Authen Free Bsd6 2
Upcoming SlideShare
Loading in...5
×
 

Authen Free Bsd6 2

on

  • 1,189 views

 

Statistics

Views

Total Views
1,189
Views on SlideShare
1,189
Embed Views
0

Actions

Likes
0
Downloads
14
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Authen Free Bsd6 2 Authen Free Bsd6 2 Document Transcript

  • F F F Internet Authentication & WIFI FreeBSD 6.2 1 F F F (Authen & WIFI) F FreeBSD 6.2 ก Authen & wifi for FreeBSD6.2 1. ก FreeBSD 6.2 F ก F F ก F 2. ก Compile Kernel F ก F Authen 3. FAMP mysql5.0 => Apache22 => php5 F ก F 4. config F Aapche22 F modssl F https:// 5. Freeradius 6. config radiusd F Fก F F F F radius 7. Chillispot 8. Config chilli F F กก radiusd 9. squid2.6 F F F Proxy Server 10.0.0.1 transparent 10. ก mrtg F F ก F F ก ก ก ก ThaiBSD F 11. ก syslog-ng F F F ก log files F F F F F ก F F Fก ก Fก 1. ก FreeBSD 6.2 F ก F F ก F 2. ก Compile Kernel F ก F Authen # cd /usr/src/sys/i386/conf # cp GENERIC AUTHEN // F AUTHEN F ก F # pico AUTHEN F F F F F www.kroonis.org F
  • F F F Internet Authentication & WIFI FreeBSD 6.2 2 ident AUTHEN options IPFIREWALL options IPFIREWALL_FORWARD options IPFIREWALL_DEFAULT_TO_ACCEPT options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT=0 options IPDIVERT options ALTQ options ALTQ_CBQ options ALTQ_RED options ALTQ_RIO options ALTQ_HFSC options ALTQ_PRIQ options ALTQ_NOPCC device pf device pflog device pfsync ก Fก Ctrl + o F Enter ก กก กF ก Ctrl + x # config AUTHEN # cd ../compile/AUTHEN # make cleandepend;make depend;make;make install F กF compile kernel # pico /etc/rc.conf F F firewall_enable="YES" firewall_type="OPEN" firewall_quiet="YES" natd_enable="YES" natd_interface="rl0" // rl0 ก F ก F ก router ก F www.kroonis.org F
  • F F F Internet Authentication & WIFI FreeBSD 6.2 3 natd_flags="-s -u -m" pf_enable="YES" pf_rules="/etc/pf.conf" pf_flags="" pflog_enable="YES" pflog_logfile="/var/log/pflog" pflog_flags="" 3. FAMP mysql5.0 => Apache22 => php5 F ก F ก F ก www.kroonis.org/index.php?name=freebsd 4. config F Aapche22 F modssl F https:// ก F ก F F www.kroonis.org/download/Authen/Aapche22_modssl.pdf 5. Freeradius F Freeradius F F whereis freeradius F F Freeradius F F /usr/ports/net/freeradius radiusd ก # cd /usr/ports/net/freeradius # make config F ก [ × ] MYSQL ก OK F กF freeradius1.1.2.1 F ก F F F F FreeBSD 6.2 ก F F ..... ก F F FF F www.kroonis.org F
  • F F F Internet Authentication & WIFI FreeBSD 6.2 4 # cd /usr/local/etc/raddb // ก F radiusd F F authen# mv acct_users.sample acct_users authen# mv clients.conf.sample clients.conf authen# mv dictionary.sample dictionary authen# mv eap.conf.sample eap.conf authen# mv hints.sample hints authen# mv huntgroups.sample huntgroups authen# mv preproxy_users.sample preproxy_users authen# mv radiusd.conf.sample radiusd.conf authen# mv proxy.conf.sample proxy.conf authen# mv snmp.conf.sample snmp.conf authen# mv sql.conf.sample sql.conf authen# mv users.sample users ก key Freeradius authen# pico clients.conf secret = testing123 F testing123 F F FF F กF F ก F clients.conf secret = testing123 กF F /usr/local/etc/raddb/radius.conf authen# pico radius.conf F proxy_requests = yes proxy_requests = no F F log Fก Freeradius F authen# ls /var/log/ | grep radacct F www.kroonis.org F
  • F F F Internet Authentication & WIFI FreeBSD 6.2 5 radacct F F F F F FF F F F F log authen# cd /var/log/ authen# touch radius.log radutmp radwtmp authen# chmod 700 /var/log/radacct authen# chmod 644 /var/log/radius.log authen# chmod 600 /var/log/radutmp authen# chmod 644 /var/log/radwtmp authen# pw adduser radiusd // F F F radiusd authen# chown radiusd:radiusd /var/log/radacct/ authen# chown radiusd:radiusd /var/log/radius.log authen# chown radiusd:radiusd /var/log/radutmp authen# chown radiusd:radiusd /var/log/radwtmp adduser F user1 F authen# adduser Username: user1 Full name: user1 Uid (Leave empty for default): Login group [user1]: Login group is user1. Invite user1 into other groups? []: Login class [default]: Shell (sh csh tcsh nologin) [sh]: Home directory [/home/user1]: Use password-based authentication? [yes]: Use an empty password? (yes/no) [no]: Use a random password? (yes/no) [no]: no Enter password: Enter password again: Lock out the account after creation? [no]: no Username : user1 F www.kroonis.org F
  • F F F Internet Authentication & WIFI FreeBSD 6.2 6 Password : ***** Full Name : user1 Uid : 1005 Class : Groups : user1 Home : /home/user1 Shell : /bin/sh Locked : no OK? (yes/no): yes adduser: INFO: Successfully added (user1) to the user database. Add another user? (yes/no): no Goodbye! F radius F /usr/local/sbin/radiusd -x F ก Starting - reading configuration files ... Module: Loaded exec rlm_exec: Wait=yes but no output defined. Did you mean output=none? Module: Instantiated exec (exec) Module: Loaded expr Module: Instantiated expr (expr) Module: Loaded PAP Module: Instantiated pap (pap) Module: Loaded CHAP Module: Instantiated chap (chap) Module: Loaded MS-CHAP Module: Instantiated mschap (mschap) Module: Loaded System Module: Instantiated unix (unix) Module: Loaded eap rlm_eap: Loaded and initialized type md5 rlm_eap: Loaded and initialized type leap rlm_eap: Loaded and initialized type gtc F www.kroonis.org F
  • F F F Internet Authentication & WIFI FreeBSD 6.2 7 rlm_eap: Loaded and initialized type mschapv2 Module: Instantiated eap (eap) Module: Loaded preprocess Module: Instantiated preprocess (preprocess) Module: Loaded realm Module: Instantiated realm (suffix) Module: Loaded files Module: Instantiated files (files) Module: Loaded Acct-Unique-Session-Id Module: Instantiated acct_unique (acct_unique) Module: Loaded detail Module: Instantiated detail (detail) Module: Loaded radutmp Module: Instantiated radutmp (radutmp) Initializing the thread pool... Listening on authentication *:1812 Listening on accounting *:1813 Ready to process requests. F FF ก F F F F F F /usr/local/sbin/radiusd F Sun Oct 12 20:48:43 2008 : Info: Starting - reading configuration files ... F Freeradius F ก user F F F console F ก F Login ก F authen# radtest user1 schooltlp localhost 0 testing123 F Sending Access-Request of id 28 to 127.0.0.1 port 1812 User-Name = "user1" // user1 F F User-Password = "schooltlp" // schooltlp F F user1 NAS-IP-Address = 255.255.255.255 NAS-Port = 0 rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=28, length=20 F www.kroonis.org F
  • F F F Internet Authentication & WIFI FreeBSD 6.2 8 F F radius ก F F radius F F F radius F authen# mysql u root -p F root mysql ก Enter Mysql> create database radius; Mysql> grant all on radius.* to radius@localhost identified by F F ก ; Mysql> exit Dump F radius.sql F F radius ก dump sql F F phpMyAdmin dump sql F command line ก F F radius.sql F F /home/user1/ Fก SSH F config F F ก F ก F F ก SSH Secure Shell Client ก F VDO F F F www.npd.in.th/~manis F authen# cd /home/user1/ authen# mysql -u radius -p < radius.sql ก Enter F F F radius Fก F F ก F F ก ก F F Mysql ก F import F radius.sql F F radius F F ก F F sql F ก 10 M F F phpMyAdmin error F ก ก F F F 1. ก กF F www.kroonis.org/download/Authen/authen.rar 2. กF F admin/include/config.inc.php Fก F radius <?php # configuration for database $_config['database']['hostname'] = "localhost"; $_config['database']['username'] = "radius"; $_config['database']['password'] = " F F F radius"; $_config['database']['database'] = "radius"; ก F config.inc.php ก F F F authen F /usr/local/www/apache22/data F ก F F F hotspotlogin.php F hotspotlogin_popup.php F admin F ssh F user F authen ก ก F ก F F /home/authen ก ก ก F authen# cd /home/authen authen# cp -rf * /usr/local/www/apache22/data F www.kroonis.org F
  • F F F Internet Authentication & WIFI FreeBSD 6.2 9 F FreeBSD6.2 F ก F ก F F F - www.domain.com/admin/ F F 1. ก Browser F F www.domain.com/admin/ 2. Login F F F Login : admin password : admin 3. F F F F (chalee) F VDO ก F F F F F ก F Bittorrent F F nis F 123456 ก F F F ก F radius.sql F F F F ก F www.kroonis.org/radius.sql F F F F F Command Line ก F authen# mysql u root -p radius < /usr/local/share/doc/freeradius/examploes/mysql.sql Enter password : F F F F F radius authen# mysql u root p rootmysql mysql> create database radius; mysql> grant all privileges on radius.* to root@localhost identified by ' rootmysql'; mysql> use radius; F F insert into radcheck(Username,Attribute,Value) VALUES('chillitest', 'Password', 'chilli123'); insert into usergroup(Username,GroupName,Priority) VALUES('chillitest', 'dynamic', 1); insert into radgroupcheck(GroupName,Attribute,Value) VALUES('dynamic', 'Auth- Type', 'Local'); insert into radreply(UserName, Attribute, Value) VALUES('chillitest', 'Class', '0702345678'); insert into radgroupreply(GroupName, Attribute, Value) VALUES('dynamic', 'Session- Timeout', '3600'); insert into radgroupreply(GroupName, Attribute, Value) VALUES('dynamic', 'Idle- Timeout', '600'); insert into radgroupreply(GroupName, Attribute, Value) VALUES('dynamic', 'Acct- Interim-Interval', '60'); insert into radgroupreply(GroupName, Attribute, Value) VALUES('dynamic', 'WISPr- Redirection-URL', 'http://www.google.co.th'); F www.kroonis.org F
  • F F F Internet Authentication & WIFI FreeBSD 6.2 10 insert into radgroupreply(GroupName, Attribute, Value) VALUES('dynamic', 'WISPr- Bandwidth-Max-Up', '128000'); insert into radgroupreply(GroupName, Attribute, Value) VALUES('dynamic', 'WISPr- Bandwidth-Max-Down', '512000'); F F ก F F . F F CREATE TABLE account ( username varchar(50) NOT NULL default '', `password` varchar(255) NOT NULL default '', firstname varchar(200) NOT NULL default '', lastname varchar(200) NOT NULL default '', mailaddr varchar(200) NOT NULL default '', dateregis datetime NOT NULL default '0000-00-00 00:00:00', encryption varchar(50) NOT NULL, `status` int(11) NOT NULL default '0' ) ENGINE=MyISAM DEFAULT CHARSET=utf8; CREATE TABLE administrator ( username varchar(50) NOT NULL default '', `password` varchar(200) NOT NULL default '', `name` varchar(200) NOT NULL default '', lastlogin datetime NOT NULL default '0000-00-00 00:00:00' ) ENGINE=MyISAM DEFAULT CHARSET=utf8; INSERT INTO administrator VALUES ('admin', ' 21232f297a57a5a743894a0e4a801fc3', 'admin', '2008-10-17 00:26:21'); CREATE TABLE configuration ( variable varchar(200) NOT NULL default '', `value` varchar(200) NOT NULL default '' ) ENGINE=MyISAM DEFAULT CHARSET=utf8; INSERT INTO configuration VALUES ('default_regis_status', '0'); F www.kroonis.org F
  • F F F Internet Authentication & WIFI FreeBSD 6.2 11 INSERT INTO configuration VALUES ('multi_encryption', '0'); INSERT INTO configuration VALUES ('redirect', 'http://www.google.co.th'); CREATE TABLE genuser ( userprefix varchar(50) NOT NULL, userlastno int(11) NOT NULL ) ENGINE=MyISAM DEFAULT CHARSET=utf8; CREATE TABLE groups ( gid int(11) NOT NULL auto_increment, gname varchar(100) NOT NULL default '', gdesc varchar(200) NOT NULL default '', gupload int(11) NOT NULL default '0', gdownload int(11) NOT NULL default '0', gexpire date NOT NULL default '0000-00-00', glimited int(11) NOT NULL default '0', gstatus int(11) NOT NULL default '0', PRIMARY KEY (gid) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=34 ; CREATE TABLE interface ( variable varchar(200) NOT NULL, `value` text NOT NULL ) ENGINE=MyISAM DEFAULT CHARSET=utf8; F dump sql F phpMyAdmin F www.kroonis.org/radius.sql 6. config radiusd F Fก F F F F radius authen# pico /usr/local/etc/raddb/sql.conf # Connect info server = "localhost" login = "root" // F F ก radius password = "rootmysql" // F F F F radius F www.kroonis.org F
  • F F F Internet Authentication & WIFI FreeBSD 6.2 12 F sql_user_name ก Ctrl+w ก F F sql_user_name ก Enter F ก F # ก #sql_user_name = "%{Stripped-User-Name:-%{User-Name:-DEFAULT}}" กF sql_user_name = "%{Stripped-User-Name:-%{User-Name:-DEFAULT}}" F # F sql_username sql_user_name = "%{User-Name}" กF #sql_user_name = "%{User-Name}" # ก F simul_count_query simul_count_query = "SELECT COUNT(*) FROM ${acct_table1} WHERE UserName='%{SQL-User-Name}' AND AcctStopTime = 0" ก กF ก F F F ก F sql.conf authen# pico /usr/local/etc/raddb/radiusd.conf F See "Authorization Queries" in sql.conf F # ก F sql # See "Authorization Queries" in sql.conf sql F against /etc/passwd! F F # F unix # against /etc/passwd! See the FAQ for details. # unix F 'acct_users' F F # F files # Read the 'acct_users' file # files F See "Accounting queries" F # ก F sql # Accounting queries # sql F Simultaneous Use Checking Querie F # ก F sql # See "Simultaneous Use Checking Querie" in sql.conf sql run radius ก F /usr/local/sbin/radiusd -x F ก ก F Starting - reading configuration files ... F www.kroonis.org F
  • F F F Internet Authentication & WIFI FreeBSD 6.2 13 Module: Loaded exec rlm_exec: Wait=yes but no output defined. Did you mean output=none? Module: Instantiated exec (exec) Module: Loaded expr Module: Instantiated expr (expr) Module: Loaded PAP Module: Instantiated pap (pap) Module: Loaded CHAP Module: Instantiated chap (chap) Module: Loaded MS-CHAP Module: Instantiated mschap (mschap) Module: Loaded eap rlm_eap: Loaded and initialized type md5 rlm_eap: Loaded and initialized type leap rlm_eap: Loaded and initialized type gtc rlm_eap: Loaded and initialized type mschapv2 Module: Instantiated eap (eap) Module: Loaded preprocess Module: Instantiated preprocess (preprocess) Module: Loaded realm Module: Instantiated realm (suffix) Module: Loaded files Module: Instantiated files (files) Module: Loaded SQL rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked rlm_sql (sql): Attempting to connect to radius@localhost:/radius rlm_sql (sql): starting 0 rlm_sql (sql): Attempting to connect rlm_sql_mysql #0 rlm_sql_mysql: Starting connect to MySQL server for #0 rlm_sql (sql): Connected new DB handle, #0 rlm_sql (sql): starting 1 rlm_sql (sql): Attempting to connect rlm_sql_mysql #1 F www.kroonis.org F
  • F F F Internet Authentication & WIFI FreeBSD 6.2 14 rlm_sql_mysql: Starting connect to MySQL server for #1 rlm_sql (sql): Connected new DB handle, #1 rlm_sql (sql): starting 2 rlm_sql (sql): Attempting to connect rlm_sql_mysql #2 rlm_sql_mysql: Starting connect to MySQL server for #2 rlm_sql (sql): Connected new DB handle, #2 rlm_sql (sql): starting 3 rlm_sql (sql): Attempting to connect rlm_sql_mysql #3 rlm_sql_mysql: Starting connect to MySQL server for #3 rlm_sql (sql): Connected new DB handle, #3 rlm_sql (sql): starting 4 rlm_sql (sql): Attempting to connect rlm_sql_mysql #4 rlm_sql_mysql: Starting connect to MySQL server for #4 rlm_sql (sql): Connected new DB handle, #4 Module: Instantiated sql (sql) Module: Loaded Acct-Unique-Session-Id Module: Instantiated acct_unique (acct_unique) Module: Loaded detail Module: Instantiated detail (detail) Module: Loaded System Module: Instantiated unix (unix) Module: Loaded radutmp Module: Instantiated radutmp (radutmp) Initializing the thread pool... Listening on authentication *:1812 Listening on accounting *:1813 Ready to process requests. ก F radius ก mysql F F console Fก F Login ก F su root F authen# radtest F F F localhost 1812 secretkey F F F www.kroonis.org F
  • F F F Internet Authentication & WIFI FreeBSD 6.2 15 authen# radtest chillitest chilli123 localhost 1812 testing123 F F Sending Access-Request of id 90 to 127.0.0.1 port 1812 User-Name = "chillitest" User-Password = "chilli123" NAS-IP-Address = 255.255.255.255 NAS-Port = 0 rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=90, length=50 Service-Type = Login-User WISPr-Bandwidth-Max-Down = 33554432 WISPr-Bandwidth-Max-Up = 33554432 F F radiusd ก boot F authen# echo 'radiusd_enable="YES"' >> /etc/rc.conf 7. Chillispot ก F F F Login กF ก (Hotspot) whereis chillispot F F chiilispot F ก chillispot F ports F F /usr/ports/net-mgmt/chillispot authen# cd /usr/ports/net-mgmt/chillispot authen# make config F ก [×] MATURE ก [×] FREE × × ก OK F กF ก Chillispot F F Server ก F F www.kroonis.org F
  • F F F Internet Authentication & WIFI FreeBSD 6.2 16 8. Config chilli F F กก radiusd authen# cd /usr/local/share/chillispot/ authen# cp chilli.conf.sample /etc/chilli.conf authen# cp dictionary.chillispot /usr/local/etc/raddb/ authen# cp freeradius.users /usr/local/etc/raddb/ authen# cp pf.conf.sample /etc/pf.conf authen# pico /etc/chilli.conf F กF F F TUN F กF net 10.0.0.0/24 F dns1 dns2 กF dns F F dns1 203.146.15.9 F radiusserver1 กF radiusserver1 127.0.0.1 F radiusserver2 กF radiusserver2 127.0.0.1 F radiussecret กF radiussecret key F ก F clients.conf F dhcpif eth1 กF dhcpif rl1 ก F 2( ) F uamserver กF uamserver https://10.0.0.1/hotspotlogin.php F uamhomepage กF uamhomepage http://10.0.0.1/welcome.html F uamsecret F # ก uamsecret ht2eb8ej6s4et3rg1ulp F uamlisten กF uamlisten 10.0.0.1 กF F F F F F ก F F F ก F chilli.conf F ก F กF F F F F ก secret key testing123 F chilli.conf F F F F http://www.kroonis.org/download/Authen/chilli.conf F chillispot F /usr/local/sbin/chilli & F F welcome.html authen# pico /usr/local/www/apache22/data/welcome.html F F html F www.kroonis.org F
  • F F F Internet Authentication & WIFI FreeBSD 6.2 17 <html> <head> <title>Welcome to Our Hotspot, Wireless Network.</title> </head> <body> <center> <H1><font color="red">TESTING ONLY</font></H1> <img src="chillispot.png"> <H3><font color="blue">Welcome to Our Hotspot, Wireless Network.</font></H3> <p>You are connected to an authentication and restricted network access point. <H3><a href="http://10.0.0.1:3990/prelogin">Click here to login</a></H3> <p> <p>Enjoy. </center> </body> </html> กF F /usr/local/etc/raddb/dictionary authen# pico /usr/local/etc/raddb/dictionary F $INCLUDE /usr/local/share/freeradius/dictionary F กF F $INCLUDE /usr/local/etc/raddb/dictionary.chillispot F F /etc/rc.local authen# pico /etc/rc.local /usr/local/sbin/chilli & ipfw add pass tcp from any to any 3990 via setup F ก F /etc/rc.local F F /etc/services authen# pico /etc/services F 3986/udp F F2 F F www.kroonis.org F
  • F F F Internet Authentication & WIFI FreeBSD 6.2 18 bv-is 3990/tcp #BindView-IS bv-is 3990/udp #BindView-IS F F ก F F Server F ก F F ก Hotspot & WIFI F ( F ก F ก F F F ก F ก ก F ก F ก ก F F F ก Authentication F F F ก ThaiFreeBSD F Fก F ก ก F ก F F F F Fก F Atomy ก F F ก FreeBSD F F F F shutdown -r now F ก F FreeBSD6.2 Boot F login F root FF ก Process F authen# top F ก ก F F 835 root 1 96 0 1532K 892K select 1:34 0.00% natd 2291 root 1 96 0 7172K 6732K select 1:31 0.00% chilli 1065 mysql 10 20 0 61780K 27688K kserel 0:33 0.00% mysqld 963 root 1 8 0 18896K 11732K nanslp 0:05 0.00% httpd 467 _pflogd 1 -58 0 1624K 1048K bpf 0:03 0.00% pflogd 907 root 3 20 0 6792K 3648K kserel 0:00 0.00% radiusd 462 root 1 4 0 1560K 996K sbwait 0:00 0.00% pflogd F ก F 2 (rl1) F 10.0.0.1 authen# ifconfig F F rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 options=8<VLAN_MTU> inet 203.172.188.140 netmask 0xfffffff8 broadcast 203.172.188.146 ether 00:02:44:b8:7d:38 media: Ethernet autoselect (100baseTX <full-duplex>) status: active F www.kroonis.org F
  • F F F Internet Authentication & WIFI FreeBSD 6.2 19 rl1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 inet 0.0.0.0 netmask 0xff000000 broadcast 0.255.255.255 ether 00:16:ec:8d:66:b5 media: Ethernet autoselect (none) status: no carrier plip0: flags=108810<POINTOPOINT,SIMPLEX,MULTICAST,NEEDSGIANT> mtu 1500 lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4 inet6 ::1 prefixlen 128 inet 127.0.0.1 netmask 0xff000000 pfsync0: flags=0<> mtu 2020 syncpeer: 224.0.0.240 maxupd: 128 pflog0: flags=141<UP,RUNNING,PROMISC> mtu 33208 tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500 inet 10.0.0.1 --> 10.0.0.1 netmask 0xffffff00 Opened by PID 982 F Fก ก F 2 F F ก F F ก Swicth Hub F ก F F ก 10.0.0.0 ก F 10.0.0.2 ก ก class C F ก F ก F www.google.co.th F welcome.html FF F F F Login กF F ก (Hotspot) F www.kroonis.org F
  • F F F Internet Authentication & WIFI FreeBSD 6.2 20 10. squid2.5 F F F Proxy Server 10.0.0.1 transparent authen# cd /usr/ports/www/squid authen# make install F F กF F squid.conf F /usr/local/etc/squid/ authen# pico /usr/local/etc/squid/squid.conf F กF F # ก http_port 3128 icp_port 3130 cache_dir ufs /usr/local/squid/cache 3000 16 256 cache_access_log /usr/local/squid/logs/access.log cache_log /usr/local/squid/logs/cache.log cache_store_log /usr/local/squid/logs/store.log F F F acl our_networks src F 1888 F กF F ก ก F ip F F proxy F F ip chillispot ก F F F F acl our_networks src 10.0.0.0/24 http_access allow our_networks F F httpd_accel_port 80 F F F 2234 ก transparent httpd_accel_port 80 httpd_accel_host virtual httpd_accel_with_proxy on httpd_accel_uses_host_header on ก F ก Blockweb F FF acl CONNECT method CONNECT F F acl bsex url_regex "/usr/local/etc/squid/bsex.txt" // F F bsex.txt http_access deny bsex // F F F bsex.txt F Block deny_info http://www.google.co.th bsex // F F F F F ก Fก ก F adthen# pico /usr/local/etc/squid/bsex.txt F www.kroonis.org F
  • F F F Internet Authentication & WIFI FreeBSD 6.2 21 F F F www.miniclip.com http://www.sex.com http://www.xxx.com http://www.dekbaba.net http://www.dekbaba.com http://www.dekbaba.com/friend http://www.dekbaba.com/game.php http://www.herevcd.com game.* sex xxx http://www.goozaa.com http://www.9pic.net http://www.adultsex.com http://www.sexythailand.com ....... ...... chmod -R 775 /usr/local/squid/logs chmod -R 775 /usr/local/squid/cache /usr/local/sbin/squid -z // F squid F cache /usr/local/sbin/RunCache & // F squid F F F rc.local F pico /etc/rc.local F /usr/local/sbin/RunCache & ipfw add 1700 fwd 10.0.0.1 tcp from any to 10.0.0.0/24 80 ipfw add 1800 fwd 10.0.0.1,3128 tcp from 10.0.0.0/24 to any 80 ipfw add 100 fwd 10.0.0.1,3128 tcp from 10.0.0.0/24 to any 80 via rl0 ipfw add 4342 fwd 10.0.0.1,3128 tcp from 10.0.0.0/24 to any 80 F www.kroonis.org F
  • F F F Internet Authentication & WIFI FreeBSD 6.2 22 rl0 ก F ก( ก ก ) (10.0.0.1 ip gateway ip dhcp chillispot ก ก ) F ก F chillispot F F ก squid F F F F ก log squid F tail -f /usr/local/squid/logs/access.log F ก กF F squid.conf F squid -k reconfigure restart squid F F http://www.thaibsd.com/webboard/show.php?Category=thaibsd&No=15133 11. ก mrtg F F ก F F ก *** ก F **** ..... F กF F ก ก FกF ...... 12. syslog-ng F syslog-ng.conf F F log F F F F ก Update Document 17/10/2008 F www.kroonis.org F