sunrpc state INVALID,NEW limit: avg 5/sec
burst 8 LOG level warning prefix `audit'
LOG tcp -- anywhere anywhere
tcp dpt:exec state INVALID,NEW limit: avg 5/sec
burst 8 LOG level warning prefix `audit'
LOG tcp -- anywhere anywhere
tcp dpt:login state INVALID,NEW limit: avg 5/sec
burst 8 LOG level warning prefix `audit'
LOG tcp -- anywhere anywhere
tcp dpt:tacnews state INVALID,NEW limit: avg
5/sec burst 8 LOG level warning prefix `audit'
LOG tcp -- anywhere anywhere
tcp dpt:ssh state INVALID,NEW limit: avg 5/sec
burst 8 LOG level warning prefix `audit'
LOG udp -- anywhere anywhere
udp dpt:31337 state INVALID,NEW limit: avg 5/sec
burst 8 LOG level warning prefix `audit'
DROP icmp -- anywhere anywhere
DROP all -- anywhere anywhere
Chain PUB_OUT (3 references)
target prot opt source destination
REJECT icmp -- anywhere anywhere
icmp destination-unreachable reject-with
icmp-port-unreachable
REJECT icmp -- anywhere anywhere
icmp time-exceeded reject-with
icmp-port-unreachable
ACCEPT all -- anywhere anywhere
-----------------------------------------
--- deadpoint <deadpoint at adelphia.net> wrote:
> where you ever able to connect to the net using your
> linux machine?
> without that you'll never get the connection shaing
> to work. does your
> machine have 2 network cards? how are your NIC(s)
> configured? send the
> output from the following commands to the list.
>
> ifconfig -a
> netstat -rn
> cat /etc/resolv.conf
> cat /proc/sys/net/ipv4/ip_forward
> ipchains -L
> iptables -L
>
> umar wrote:
>
> >hi all,
> >
> >since my mandrake connection sharing system is not
> >working (and no one was able to help me with that),
> I
> >am thinking about setting up a third party server
> to
> >share my cable connection with my roommates. I want
> to
> >know what are good proxy servers for linux that can
> >handle upto 5 clients and support ftp, telnet, ssh
> and
> >various instant messengers.
> >
> >I have heard of squid but dont know how good or bad
> it
> >is. Any help in this regard would be appreciated.
> >
> >And NO I cannot buy a new box to act as a router. I
> >have to do something using my own box.
> >
> >Umar
> >
> >
> >__________________________________________________
> >Do You Yahoo!?
> >Yahoo! - Official partner of 2002 FIFA World Cup
> >http://fifaworldcup.yahoo.com
> >
> >
> >
>
>
__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com
More information about the nflug
mailing list