• Like
Authen Free Bsd6 2
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

Authen Free Bsd6 2

  • 973 views
Published

 

Published in Self Improvement
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
973
On SlideShare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
14
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. F F F Internet Authentication & WIFI FreeBSD 6.2 1 F F F (Authen & WIFI) F FreeBSD 6.2 ก Authen & wifi for FreeBSD6.2 1. ก FreeBSD 6.2 F ก F F ก F 2. ก Compile Kernel F ก F Authen 3. FAMP mysql5.0 => Apache22 => php5 F ก F 4. config F Aapche22 F modssl F https:// 5. Freeradius 6. config radiusd F Fก F F F F radius 7. Chillispot 8. Config chilli F F กก radiusd 9. squid2.6 F F F Proxy Server 10.0.0.1 transparent 10. ก mrtg F F ก F F ก ก ก ก ThaiBSD F 11. ก syslog-ng F F F ก log files F F F F F ก F F Fก ก Fก 1. ก FreeBSD 6.2 F ก F F ก F 2. ก Compile Kernel F ก F Authen # cd /usr/src/sys/i386/conf # cp GENERIC AUTHEN // F AUTHEN F ก F # pico AUTHEN F F F F F www.kroonis.org F
  • 2. F F F Internet Authentication & WIFI FreeBSD 6.2 2 ident AUTHEN options IPFIREWALL options IPFIREWALL_FORWARD options IPFIREWALL_DEFAULT_TO_ACCEPT options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT=0 options IPDIVERT options ALTQ options ALTQ_CBQ options ALTQ_RED options ALTQ_RIO options ALTQ_HFSC options ALTQ_PRIQ options ALTQ_NOPCC device pf device pflog device pfsync ก Fก Ctrl + o F Enter ก กก กF ก Ctrl + x # config AUTHEN # cd ../compile/AUTHEN # make cleandepend;make depend;make;make install F กF compile kernel # pico /etc/rc.conf F F firewall_enable="YES" firewall_type="OPEN" firewall_quiet="YES" natd_enable="YES" natd_interface="rl0" // rl0 ก F ก F ก router ก F www.kroonis.org F
  • 3. F F F Internet Authentication & WIFI FreeBSD 6.2 3 natd_flags="-s -u -m" pf_enable="YES" pf_rules="/etc/pf.conf" pf_flags="" pflog_enable="YES" pflog_logfile="/var/log/pflog" pflog_flags="" 3. FAMP mysql5.0 => Apache22 => php5 F ก F ก F ก www.kroonis.org/index.php?name=freebsd 4. config F Aapche22 F modssl F https:// ก F ก F F www.kroonis.org/download/Authen/Aapche22_modssl.pdf 5. Freeradius F Freeradius F F whereis freeradius F F Freeradius F F /usr/ports/net/freeradius radiusd ก # cd /usr/ports/net/freeradius # make config F ก [ × ] MYSQL ก OK F กF freeradius1.1.2.1 F ก F F F F FreeBSD 6.2 ก F F ..... ก F F FF F www.kroonis.org F
  • 4. F F F Internet Authentication & WIFI FreeBSD 6.2 4 # cd /usr/local/etc/raddb // ก F radiusd F F authen# mv acct_users.sample acct_users authen# mv clients.conf.sample clients.conf authen# mv dictionary.sample dictionary authen# mv eap.conf.sample eap.conf authen# mv hints.sample hints authen# mv huntgroups.sample huntgroups authen# mv preproxy_users.sample preproxy_users authen# mv radiusd.conf.sample radiusd.conf authen# mv proxy.conf.sample proxy.conf authen# mv snmp.conf.sample snmp.conf authen# mv sql.conf.sample sql.conf authen# mv users.sample users ก key Freeradius authen# pico clients.conf secret = testing123 F testing123 F F FF F กF F ก F clients.conf secret = testing123 กF F /usr/local/etc/raddb/radius.conf authen# pico radius.conf F proxy_requests = yes proxy_requests = no F F log Fก Freeradius F authen# ls /var/log/ | grep radacct F www.kroonis.org F
  • 5. F F F Internet Authentication & WIFI FreeBSD 6.2 5 radacct F F F F F FF F F F F log authen# cd /var/log/ authen# touch radius.log radutmp radwtmp authen# chmod 700 /var/log/radacct authen# chmod 644 /var/log/radius.log authen# chmod 600 /var/log/radutmp authen# chmod 644 /var/log/radwtmp authen# pw adduser radiusd // F F F radiusd authen# chown radiusd:radiusd /var/log/radacct/ authen# chown radiusd:radiusd /var/log/radius.log authen# chown radiusd:radiusd /var/log/radutmp authen# chown radiusd:radiusd /var/log/radwtmp adduser F user1 F authen# adduser Username: user1 Full name: user1 Uid (Leave empty for default): Login group [user1]: Login group is user1. Invite user1 into other groups? []: Login class [default]: Shell (sh csh tcsh nologin) [sh]: Home directory [/home/user1]: Use password-based authentication? [yes]: Use an empty password? (yes/no) [no]: Use a random password? (yes/no) [no]: no Enter password: Enter password again: Lock out the account after creation? [no]: no Username : user1 F www.kroonis.org F
  • 6. F F F Internet Authentication & WIFI FreeBSD 6.2 6 Password : ***** Full Name : user1 Uid : 1005 Class : Groups : user1 Home : /home/user1 Shell : /bin/sh Locked : no OK? (yes/no): yes adduser: INFO: Successfully added (user1) to the user database. Add another user? (yes/no): no Goodbye! F radius F /usr/local/sbin/radiusd -x F ก Starting - reading configuration files ... Module: Loaded exec rlm_exec: Wait=yes but no output defined. Did you mean output=none? Module: Instantiated exec (exec) Module: Loaded expr Module: Instantiated expr (expr) Module: Loaded PAP Module: Instantiated pap (pap) Module: Loaded CHAP Module: Instantiated chap (chap) Module: Loaded MS-CHAP Module: Instantiated mschap (mschap) Module: Loaded System Module: Instantiated unix (unix) Module: Loaded eap rlm_eap: Loaded and initialized type md5 rlm_eap: Loaded and initialized type leap rlm_eap: Loaded and initialized type gtc F www.kroonis.org F
  • 7. F F F Internet Authentication & WIFI FreeBSD 6.2 7 rlm_eap: Loaded and initialized type mschapv2 Module: Instantiated eap (eap) Module: Loaded preprocess Module: Instantiated preprocess (preprocess) Module: Loaded realm Module: Instantiated realm (suffix) Module: Loaded files Module: Instantiated files (files) Module: Loaded Acct-Unique-Session-Id Module: Instantiated acct_unique (acct_unique) Module: Loaded detail Module: Instantiated detail (detail) Module: Loaded radutmp Module: Instantiated radutmp (radutmp) Initializing the thread pool... Listening on authentication *:1812 Listening on accounting *:1813 Ready to process requests. F FF ก F F F F F F /usr/local/sbin/radiusd F Sun Oct 12 20:48:43 2008 : Info: Starting - reading configuration files ... F Freeradius F ก user F F F console F ก F Login ก F authen# radtest user1 schooltlp localhost 0 testing123 F Sending Access-Request of id 28 to 127.0.0.1 port 1812 User-Name = "user1" // user1 F F User-Password = "schooltlp" // schooltlp F F user1 NAS-IP-Address = 255.255.255.255 NAS-Port = 0 rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=28, length=20 F www.kroonis.org F
  • 8. F F F Internet Authentication & WIFI FreeBSD 6.2 8 F F radius ก F F radius F F F radius F authen# mysql u root -p F root mysql ก Enter Mysql> create database radius; Mysql> grant all on radius.* to radius@localhost identified by F F ก ; Mysql> exit Dump F radius.sql F F radius ก dump sql F F phpMyAdmin dump sql F command line ก F F radius.sql F F /home/user1/ Fก SSH F config F F ก F ก F F ก SSH Secure Shell Client ก F VDO F F F www.npd.in.th/~manis F authen# cd /home/user1/ authen# mysql -u radius -p < radius.sql ก Enter F F F radius Fก F F ก F F ก ก F F Mysql ก F import F radius.sql F F radius F F ก F F sql F ก 10 M F F phpMyAdmin error F ก ก F F F 1. ก กF F www.kroonis.org/download/Authen/authen.rar 2. กF F admin/include/config.inc.php Fก F radius <?php # configuration for database $_config['database']['hostname'] = "localhost"; $_config['database']['username'] = "radius"; $_config['database']['password'] = " F F F radius"; $_config['database']['database'] = "radius"; ก F config.inc.php ก F F F authen F /usr/local/www/apache22/data F ก F F F hotspotlogin.php F hotspotlogin_popup.php F admin F ssh F user F authen ก ก F ก F F /home/authen ก ก ก F authen# cd /home/authen authen# cp -rf * /usr/local/www/apache22/data F www.kroonis.org F
  • 9. F F F Internet Authentication & WIFI FreeBSD 6.2 9 F FreeBSD6.2 F ก F ก F F F - www.domain.com/admin/ F F 1. ก Browser F F www.domain.com/admin/ 2. Login F F F Login : admin password : admin 3. F F F F (chalee) F VDO ก F F F F F ก F Bittorrent F F nis F 123456 ก F F F ก F radius.sql F F F F ก F www.kroonis.org/radius.sql F F F F F Command Line ก F authen# mysql u root -p radius < /usr/local/share/doc/freeradius/examploes/mysql.sql Enter password : F F F F F radius authen# mysql u root p rootmysql mysql> create database radius; mysql> grant all privileges on radius.* to root@localhost identified by ' rootmysql'; mysql> use radius; F F insert into radcheck(Username,Attribute,Value) VALUES('chillitest', 'Password', 'chilli123'); insert into usergroup(Username,GroupName,Priority) VALUES('chillitest', 'dynamic', 1); insert into radgroupcheck(GroupName,Attribute,Value) VALUES('dynamic', 'Auth- Type', 'Local'); insert into radreply(UserName, Attribute, Value) VALUES('chillitest', 'Class', '0702345678'); insert into radgroupreply(GroupName, Attribute, Value) VALUES('dynamic', 'Session- Timeout', '3600'); insert into radgroupreply(GroupName, Attribute, Value) VALUES('dynamic', 'Idle- Timeout', '600'); insert into radgroupreply(GroupName, Attribute, Value) VALUES('dynamic', 'Acct- Interim-Interval', '60'); insert into radgroupreply(GroupName, Attribute, Value) VALUES('dynamic', 'WISPr- Redirection-URL', 'http://www.google.co.th'); F www.kroonis.org F
  • 10. F F F Internet Authentication & WIFI FreeBSD 6.2 10 insert into radgroupreply(GroupName, Attribute, Value) VALUES('dynamic', 'WISPr- Bandwidth-Max-Up', '128000'); insert into radgroupreply(GroupName, Attribute, Value) VALUES('dynamic', 'WISPr- Bandwidth-Max-Down', '512000'); F F ก F F . F F CREATE TABLE account ( username varchar(50) NOT NULL default '', `password` varchar(255) NOT NULL default '', firstname varchar(200) NOT NULL default '', lastname varchar(200) NOT NULL default '', mailaddr varchar(200) NOT NULL default '', dateregis datetime NOT NULL default '0000-00-00 00:00:00', encryption varchar(50) NOT NULL, `status` int(11) NOT NULL default '0' ) ENGINE=MyISAM DEFAULT CHARSET=utf8; CREATE TABLE administrator ( username varchar(50) NOT NULL default '', `password` varchar(200) NOT NULL default '', `name` varchar(200) NOT NULL default '', lastlogin datetime NOT NULL default '0000-00-00 00:00:00' ) ENGINE=MyISAM DEFAULT CHARSET=utf8; INSERT INTO administrator VALUES ('admin', ' 21232f297a57a5a743894a0e4a801fc3', 'admin', '2008-10-17 00:26:21'); CREATE TABLE configuration ( variable varchar(200) NOT NULL default '', `value` varchar(200) NOT NULL default '' ) ENGINE=MyISAM DEFAULT CHARSET=utf8; INSERT INTO configuration VALUES ('default_regis_status', '0'); F www.kroonis.org F
  • 11. F F F Internet Authentication & WIFI FreeBSD 6.2 11 INSERT INTO configuration VALUES ('multi_encryption', '0'); INSERT INTO configuration VALUES ('redirect', 'http://www.google.co.th'); CREATE TABLE genuser ( userprefix varchar(50) NOT NULL, userlastno int(11) NOT NULL ) ENGINE=MyISAM DEFAULT CHARSET=utf8; CREATE TABLE groups ( gid int(11) NOT NULL auto_increment, gname varchar(100) NOT NULL default '', gdesc varchar(200) NOT NULL default '', gupload int(11) NOT NULL default '0', gdownload int(11) NOT NULL default '0', gexpire date NOT NULL default '0000-00-00', glimited int(11) NOT NULL default '0', gstatus int(11) NOT NULL default '0', PRIMARY KEY (gid) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=34 ; CREATE TABLE interface ( variable varchar(200) NOT NULL, `value` text NOT NULL ) ENGINE=MyISAM DEFAULT CHARSET=utf8; F dump sql F phpMyAdmin F www.kroonis.org/radius.sql 6. config radiusd F Fก F F F F radius authen# pico /usr/local/etc/raddb/sql.conf # Connect info server = "localhost" login = "root" // F F ก radius password = "rootmysql" // F F F F radius F www.kroonis.org F
  • 12. F F F Internet Authentication & WIFI FreeBSD 6.2 12 F sql_user_name ก Ctrl+w ก F F sql_user_name ก Enter F ก F # ก #sql_user_name = "%{Stripped-User-Name:-%{User-Name:-DEFAULT}}" กF sql_user_name = "%{Stripped-User-Name:-%{User-Name:-DEFAULT}}" F # F sql_username sql_user_name = "%{User-Name}" กF #sql_user_name = "%{User-Name}" # ก F simul_count_query simul_count_query = "SELECT COUNT(*) FROM ${acct_table1} WHERE UserName='%{SQL-User-Name}' AND AcctStopTime = 0" ก กF ก F F F ก F sql.conf authen# pico /usr/local/etc/raddb/radiusd.conf F See "Authorization Queries" in sql.conf F # ก F sql # See "Authorization Queries" in sql.conf sql F against /etc/passwd! F F # F unix # against /etc/passwd! See the FAQ for details. # unix F 'acct_users' F F # F files # Read the 'acct_users' file # files F See "Accounting queries" F # ก F sql # Accounting queries # sql F Simultaneous Use Checking Querie F # ก F sql # See "Simultaneous Use Checking Querie" in sql.conf sql run radius ก F /usr/local/sbin/radiusd -x F ก ก F Starting - reading configuration files ... F www.kroonis.org F
  • 13. F F F Internet Authentication & WIFI FreeBSD 6.2 13 Module: Loaded exec rlm_exec: Wait=yes but no output defined. Did you mean output=none? Module: Instantiated exec (exec) Module: Loaded expr Module: Instantiated expr (expr) Module: Loaded PAP Module: Instantiated pap (pap) Module: Loaded CHAP Module: Instantiated chap (chap) Module: Loaded MS-CHAP Module: Instantiated mschap (mschap) Module: Loaded eap rlm_eap: Loaded and initialized type md5 rlm_eap: Loaded and initialized type leap rlm_eap: Loaded and initialized type gtc rlm_eap: Loaded and initialized type mschapv2 Module: Instantiated eap (eap) Module: Loaded preprocess Module: Instantiated preprocess (preprocess) Module: Loaded realm Module: Instantiated realm (suffix) Module: Loaded files Module: Instantiated files (files) Module: Loaded SQL rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked rlm_sql (sql): Attempting to connect to radius@localhost:/radius rlm_sql (sql): starting 0 rlm_sql (sql): Attempting to connect rlm_sql_mysql #0 rlm_sql_mysql: Starting connect to MySQL server for #0 rlm_sql (sql): Connected new DB handle, #0 rlm_sql (sql): starting 1 rlm_sql (sql): Attempting to connect rlm_sql_mysql #1 F www.kroonis.org F
  • 14. F F F Internet Authentication & WIFI FreeBSD 6.2 14 rlm_sql_mysql: Starting connect to MySQL server for #1 rlm_sql (sql): Connected new DB handle, #1 rlm_sql (sql): starting 2 rlm_sql (sql): Attempting to connect rlm_sql_mysql #2 rlm_sql_mysql: Starting connect to MySQL server for #2 rlm_sql (sql): Connected new DB handle, #2 rlm_sql (sql): starting 3 rlm_sql (sql): Attempting to connect rlm_sql_mysql #3 rlm_sql_mysql: Starting connect to MySQL server for #3 rlm_sql (sql): Connected new DB handle, #3 rlm_sql (sql): starting 4 rlm_sql (sql): Attempting to connect rlm_sql_mysql #4 rlm_sql_mysql: Starting connect to MySQL server for #4 rlm_sql (sql): Connected new DB handle, #4 Module: Instantiated sql (sql) Module: Loaded Acct-Unique-Session-Id Module: Instantiated acct_unique (acct_unique) Module: Loaded detail Module: Instantiated detail (detail) Module: Loaded System Module: Instantiated unix (unix) Module: Loaded radutmp Module: Instantiated radutmp (radutmp) Initializing the thread pool... Listening on authentication *:1812 Listening on accounting *:1813 Ready to process requests. ก F radius ก mysql F F console Fก F Login ก F su root F authen# radtest F F F localhost 1812 secretkey F F F www.kroonis.org F
  • 15. F F F Internet Authentication & WIFI FreeBSD 6.2 15 authen# radtest chillitest chilli123 localhost 1812 testing123 F F Sending Access-Request of id 90 to 127.0.0.1 port 1812 User-Name = "chillitest" User-Password = "chilli123" NAS-IP-Address = 255.255.255.255 NAS-Port = 0 rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=90, length=50 Service-Type = Login-User WISPr-Bandwidth-Max-Down = 33554432 WISPr-Bandwidth-Max-Up = 33554432 F F radiusd ก boot F authen# echo 'radiusd_enable="YES"' >> /etc/rc.conf 7. Chillispot ก F F F Login กF ก (Hotspot) whereis chillispot F F chiilispot F ก chillispot F ports F F /usr/ports/net-mgmt/chillispot authen# cd /usr/ports/net-mgmt/chillispot authen# make config F ก [×] MATURE ก [×] FREE × × ก OK F กF ก Chillispot F F Server ก F F www.kroonis.org F
  • 16. F F F Internet Authentication & WIFI FreeBSD 6.2 16 8. Config chilli F F กก radiusd authen# cd /usr/local/share/chillispot/ authen# cp chilli.conf.sample /etc/chilli.conf authen# cp dictionary.chillispot /usr/local/etc/raddb/ authen# cp freeradius.users /usr/local/etc/raddb/ authen# cp pf.conf.sample /etc/pf.conf authen# pico /etc/chilli.conf F กF F F TUN F กF net 10.0.0.0/24 F dns1 dns2 กF dns F F dns1 203.146.15.9 F radiusserver1 กF radiusserver1 127.0.0.1 F radiusserver2 กF radiusserver2 127.0.0.1 F radiussecret กF radiussecret key F ก F clients.conf F dhcpif eth1 กF dhcpif rl1 ก F 2( ) F uamserver กF uamserver https://10.0.0.1/hotspotlogin.php F uamhomepage กF uamhomepage http://10.0.0.1/welcome.html F uamsecret F # ก uamsecret ht2eb8ej6s4et3rg1ulp F uamlisten กF uamlisten 10.0.0.1 กF F F F F F ก F F F ก F chilli.conf F ก F กF F F F F ก secret key testing123 F chilli.conf F F F F http://www.kroonis.org/download/Authen/chilli.conf F chillispot F /usr/local/sbin/chilli & F F welcome.html authen# pico /usr/local/www/apache22/data/welcome.html F F html F www.kroonis.org F
  • 17. F F F Internet Authentication & WIFI FreeBSD 6.2 17 <html> <head> <title>Welcome to Our Hotspot, Wireless Network.</title> </head> <body> <center> <H1><font color="red">TESTING ONLY</font></H1> <img src="chillispot.png"> <H3><font color="blue">Welcome to Our Hotspot, Wireless Network.</font></H3> <p>You are connected to an authentication and restricted network access point. <H3><a href="http://10.0.0.1:3990/prelogin">Click here to login</a></H3> <p> <p>Enjoy. </center> </body> </html> กF F /usr/local/etc/raddb/dictionary authen# pico /usr/local/etc/raddb/dictionary F $INCLUDE /usr/local/share/freeradius/dictionary F กF F $INCLUDE /usr/local/etc/raddb/dictionary.chillispot F F /etc/rc.local authen# pico /etc/rc.local /usr/local/sbin/chilli & ipfw add pass tcp from any to any 3990 via setup F ก F /etc/rc.local F F /etc/services authen# pico /etc/services F 3986/udp F F2 F F www.kroonis.org F
  • 18. F F F Internet Authentication & WIFI FreeBSD 6.2 18 bv-is 3990/tcp #BindView-IS bv-is 3990/udp #BindView-IS F F ก F F Server F ก F F ก Hotspot & WIFI F ( F ก F ก F F F ก F ก ก F ก F ก ก F F F ก Authentication F F F ก ThaiFreeBSD F Fก F ก ก F ก F F F F Fก F Atomy ก F F ก FreeBSD F F F F shutdown -r now F ก F FreeBSD6.2 Boot F login F root FF ก Process F authen# top F ก ก F F 835 root 1 96 0 1532K 892K select 1:34 0.00% natd 2291 root 1 96 0 7172K 6732K select 1:31 0.00% chilli 1065 mysql 10 20 0 61780K 27688K kserel 0:33 0.00% mysqld 963 root 1 8 0 18896K 11732K nanslp 0:05 0.00% httpd 467 _pflogd 1 -58 0 1624K 1048K bpf 0:03 0.00% pflogd 907 root 3 20 0 6792K 3648K kserel 0:00 0.00% radiusd 462 root 1 4 0 1560K 996K sbwait 0:00 0.00% pflogd F ก F 2 (rl1) F 10.0.0.1 authen# ifconfig F F rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 options=8<VLAN_MTU> inet 203.172.188.140 netmask 0xfffffff8 broadcast 203.172.188.146 ether 00:02:44:b8:7d:38 media: Ethernet autoselect (100baseTX <full-duplex>) status: active F www.kroonis.org F
  • 19. F F F Internet Authentication & WIFI FreeBSD 6.2 19 rl1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 inet 0.0.0.0 netmask 0xff000000 broadcast 0.255.255.255 ether 00:16:ec:8d:66:b5 media: Ethernet autoselect (none) status: no carrier plip0: flags=108810<POINTOPOINT,SIMPLEX,MULTICAST,NEEDSGIANT> mtu 1500 lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4 inet6 ::1 prefixlen 128 inet 127.0.0.1 netmask 0xff000000 pfsync0: flags=0<> mtu 2020 syncpeer: 224.0.0.240 maxupd: 128 pflog0: flags=141<UP,RUNNING,PROMISC> mtu 33208 tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500 inet 10.0.0.1 --> 10.0.0.1 netmask 0xffffff00 Opened by PID 982 F Fก ก F 2 F F ก F F ก Swicth Hub F ก F F ก 10.0.0.0 ก F 10.0.0.2 ก ก class C F ก F ก F www.google.co.th F welcome.html FF F F F Login กF F ก (Hotspot) F www.kroonis.org F
  • 20. F F F Internet Authentication & WIFI FreeBSD 6.2 20 10. squid2.5 F F F Proxy Server 10.0.0.1 transparent authen# cd /usr/ports/www/squid authen# make install F F กF F squid.conf F /usr/local/etc/squid/ authen# pico /usr/local/etc/squid/squid.conf F กF F # ก http_port 3128 icp_port 3130 cache_dir ufs /usr/local/squid/cache 3000 16 256 cache_access_log /usr/local/squid/logs/access.log cache_log /usr/local/squid/logs/cache.log cache_store_log /usr/local/squid/logs/store.log F F F acl our_networks src F 1888 F กF F ก ก F ip F F proxy F F ip chillispot ก F F F F acl our_networks src 10.0.0.0/24 http_access allow our_networks F F httpd_accel_port 80 F F F 2234 ก transparent httpd_accel_port 80 httpd_accel_host virtual httpd_accel_with_proxy on httpd_accel_uses_host_header on ก F ก Blockweb F FF acl CONNECT method CONNECT F F acl bsex url_regex "/usr/local/etc/squid/bsex.txt" // F F bsex.txt http_access deny bsex // F F F bsex.txt F Block deny_info http://www.google.co.th bsex // F F F F F ก Fก ก F adthen# pico /usr/local/etc/squid/bsex.txt F www.kroonis.org F
  • 21. F F F Internet Authentication & WIFI FreeBSD 6.2 21 F F F www.miniclip.com http://www.sex.com http://www.xxx.com http://www.dekbaba.net http://www.dekbaba.com http://www.dekbaba.com/friend http://www.dekbaba.com/game.php http://www.herevcd.com game.* sex xxx http://www.goozaa.com http://www.9pic.net http://www.adultsex.com http://www.sexythailand.com ....... ...... chmod -R 775 /usr/local/squid/logs chmod -R 775 /usr/local/squid/cache /usr/local/sbin/squid -z // F squid F cache /usr/local/sbin/RunCache & // F squid F F F rc.local F pico /etc/rc.local F /usr/local/sbin/RunCache & ipfw add 1700 fwd 10.0.0.1 tcp from any to 10.0.0.0/24 80 ipfw add 1800 fwd 10.0.0.1,3128 tcp from 10.0.0.0/24 to any 80 ipfw add 100 fwd 10.0.0.1,3128 tcp from 10.0.0.0/24 to any 80 via rl0 ipfw add 4342 fwd 10.0.0.1,3128 tcp from 10.0.0.0/24 to any 80 F www.kroonis.org F
  • 22. F F F Internet Authentication & WIFI FreeBSD 6.2 22 rl0 ก F ก( ก ก ) (10.0.0.1 ip gateway ip dhcp chillispot ก ก ) F ก F chillispot F F ก squid F F F F ก log squid F tail -f /usr/local/squid/logs/access.log F ก กF F squid.conf F squid -k reconfigure restart squid F F http://www.thaibsd.com/webboard/show.php?Category=thaibsd&No=15133 11. ก mrtg F F ก F F ก *** ก F **** ..... F กF F ก ก FกF ...... 12. syslog-ng F syslog-ng.conf F F log F F F F ก Update Document 17/10/2008 F www.kroonis.org F