LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Slackware (http://www.linuxquestions.org/questions/slackware-14/)
-   -   http proxy server (http://www.linuxquestions.org/questions/slackware-14/http-proxy-server-380919/)

Seiken 11-07-2005 07:12 PM

http proxy server
 
Hello,

I want to run an http proxy server on my slackware box. I am running Slackware 10.2. Could someone point me in the direction of a guide on how to set this up? (Or just explain it here if you'd like.) I have looked in the HOWTO and Guide sections of The Linux Documentation Project, and did a search of the Slackware forum on LinuxQuestions, but haven't found anything.

Thanks,
Seiken

Gort32 11-07-2005 07:29 PM

Squid is your friend. The process for setting up squid is rather easy as pretty much all of the basic work is already done for you. If you just start Squid it will start working. From there you can search for specific configuration examples that meet your needs.

Seiken 11-07-2005 07:38 PM

Thanks! :)

Seiken 11-07-2005 08:42 PM

Well it's installed... now I just have to figure out how to make it allow connections.

Seiken 11-07-2005 08:56 PM

it keeps telling me that the proxy isn't accepting connections... I've created a couple acl's and allowed http_access to them in the squid.conf though :\ confused.

mago 12-07-2005 02:31 PM

Check that the allow is above the default deny all, it reads them from top to bottom, therefore the top one will over rule the botom one.

Crashbox 12-09-2005 01:03 PM

Or....
 
I suggest checking this out SSH Proxy. He wrote it for Windows, but it would be even easier to implement in linux.

I'm actually getting the hardware together for a project just like this for my home network. The box will be my print server internally and my ssh proxy server externally. I've given it a lot of thought, and I have a few ideas about security:

You probably would want to create a completely separate user for the ssh proxy. If you have no other reason to ssh into your box, then you may want to config ssh to only allow connections from the "proxy" user (I believe you can do this in the ssh_config file) and while you're in the the config file, you probably want to disable root logins via ssh. Restricting ssh down to one (or two) users will make it harder for script kiddies with brute force ssh scanners to burn you. But be sure to use good strong passwords for the users (upper/lowercase, numbers, symbols, etc). It probably isn't a bad idea to use an unusual name for the "proxy" user too.

I'm assuming this Slack box is your primary box, so you're going to want to take a long hard look at what services you are running. For instance, if you live alone and are gone to work 8 (or more) hours a day, do you really need CUPS running while you are gone. Same for X. This box will be on the net, so limit your exposure. Take a look at what packages you have installed too. All software has holes. Remove the stuff you don't need/use.

Since my box isn't my primary box, I'm taking the further step of using a specialized server distro (Tiny Sofa Classic) - with everything I don't need disabled and/or removed. Most distros like this have taken extra measures (kernel patches, custom builds, etc.) to help keep things secure. Security is a relative concept, but I figure a step like this can't hurt.

My plan is to get this thing going this weekend. Assuming I do, I'll be back to this thread to revise this...or ask for help...depending on how difficult it ends up being.


All times are GMT -5. The time now is 04:24 PM.