Differenze tra le versioni 3 e 4
|
Dimensione: 838
Commento:
|
Dimensione: 2262
Commento:
|
| Le cancellazioni sono segnalate in questo modo. | Le aggiunte sono segnalate in questo modo. |
| Linea 29: | Linea 29: |
| == Our not optimized firewall == {{{ root@SRVSERVICES1:/home/svr# iptables-save # Generated by iptables-save v1.4.4 on Fri Nov 27 17:27:00 2009 *nat :PREROUTING ACCEPT [79560:6647071] :POSTROUTING ACCEPT [1387:110814] :OUTPUT ACCEPT [25225:1545157] -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128 -A POSTROUTING -o eth0 -j MASQUERADE COMMIT # Completed on Fri Nov 27 17:27:00 2009 # Generated by iptables-save v1.4.4 on Fri Nov 27 17:27:00 2009 *filter :INPUT ACCEPT [1929370:1462353513] :FORWARD ACCEPT [1311849:496765522] :OUTPUT ACCEPT [1723281:1613645787] -A INPUT -i eth0 -m hashlimit --hashlimit-above 151/sec --hashlimit-name download150perm -j DROP -A FORWARD -o eth1 -m hashlimit --hashlimit-above 151/sec --hashlimit-name download150 -j DROP -A FORWARD -s 10.0.0.0/8 -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -m limit --limit 10/sec --limit-burst 20 -j ACCEPT -A FORWARD -s 10.0.0.0/8 -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -j LOG -A FORWARD -s 10.10.0.0/24 -d 192.168.1.0/24 -o eth0 -j DROP -A FORWARD -s 10.0.0.0/8 -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -j DROP -A FORWARD -o eth0 -m state --state NEW -m recent --update --seconds 30 --hitcount 20 --name DEFAULT --rsource -j DROP COMMIT # Completed on Fri Nov 27 17:27:00 2009 root@SRVSERVICES1:/home/svr# }}} |
Documentation
Squid URL Rewrite
We are trying to use this /usr/bin/redirect.py as url_rewrite_program in SQUID 2.6
import sys
while True:
line = sys.stdin.readline().strip()
list = line.split(' ')
url = list[0]
if (url.find("google") != -1 and url.find("q=") == -1):
sys.stdout.write("301:http://10.10.0.1/")
sys.stdout.flush()
else:
sys.stdout.write(url+"\n")
sys.stdout.flush()but is not working 
any python guru ?? Contact Raffaele
PS we also found this one and makes exactly what we did, but ours does not work http://gofedora.com/how-to-write-custom-redirector-rewritor-plugin-squid-python/
Our not optimized firewall
root@SRVSERVICES1:/home/svr# iptables-save # Generated by iptables-save v1.4.4 on Fri Nov 27 17:27:00 2009 *nat :PREROUTING ACCEPT [79560:6647071] :POSTROUTING ACCEPT [1387:110814] :OUTPUT ACCEPT [25225:1545157] -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128 -A POSTROUTING -o eth0 -j MASQUERADE COMMIT # Completed on Fri Nov 27 17:27:00 2009 # Generated by iptables-save v1.4.4 on Fri Nov 27 17:27:00 2009 *filter :INPUT ACCEPT [1929370:1462353513] :FORWARD ACCEPT [1311849:496765522] :OUTPUT ACCEPT [1723281:1613645787] -A INPUT -i eth0 -m hashlimit --hashlimit-above 151/sec --hashlimit-name download150perm -j DROP -A FORWARD -o eth1 -m hashlimit --hashlimit-above 151/sec --hashlimit-name download150 -j DROP -A FORWARD -s 10.0.0.0/8 -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -m limit --limit 10/sec --limit-burst 20 -j ACCEPT -A FORWARD -s 10.0.0.0/8 -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -j LOG -A FORWARD -s 10.10.0.0/24 -d 192.168.1.0/24 -o eth0 -j DROP -A FORWARD -s 10.0.0.0/8 -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -j DROP -A FORWARD -o eth0 -m state --state NEW -m recent --update --seconds 30 --hitcount 20 --name DEFAULT --rsource -j DROP COMMIT # Completed on Fri Nov 27 17:27:00 2009 root@SRVSERVICES1:/home/svr#
Bluetooth Totem
visit BlueToothTotem