|
eth0:202.113.189.71
eth1:192.168.0.1
redhat7.3+squid2.4
squid.conf的内容:
http_port 8080
cache_mem 32 MB
cache_swap_low 90
cache_swap_high 95
maximum_object_size 4096 KB
cache_dir ufs /usr/local/squid/cache 1200 16 256
cache_access_log /usr/local/squid/logs/access.log
cache_log /usr/local/squid/logs/cache.log
dns_nameservers 202.113.16.10
unlinkd_program /usr/local/squid/bin/unlinkd
acl all src 0.0.0.0/0.0.0.0
http_access allow all
cache_effectiv_user nobody
cache_effective_group nobody
visible_hostname proxy
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
/etc/sysconfig/ipchains文件的设置:
-A input -i lo -j ACCEPT
-A input -p tcp -s 192.168.0.0/24 -d 0.0.0.0/0 80 -i eth1 -j REDIRECT 8080
-A input -s ! 192.168.0.0/24 -d 0.0.0.0/0 -i eth1 -j DENY
-A forward -s 192.168.0.0/24 -d 0.0.0.0/0.0.0.0 -i eth0 -j MASQ
现在的问题是,客户端可以用ip访问其他网络,但是不能用域名访问,还有我想开放ftp端口,应该怎么做??
谢谢!!! |
|